Some regular content here.
Some regular content here.
}}}
An extraneous line break now becomes four line breaks.
This becomes quite confusing for editors as when they look at the post the extra returns are not apparent yet inserted when the page is actually posted.
I'm thinking that resolving this issue might also resolve many other cases of wpautop gone rogue.
My suggestion would be that wpautop be changed so that:
1. If there is a code comment with a hard return before and after the comment, it does not automatically add wpautop. (one can argue that this is behaving as expected, but I doubt many are thinking when they add a code comment that it will add a nice line break for them...and in any case, this can be much more obviously/easily remedied by inserting a .
If I place the shortcode before the first paragraph after a subheading, the inserted increases the visual space between the subheading and the paragraph. But if I place the shortcode before the second paragraph, the extra
doesn't affect the visual spacing between paragraphs.
I can work around the inconsistency by changing wpautop's priority. But that scrambles other things on the web site.
{{{
remove_filter( 'the_content', 'wpautop' );
add_filter('the_content', 'wpautop', 12);
add_shortcode('hd_product', 'display_product');
function display_product($args){
extract(shortcode_atts(array(
'id' => null,
'cat' => null,
'tag' => null,
'orderby' => 'rand',
'limit' => 1,
), $args));
$product = wc_get_product( $id );
$image = $product->get_image($size = 'product-slider', [""class"" => ""product-callout-image"",""alt""=>""mp3 for sale""] );
$term = get_term_by( 'id', $product->category_ids[0], 'product_cat' );
$output = '';
$output .= '' . $image ;
$output .= '' . $term->name . ' ' . '$' . $product->price . ' ';
$output .= ' ';
return $output;
}
}}}
" mesmer7 5.3.2
Defects Awaiting Review 40676 wpautop adds opening & closing p tags around the opening a tag and around the closing a tag when the link contains certain flow content elements like div, h1, h2... Formatting normal defect (bug) new 2017-05-05T10:55:47Z 2017-07-21T11:02:23Z "Hi,
== Description ==
wpautop leaves {{{}}} (opening tag of the link) in between {{{
}}} tags and {{{ }}} (closing tag of the link) in between {{{
}}} tags when the link contains certain flow content elements like div, h1, h2...
== Example 1 ==
If I add this to the HTML editor:
{{{
DIV inside link
}}}
The output source code is:
{{{
DIV inside link
}}}
----
== Example 2 ==
If I add this to the HTML editor:
{{{
H1 inside link
}}}
The output source code is:
{{{
H1 inside link
}}}
----
== Note 1 ==
I would like to point out that html '''''flow content'' elements such as {{{
EOT;
echo wpautop($pee);
}}}
This is the output:
{{{
This is a paragraph.
This is another paragraph.
}}}
As you can see, the first paragraph lacks an opening .
" TBarregren 4.5.3 has-patch
Defects Awaiting Review 56892 wp_xx_categories() doesn't pad counts correctly when a sub-category exists Taxonomy normal defect (bug) new 2022-10-23T10:15:34Z 2022-10-23T12:12:54Z "I fond this issue while researching gutenberg [#37319](https://github.com/WordPress/gutenberg/issues/37319).
If I set the `hierarchical` and `show_count` of `wp_list_categories` or `wp_dropdown_categories` to `true`, the counts for some categories aren't displayed correctly when there are posts that have grandchild categories.
Example:
----
{{{
wp_list_categories( array( 'show_count' => true, 'hierarchical' => true ) );
}}}
* Parent (4)
* Child 1 (3)
* Grandchild 1 (1)
* Child 2 (1)
----
{{{
wp_list_categories( array( 'show_count' => true, 'hierarchical' => false ) );
}}}
* Child 1 (2)
* Child 2 (1)
* Grandchild 1 (1)
----
""Child 1"" category counts are different, but the second data (`hierarchical` is `false`) is correct in my test data.
For some reason, I think the number of grandchild categories is counted as well.
This problem is the same when I output with `wp_dropdown_categories`." wildworks
Defects Awaiting Review 60178 wp_video_shortcode() outputs invalid HTML Media normal defect (bug) new 2024-01-02T22:09:17Z 2024-02-15T07:25:42Z "Did an audit of a website and found several invalid HTML for video tags that were output with `wp_video_shortcode()`. The errors:
* Bad value `1` for attribute `loop` on element `video`
* Bad value `1` for attribute `autoplay` on element `video`
* Bad value `1` for attribute `muted` on element `video`
Based on documentation from Mozilla, all 3 are boolean attributes. Here is an example of function usage that produced the HTML validation errors:
{{{#!php
wp_get_attachment_url(9999),
'class' => 'my-custom-video',
'poster' => '',
'loop' => 'true',
'autoplay' => 'true',
'muted' => 'true',
'height' => 1080,
'width' => 1920
] );
}}}
This part in `wp_video_shortcode()` is the culprit:
{{{#!php
$v ) {
$attr_strings[] = $k . '=""' . esc_attr( $v ) . '""';
}
}}}
Currently, we are using the filter to clean up these attributes like this:
{{{#!php
string 'http' (length=4)
'host' => string 'localhost' (length=9)
'port' => int 3002
'path' => string '/project/xactly-com/insights/' (length=29)
}}}
where
{{{
$wpp = parse_url(home_url());
}}}
equals
{{{
array (size=2)
'scheme' => string 'http' (length=4)
'host' => string 'localhost:3002' (length=23)
}}}
will result in
{{{
if (isset($lp['host']) && (!in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host']))) {
}}}
failing
The server is running on a local proxy." raptor235 4.5.3 reporter-feedback
Defects Awaiting Review 56025 wp_validate_boolean() not doing what it describes, causes issues with [video] shortcode General normal defect (bug) new 2022-06-21T08:51:00Z 2022-06-22T13:52:45Z "
== The function in question:
{{{
/**
* Filter/validate a variable as a boolean.
*
* Alternative to `filter_var( $var, FILTER_VALIDATE_BOOLEAN )`.
*
* @since 4.0.0
*
* @param mixed $var Boolean value to validate.
* @return bool Whether the value is validated.
*/
function wp_validate_boolean( $var ) {
if ( is_bool( $var ) ) {
return $var;
}
if ( is_string( $var ) && 'false' === strtolower( $var ) ) {
return false;
}
return (bool) $var;
}
}}}
== Steps to recreate the issue:
Add the following shortcodes to a page:
{{{
[video src=""YOUR-SOURCE-HERE""]
[video src=""YOUR-SOURCE-HERE"" loop=""off""]
[video src=""YOUR-SOURCE-HERE"" loop=""0""]
[video src=""YOUR-SOURCE-HERE"" loop=""false""]
}}}
- The first shortcode works as intended, rendering a video on the frontend without the loop attribute.
- The second shortcode's element will have the attribute {{{loop=""1""}}} despite the loop attribute being set to off.
- The third and fourth shortcode's elements will **not** have the loop attribute set.
== Description:
wp_validate_boolean() says it 's an alternative to {{{ filter_var( $var, FILTER_VALIDATE_BOOLEAN ) }}}, however
{{{filter_var( $var, FILTER_VALIDATE_BOOLEAN )}}} will return **FALSE** when you pass the string ""off"" whereas {{{wp_validate_boolean()}}} will return **TRUE** in this case.
(See this for the documentation for filter_validate_boolean: [https://www.w3schools.com/php/filter_validate_boolean.asp]).
Currently, {{{wp_validate_boolean()}}} only returns **FALSE** if the $var is a string and if it is === ""false"", or if the $var passed is the int 0.
This causes unexpected behaviour in the [video] shortcode. The documentation of the video shortcode ([https://wordpress.org/support/article/video-shortcode/]) mentions that the loop attribute needs to be either ""on""/""off"". Because they are strings {{{wp_validate_boolean()}}} will return **TRUE**, causing the loop attribute to always be added with a value of ""1"" unless you change the value of the attribute to be specifically the string ""false"", the int 0, or leave it completely empty.
The parsing of the attributes of the [video] shortcode happens here: ([https://github.com/WordPress/wordpress-develop/blob/6.0/src/wp-includes/media.php#L3322-L3344]).
As you can see on line 3340 it uses {{{wp_validate_boolean()}}} to get filter value of the loop attribute. Passing ""off"" here returns true, causing the loop attribute to always be added to the eventual HTML output later down the line with a value of ""1"".
== Potential fix:
- Change the working of {{{wp_validate_boolean()}}} to do as it says in its description. Make it smarter, and thus also return **FALSE** when the strings ""off"",""OFF"",""no"",""NO"", etc. are passed just like {{{filter_var( $var, FILTER_VALIDATE_BOOLEAN )}}} does (See this documentation link: [https://www.php.net/manual/en/function.filter-var.php#121263]).
- Change how the parsing of attributes happens in the [video] shortcode so that it also works as the documentation says: not adding certain attributes when they are set to ""off"". However there may be other instances where {{{wp_validate_boolean()}}} is used that I'm currently not aware of, so this would be more like a band-aid fix and similar issues may arise in the future.
" arnodeleeuw 6.0 dev-feedback
Enhancements Awaiting Review 37976 wp_users deleted but warning does not appear. Users normal enhancement new 2016-09-07T21:19:43Z 2019-04-05T19:06:38Z "Hi,
Shortly before for to try I deleted wp_users but warning does not appear.
Wp-admin entered new user create form or warning appear needed.
Thanks" truser 4.7
Defects Awaiting Review 57000 wp_usermeta table is emptied because of a wrong query being executed Database normal defect (bug) new 2022-11-04T12:49:28Z 2022-11-04T12:49:28Z "On one website we encounter a very strange error. This SQL query is executed by the `delete_meta` function:
{{{
DELETE FROM wp_usermeta WHERE umeta_id IN( umeta_id,user_id,meta_key,meta_value )
}}}
This query empties the wp_usermeta table completely. We have tried to reproduce the error in a local development environment, but it is very hard to do so.
In the `delete_meta` function the `\wpdb::check_safe_collation` and `\wpdb::get_table_charset` methods are called, in which the query `SHOW FULL COLUMNS FROM wp_usermeta` is executed.
Apparently, in some occasions the next query fails, but the `\wpdb::$last_result` is not flushed, which then still contains the result of the `SHOW FULL COLUMNS FROM wp_usermeta` query (the column names).
The result is returned to the `$meta_ids` variable in the `delete_metadata` and is then used in the delete query.
The back trace of the function call is: shutdown_action_hook, do_action('shutdown'), WP_Hook->do_action, WP_Hook->apply_filters, ITSEC_Lib_User_Activity->update_last_seen, delete_user_meta, delete_meta
I am reporting the issue here because I believe it is not related to the iThemes Security plugin but to WordPress itself.
The only possible reason this happens I can think of, it that `\wpdb::$ready` is false, because in that case `\wpdb::query` returns false without flushing the last result:
{{{
public function query( $query ) {
if ( ! $this->ready ) {
$this->check_current_query = true;
return false;
}
// ...
}
}}}" jannesmannes 6.0.3
Defects Awaiting Review 49982 "WP_User_Query returns duplicates if a user has multiple meta keys of the same name, unless ""relation = OR"" is included which adds DISTINCT" Users minor defect (bug) new 2020-04-23T09:27:51Z 2020-04-23T09:27:51Z "Hi,
I ran into a bug that seems to be reproducible in core WP. It is possible that WP_User_Query returns duplicate results of users when they have multiple rows of matching metadata. I have a reproducible example.
Have a user with the following metadata. And yes, this is silly duplicate metadata to begin with but the same would go for matching multiple conditions with add_user_meta() in realistic usage.
user_id | meta_key | meta_value
1 | program_tdw | Yes
1 | program_tdw | Yes
1 | program_tdw_status | certified
1 | program_tdw_status | certified
Use the following very basic meta query to get the users:
{{{#!php
array(
'relation' => 'AND',
// Must have TDW program enabled, and TDW Status of Certified
array(
'key' => 'program_tdw',
'value' => 'Yes',
),
array(
'key' => 'program_tdw_status',
'value' => 'certified',
),
),
);
$users = new WP_User_Query( $query_args );
}}}
Your results will include User ID 1 two times, or potentially more times depending on how many specific meta key matches they have.
An obvious fix is to use ""DISTINCT"" on the user id column that is returned, but there is no equivalent ""posts_distinct"" filter for WP_User_Query. There is currently a working hack to specify any ""relation => OR"" in the meta query.
With that in mind my fix is to do this just before the last line:
{{{#!php
'OR', $query_args['meta_query'] );
}}}
Here is a related Stack Overflow question about the same topic from a few years ago: https://wordpress.stackexchange.com/questions/220307/user-appears-twice-in-a-wp-user-query
It is probably minor but may have unexpected effects, like in my situation it was sending emails to some users twice. Imagine how difficult that was to debug the cause :(" radgh 5.4
Enhancements Awaiting Review 21744 WP_User_Query does not support post type Users normal enhancement reopened 2012-08-31T00:13:59Z 2019-03-27T11:40:11Z "unfortunately WP_User_Query only support 'post' right now.
i've attached my modified user.php" AliMH 3.4.1 has-patch
Defects Awaiting Review 54310 WP_User_Query does not return results in the same format if fields set to all_with_meta and doesn't return any metadata Users normal defect (bug) new 2021-10-22T17:54:26Z 2021-10-25T23:32:25Z "Digging into WP_User_Query if you set the fields to all_with_meta it returns an array index by the user_ID veers a keyed list for all other results
this is the
{{{
if ( 'all_with_meta' === $qv['fields'] ) {
cache_users( $this->results );
$r = array();
foreach ( $this->results as $userid ) {
$r[ $userid ] = new WP_User( $userid, '', $qv['blog_id'] );
}
$this->results = $r;
} elseif ( 'all' === $qv['fields'] ) {
foreach ( $this->results as $key => $user ) {
$this->results[ $key ] = new WP_User( $user, '', $qv['blog_id'] );
}
}
}}}
I feel we should return the same shape array for both so propose to set the all to array index to the User_ID's
with a change like this
{{{
if ( 'all_with_meta' === $qv['fields'] ) {
cache_users( $this->results );
$r = array();
foreach ( $this->results as $userid ) {
$r[ $userid ] = new WP_User( $userid, '', $qv['blog_id'] );
}
$this->results = $r;
} elseif ( 'all' === $qv['fields'] ) {
foreach ( $this->results as $user ) {
$this->results[ $user->ID ] = new WP_User( $user, '', $qv['blog_id'] );
}
}
}}}
And better still it doesn't return the meta values !!!
So let's add this as well
{{{
if ( 'all_with_meta' === $qv['fields'] ) {
cache_users( $this->results );
$r = array();
foreach ( $this->results as $userid ) {
$r[ $userid ] = new WP_User( $userid, '', $qv['blog_id'] );
$r[ $userid ]->meta = get_user_meta( $userid );
}
$this->results = $r;
} elseif ( 'all' === $qv['fields'] ) {
foreach ( $this->results as $key => $user ) {
$this->results[ $key ] = new WP_User( $user, '', $qv['blog_id'] );
}
}
}}}
" pbearne needs-unit-tests
Defects Awaiting Review 41837 WP_User_Query can generate negative offset in the LIMIT clause Users normal defect (bug) new 2017-09-08T18:08:30Z 2017-09-08T18:51:27Z "The {{{paged}}} argument in {{{WP_User_Query}}} was introduced in #34531
There's a problem with the {{{paged}}} as 0 case.
There's a similar ticket for {{{WP_Comment_Query}}}: #41826
'''Example:
'''
When {{{paged}}} is 0 and number is 2, {{{WP_User_Query}}} generates the LIMIT clause:
{{{
LIMIT -2, 2
}}}
instead of
{{{
LIMIT 0, 2
}}}
According to the MySQL documentation, the offset in the LIMIT clause shouldn't be negative:
https://dev.mysql.com/doc/refman/5.7/en/select.html
I think we should handle it in the same way as in {{{WP_Query}}}, where the 0 case is the same as 1." birgire 4.4 has-patch
Defects Awaiting Review 43391 WP_User_Query bug Query normal defect (bug) new 2018-02-23T09:47:47Z 2018-03-03T08:44:40Z "I've got an issue when doing a query with WP_User_Query and trying to list from a specific role AND using 'orderby' => 'post_count'. The query simply fails to list the correct results.
Here are the query arguments:
{{{#!php
array( 'ID', 'user_login', 'display_name' ),
'role' => 'expert',
'number' => $numPosts,
'offset' => $page > 1 ? $numPosts : 0,
'order' => 'DESC',
'orderby' => 'post_count'
);
}}}
If I remove the 'role' argument from the query it works, but with the 'role' included it doesn't.
" zkingdesign 4.9.4
Defects Awaiting Review 45879 WP_User::set_role() does not remove previous roles Role/Capability normal defect (bug) new 2019-01-09T14:28:45Z 2019-01-09T14:39:00Z "If a user has a role that has been removed from WordPress by using remove_role() this role is not removed when using WP_User::set_role() on the user.
Example:
remove_role('subscriber') has been used on the install removing the subscriber role from available roles.
A new user is created with wp_create_user()
The new user is automatically assigned the role subscriber (which does not exist)
The new users role is set using WP_User::set_role()
In the database, the usermeta row with capabilities for the new user still contains the subscriber role and the new role is given an index of 1 instead of 0 in the $user->roles array.
Expected result:
WP_User::set_role() should effectively remove all previous roles from the user even if they have been removed from WordPress with remove_role().
" fried_eggz
Defects Awaiting Review 53199 WP_User::add_role() runs even if the added role is already set Users normal defect (bug) new 2021-05-13T11:27:05Z 2021-05-13T15:46:07Z "When adding a role using `WP_User::add_role()` the function is run even though the role is already set for the given user. Hence, the also action `add_user_role` is fired when it should not.
This behavior is different from `WP_User::remove_role()` that exits the function if the role is not currently set, and hence the action `remove_user_role` does not fire - as one would expect.
An easy fix would be to add `in_array( $role, $this->roles, true )` to the test in [[https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-user.php#L540|class-wp-user.php on Line 540]] resulting in the following:
{{{
if ( empty( $role ) || in_array( $role, $this->roles, true ) ) {
}}}
Not sure if there are any backward-compatibility issues with this solution, as the action would not be called anymore in situations where previously it was called. A solution could be to run the action nonetheless, which would, however, kinda obsolete the fix. Another solution could be to introduce a new action, e.g. `add_user_role_requested`:
{{{
if ( empty( $role ) ) {
return;
}
/**
* Fires immediately after the user has been given a new role.
*
* @since x.x.x
*
* @param int $user_id The user ID.
* @param string $role The new role.
*/
do_action( 'add_user_role_requested', $this->ID, $role );
if ( in_array( $role, $this->roles, true ) ) {
return;
}
}}}
This filter uses the same syntax, than the existing `add_user_role`. I personally would prefer to pass the user object (`$this`) rather than the user ID. Maybe the user object could be passed as a third argument to both actions.
" bhujagendra 2.0 dev-feedback
Enhancements Awaiting Review 38946 WP_Upgrader: Protection against deleting files in destination directory Upgrade/Install normal enhancement new 2016-11-26T09:12:52Z 2017-11-07T15:26:12Z "While creating a plugin I have to upload zip file and extract it in the custom destination directory with its inside main folder name just like how Theme_Upgrader and Plugin_Upgrader does.
While extending the class `WP_Upgrader` and using method `install()` like this:
{{{#!php
true,
);
$parsed_args = wp_parse_args( $args, $defaults );
$this->init();
$this->install_strings();
add_filter( 'upgrader_source_selection', array( $this, 'check_package' ) );
$this->run( array(
'package' => $package,
'destination' => WP_CONTENT_DIR . '/uploads/demo-packs',
'clear_destination' => false, // Do not overwrite files.
'protect_destination' => true, // Let me utilize this args in `install_package()` to fix this error, happy :)
'clear_working' => true,
'hook_extra' => array(
'type' => 'demo',
'action' => 'install',
)
) );
remove_filter( 'upgrader_source_selection', array( $this, 'check_package' ) );
if ( ! $this->result || is_wp_error( $this->result ) ) {
return $this->result;
}
return true;
}
}}}
Now always the zip file content are extracted into that destination directory but I want to index just like this where `{uploaded-zip}` is the zip file inside folder name:
`WP_CONTENT_DIR . '/uploads/demo-packs/{uploaded-zip}'`
And finally the detected issue is that the destination directory are no more protected just like theme and plugins directories does :)
{{{#!php
unpack_package can't run in parallel Upgrade/Install normal defect (bug) new 2017-10-12T10:46:00Z 2020-09-23T05:43:41Z "Although `WP_Upgrader->unpack_package` takes care to assign a unique `$working_dir` for the package being unpacked, it recursively deletes the contents of `$upgrade_folder` before it does its work.
Since `$upgrade_folder` is the parent of `$working_dir`, concurrent `unpack_package` calls interfere with each other. In particular, this defeats parallel `wp theme install`; one install is likely to encounter `ENOENT` while trying to copy it unpacked files out of `$working_dir`." sheldonh
Defects Awaiting Review 56090 wp_update_user doesn't update user_activation_key on users with apostrophes in their email Users normal defect (bug) new 2022-06-28T17:33:30Z 2022-07-12T16:30:49Z "Wordpress currently allows apostrophes in email addresses. However, when a user with an apostrophe in their email tries to perform a password reset, the user_activation_key is invalid.
It looks as if user_activation_keys can be generated for users with apostrophes in their email, but the key cannot be stored in the wp_user table.
I've tried manually setting user_activation_keys for users with apostrophes by calling wp_update_user to no avail.
Why is this? Is there a way to bypass the get_password_reset_key for users with apostrophe emails?" petercwiley has-patch
Defects Awaiting Review 45830 wp_update_user does not use the pluggable wp_set_password to change a user password Users normal defect (bug) new 2019-01-04T13:56:01Z 2019-01-10T17:34:54Z "wp_update_user does not use the pluggable wp_set_password to change a user password and instead updates it directly in the DB.
This means that any plugin replacing wp_set_password will be incorrectly bypassed. It directly means the `reset_password` hook is skipped.
The comment at the start of wp_update_user should also be removed as it encourages bad behaviour:
{{{
* It is possible to update a user's password by specifying the 'user_pass'
* value in the $userdata parameter array.
}}}
I would suggest a simple code fix. Replace this:
{{{
if ( ! empty( $userdata['user_pass'] ) && $userdata['user_pass'] !== $user_obj->user_pass ) {
// If password is changing, hash it now
$plaintext_pass = $userdata['user_pass'];
$userdata['user_pass'] = wp_hash_password( $userdata['user_pass'] );
}}}
with this:
{{{
if ( ! empty( $userdata['user_pass'] )) {
wp_set_password($userdata['user_pass'], $ID);
}}}
" couling 5.0.2 has-patch
Defects Awaiting Review 41601 wp_update_user creates an error Users normal defect (bug) new 2017-08-10T11:16:39Z 2017-08-11T11:05:41Z "See my code below. When I use wp_upadte_user within the hook ""after_setup_theme"", it throws an error:
{{{
[Thu Aug 10 13:08:45.503396 2017] [proxy_fcgi:error] [pid 9452] [client 10.130.52.246:56561] AH01071: Got error 'PHP message: WordPress-Datenbank-Fehler You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'WHERE user_id = 6 AND blog_id = 1' at line 1 f\xc3\xbcr Abfrage '''SELECT COUNT(id) FROM WHERE user_id = 6 AND blog_id = 1''' von require('wp-blog-header.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('after_setup_theme'), WP_Hook->do_action, WP_Hook->apply_filters, ad_sso_login, wp_update_user, wp_insert_user, do_action('profile_update'), WP_Hook->do_action, WP_Hook->apply_filters, bp_blogs_add_user_to_blog, bp_blogs_record_blog, BP_Blogs_Blog->save, BP_Blogs_Blog->exists\nPHP message: WordPress-Datenbank-Fehler You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '( user_id, blog_id ) VALUES ( 6, 1 )' at line 1 f\xc3\xbcr Abfrage INSERT INTO ( user_id, blog_id ) VALUES ( 6, 1 ) von require('wp-blog-header.php'), require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('after_setup_theme'), WP_Hook->do_action, WP_Hook->apply_filters, ad_sso_login, wp_update_user, wp_insert_user, do_action('profile_update'), WP_Hook->do_action, WP_Hook->apply_filters, bp_blogs_add_user_to_blog, bp_blogs_record_blog, BP_Blogs_Blog->save\n', referer: http://intranetdev.rehau.org/
}}}
The sql functions being executed by this functions are missing the database table name.
Here is the code I am using inside the functions.php from my plugin:
{{{#!php
$user_id, 'user_url' => $website ) );
if ( is_wp_error( $user_id ) ) {
echo ""There was an error, probably that user doesn't exist."";
} else {
echo ""Success!"";
}
}
}}}
" iamklaus 4.8.1
Defects Awaiting Review 46166 wp_update_term sanitizes the description, removing all html Taxonomy normal defect (bug) new 2019-02-01T13:56:53Z 2019-02-01T13:56:53Z "The function wp_update_term automatically sanitizes the description of the term, thereby removing all html tags added to it. This happens even when no description is passed via the $args parameter.
This does not seem intended, as the description field is basically the content of the term and should be able to hold html information (which is in fact the case if I edit it within the WordPress backend and save it).
" sighan 4.9.8
Defects Awaiting Review 56700 wp_update_post function not support meta update Posts, Post Types normal defect (bug) new 2022-09-30T15:04:23Z 2022-09-30T15:31:59Z "Hi.
Seems like wp_update_post() function not support meta fields update.
I found post meta update only in wp_insert_post() function https://github.com/WordPress/wordpress-develop/blob/6.0.2/src/wp-includes/post.php#L4498-L4502
Is there are some reasons to not include meta fields update in wp_update_post() function? Or this can be fixed in the future?" borisolhor
Defects Awaiting Review 58304 wp_update_image_sizes Media blocker defect (bug) new 2023-05-13T14:20:43Z 2023-06-29T17:37:30Z "This blocker issue is actually introduced with WP 5.3 and still remains unsolved up to 6.2
Introduction:
Function {{{wp_update_image_sizes}}} calls function {{{_wp_make_subsizes()}}} in two ways/paths, either via function {{{wp_create_image_subsizes()}}} or {{{directly}}}.
Issue:
When {{{function wp_update_image_sizes}}} calls {{{_wp_make_subsizes()}}} via {{{wp_create_image_subsizes()}}}, {{{filter intermediate_image_sizes_advanced'}}}, is invoked before calling {{{_wp_make_subsizes()}}}.
When {{{wp_update_image_sizes}}} calls {{{_wp_make_subsizes()}}} directly, {{{filter intermediate_image_sizes_advanced'}}} is not available at all.
Problem:
When {{{filter 'intermediate_image_sizes_advanced'}}} is not available, there is no way to filter $new_sizes argument before {{{_wp_make_subsizes()}}} for the purpose described in {{{function _wp_make_subsizes()}}}, {{{(see below)}}}:
{{{
/*
* Only checks ""size name"" so we don't override existing images even if the dimensions
* don't match the currently defined size with the same name.
* To change the behavior, unset changed/mismatched sizes in the `sizes` array in image meta.
*/
}}}
Proposed solution:
1) Modify {{{filter 'intermediate_image_sizes_advanced'}}} by adding new argument {{{$context argument}}} in same way like {{{filter 'wp_generate_attachment_metadata'}}} added {{{$context argument}}} since WP 5.3.
2) In {{{function wp_update_image_subsizes}}}, before calling {{{function _wp_make_subsizes()}}}, add {{{apply_filters 'intermediate_image_sizes_advanced'}}} with additional argument {{{$context}}} and value {{{'update'}}}.
3) In {{{function wp_create_image_subsizes}}}, in {{{$new_sizes = apply_filters( 'intermediate_image_sizes_advanced', $new_sizes, $image_meta, $attachment_id )}}} add new {{{$context}}} argument value {{{'create'}}}.
OR in {{{function wp_update_image_subsizes}}} before calling {{{function _wp_make_subsizes()}}} just add {{{apply_filters 'intermediate_image_sizes_advanced'}}}
OR just make some filter that available in both cases. Maybe inside {{{function _wp_make_subsizes()}}} at the beginning ??
Thanks" logotronic 6.2 has-patch
Defects Awaiting Review, reported against latest stable branch 60793 wp_trigger error has a wrong wp_kses $allowed_html arguement. Formatting normal defect (bug) new 2024-03-18T02:04:16Z 2024-03-18T02:15:45Z "Elements and attributes need to be array keys, not values.
Came with: https://core.trac.wordpress.org/changeset/56707
Fix: https://github.com/WordPress/wordpress-develop/pull/6285" nico23 6.4 has-patch
Defects Awaiting Review 49351 wp_theme_editor_filetypes filter can not remove php and css file types Themes normal defect (bug) new 2020-02-03T08:17:10Z 2020-02-03T08:43:06Z "I don't know why {{{wp_get_theme_file_editable_extensions}}} this method need to ensure that default types will still there.
Sometimes just won't let people modify php files or other file types to avoid an unexpected issue. (including plugin editor)
btw, this {{{wp_get_plugin_file_editable_extensions}}} method do not have that restrict.
Maybe it's a bug!?" mxp 5.3.2
Defects Awaiting Review 42513 WP_Theme::get_post_templates() is extremely inefficient for large themes Themes normal defect (bug) new 2017-11-11T14:07:01Z 2017-11-12T13:13:42Z "WP_Theme::get_post_templates() uses file_get_contents() to read the complete contents of each theme php file in the root of a theme into memory, twice, and processes the result with a custom Regular Expression.
As a result, significantly more data than necessary is processed when loading large themes.
In addition, because the standard get_file_data() function is not called (as it is with all other header comments), the ""extra_{$context}_headers"" filter is never called, which is inconsistent behavior with other file_header related operations, such as the WP_Theme constructor." gschoppe 4.8.3 needs-unit-tests
Defects Awaiting Review 57141 WP_Theme cannot locate a parent block theme Themes normal defect (bug) new 2022-11-18T04:02:53Z 2022-11-21T23:37:35Z "As reported here: https://github.com/WordPress/gutenberg/issues/45811 after a discussion in slack: https://wordpress.slack.com/archives/C02QB8GMM/p1668569269811889
On wp-themes.com we're running into a use-case where the Parent theme cannot be located when both the parent and child theme are block themes, and the parent does not have an index.php file.
(See screenshot attached below, where the parent theme is 100% most definitely installed)
This appears to work on some installations, but not on others. I believe it working might be down to caching, I haven't figured that out.
The attached PR updates the code in WP_Theme to support the same theme files as supported via [53416] for themes in parent themes.
" dd32 6.0 needs-unit-tests
Defects Awaiting Review 48973 wp_text_diff() out of memory with 10GB memory limit on certain revisions Revisions normal defect (bug) new 2019-12-14T16:33:35Z 2019-12-16T20:59:38Z "Hi,
I have identified a bug with wp_text_diff on a blank WP install on PHP 7.2.8 and 7.3.12
The bug causes the system to run out of memory no matter how much is available. I found it while trying to edit some revisions. The texts are large (50KB), maybe it has something to do with it.
To replicate the bug you need to use this code. I will provide the files.
{{{#!php
cap->assign_terms );`
We had an issue where we were checking the post type in a map_meta_cap filter and it was always showing a standard post type instead of the appropriate custom post type leading to category checkboxes being disabled.
Expected behaviour: The post_id passed in $args to the map_meta_cap callback should relate to the post being edited / created
How to recreate:
1. Create a custom Post Type
2. Add a filter on map_meta_cap
3. Create or edit a post
4. Check the value passed in $args to your filter when wp_terms_checklist does a capability check to see if categories should get a disabled attribute.
Workaround: Use the global $post variable instead of the passed post_id" anigel has-patch
Enhancements Awaiting Review 40661 WP_Term_Query->parse_query() needs filter like 'get_terms' Taxonomy normal enhancement new 2017-05-04T10:28:28Z 2017-08-04T17:50:55Z "The new class/method WP_Term_Query->parse_query() does not provide a filter like the old function get_terms() does. Using WP_Term_Query directly has thus different functionality from using the old wp_terms function.
Using a plugin like:
https://wordpress.org/support/plugin/custom-taxonomy-order-ne/
with a custom term_order field and sorting based on that, gives the default sort based on name.
Adding a filter to the method like get_terms, provides backwards compatibility for plugin and theme authors, that are switching to WP_Term_Query directly.
This filter gives options to apply a custom order to the list of terms.
Reference on support forum:
https://wordpress.org/support/topic/doesnt-reorder-when-using-wp_term_query/
If adding a filter is somehow not wanted by core devs, then I will have to answer to add this filter manually to the code when support requests are coming. To be clear, I would consider that a valid response." mpol needs-unit-tests
Defects Awaiting Review 46347 WP_Term_Query where sql_clauses oddity Query normal defect (bug) new 2019-02-26T02:37:08Z 2019-02-26T03:03:52Z "Hello, I was messing around with a customized version of the WP_Term_Query and noticed something odd.
In the function get_terms, there are a lot of places where {{{$this->sql_clauses['where'][somekey]}}} variables are created.
However, on line [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L642 643], this code :
{{{#!php
$where = implode( ' AND ', $this->sql_clauses['where'] );
}}}
only uses the first sub array value found and ignores all the other keys.
Shouldn't this be:
{{{#!php
$where = implode( ' AND ', array_values($this->sql_clauses['where']));
}}}
so that all array elements are included in the where?" vrandom
Defects Awaiting Review 44695 WP_Term_Query unexpected 'orderby' behaviour. Query normal defect (bug) new 2018-08-01T21:19:14Z 2019-08-27T18:33:22Z "I expected that `orderby` would behave in a similar way with `WP_Term_Query` as it does on other `*_Query` classes but it seems that `meta_value_date` and possibly some others is unsupported. Additionally `meta_type` doesn't function as expected either.
These args:
{{{
$args = array(
'taxonomy' => 'issues',
'number' => 5,
'meta_key' => 'issue_date',
'meta_type' => 'DATE',
'orderby' => 'meta_value_date',
);
}}}
Result in this query that has disregarded both `meta_type` and `orderby` in it's generation:
{{{
SELECT DISTINCT t.*, tt.* FROM wp_terms AS t INNER JOIN wp_termmeta ON ( t.term_id = wp_termmeta.term_id ) INNER JOIN wp_term_taxonomy AS tt ON t.term_id = tt.term_id WHERE tt.taxonomy IN ('issues') AND tt.count > 0 AND ( wp_termmeta.meta_key = 'issue_date' ) ORDER BY t.name ASC LIMIT 5
}}}
Could we get similar support for same named keys in `WP_Term_Query` as we have in other queries?" williampatton 4.9.7 needs-unit-tests
Defects Awaiting Review 52904 WP_Term_Query does not return deeper descendants of child_of when direct children of child_of are not part of the results Taxonomy major defect (bug) new 2021-03-24T22:38:31Z 2021-03-24T22:38:31Z "Let's say for the hierarchical taxonomy `mytax` we have the following terms and term ids(in parentheses):
{{{
- A (1)
-- AB (2)
--- ABC (3)
- B (4)
-- BD (5)
-- ABC (6)
}}}
The following query works fine and it returns both terms with ID 2 and 3
{{{
print_r(
get_terms(
[
'taxonomy' => 'mytax',
'name__like' => 'AB',
'child_of' => 1,
'hide_empty' => false
]
)
);
}}}
However, the following query returns an empty array (since term_id=2 will no longer be in the results):
{{{
print_r(
get_terms(
[
'taxonomy' => 'mytax',
'name__like' => 'ABC',
'child_of' => 1,
'hide_empty' => false
]
)
);
}}}
but it is expected that it returns the term ABC with term_id=3.
This seems to be a bug with the logic in `_get_term_children()` where if direct children of the asking ancestor are not within the initial set of the terms, the recursion will never happen and deeper descendants are then removed from the query results." xParham needs-patch
Defects Awaiting Review 44630 WP_Term_Query does not return all terms when 'number' and 'object_ids' are specified Taxonomy critical defect (bug) new 2018-07-24T09:03:10Z 2019-01-17T00:24:34Z "When querying for taxonomy terms assigned to certain objects, WP_Term_Query's query is LIMIT'ed if the 'number' argument is specified. This introduces a problem similar to hierarchical taxonomies where results must not be limited in order to retrieve children. In particular, the issue arises because each term_taxonomy_id, or ""(term, taxonomy) couple"", has more than one relationship in wp_term_relationships thus more than 1 row could be returned for the same term_taxonomy_id.
It is worth to notice that in order to replicate the problem in the attached test, the 'order' argument must be set to DESC which is the opposite of WP_Term_Query's default." ettoredn has-patch
Enhancements Awaiting Review 56264 WP_Term_Query does not allow limiting results when descending family tree Taxonomy normal feature request new 2022-07-21T08:49:28Z 2022-10-12T18:08:27Z "== The Problem
Over in https://github.com/WordPress/gutenberg/pull/42424 we're working on a way to limit the number of Category taxonomy terms that are displayed in the UI.
This works well until you attempt to display top level terms only (i.e. those with a parent of 0). In this case the limit is **not applied**.
Here is the Gutenberg PHP code where we apply the parent argument:
https://github.com/WordPress/gutenberg/blob/10f8542e26e83262f177cdcca30ca57ae516e644/packages/block-library/src/categories/index.php#L27
== Why does this happen?
Digging into the Core code I noticed that `WP_Term_Query->get_terms()` method explicitly does not allow limiting when descending into the family tree of terms or when a parent is provided:
https://github.com/WordPress/wordpress-develop/blob/6.0/src/wp-includes/class-wp-term-query.php#L628-L629
The code comment states:
> Don't limit the query results when we have to descend the family tree.
There is no further information.
Further investigation reveals that this ""feature"" was present in the original commit which introduced this functionality:
https://github.com/WordPress/wordpress-develop/commit/8220d04e6d12c4a139344117e02fef268df5f205#diff-7813f38c6b905b75c4b11bf2750c63ba0f5a1227ffc4f012deeeb22999cee68bR1338-R1339
== Feature Request
I would like to display the top X categories but showing **top level terms only**. As it stands I don't believe this is possible.
Perhaps we could introduce a clause in the conditional which allows limiting if the `$parent` is `0`?
" get_dave 2.7.1
Enhancements Awaiting Review 36641 WP_Term method __toString Taxonomy normal enhancement new 2016-04-22T20:59:58Z 2017-02-05T14:18:20Z "I think that this is good idea. For example:
{{{#!php
';
var_dump(implode(', ', get_the_terms( get_the_ID(), 'category' )));
echo '';
?>
}}}
I have ```string(**) ""Cat 1, Cat 2""```
" sebastian.pisula needs-unit-tests
Defects Awaiting Review 49911 WP_Tax_Query generates incorrect SQL Query normal defect (bug) new 2020-04-15T16:25:44Z 2020-04-15T19:33:57Z "When calling WP_Query($arguments)::get_posts() like:
{{{
$arguments = [
'category__in' = ['7','31','704'],
'post_type' => array('post', 'page'),
'post_status' => array('publish'),
'nopaging' => true
];
}}}
704 is the category for posts and 7, 31 for pages. The following query will be produced:
SELECT bct_posts.* FROM bct_posts LEFT JOIN bct_term_relationships ON (bct_posts.ID = bct_term_relationships.object_id) LEFT JOIN bct_term_relationships AS tt1 ON (bct_posts.ID = tt1.object_id) LEFT JOIN bct_term_relationships AS tt2 ON (bct_posts.ID = tt2.object_id) WHERE 1=1 AND ( bct_term_relationships.term_taxonomy_id IN (704) AND tt1.term_taxonomy_id IN (704) AND tt2.term_taxonomy_id IN (7,31,704) ) AND bct_posts.post_type IN ('post', 'page') AND ((bct_posts.post_status = 'publish')) GROUP BY bct_posts.ID ORDER BY bct_posts.post_date DESC
instead of
SELECT bct_posts.* FROM bct_posts LEFT JOIN bct_term_relationships ON (bct_posts.ID = bct_term_relationships.object_id) WHERE 1=1 AND ( bct_term_relationships.term_taxonomy_id IN (7,31,704) ) AND bct_posts.post_type IN ('post', 'page') AND ((bct_posts.post_status = 'publish')) GROUP BY bct_posts.ID ORDER BY bct_posts.post_date DESC
The first query returns only posts, second one posts, and pages. Please note that categories and tags are enabled for pages.
" janznordman
Defects Awaiting Review 46886 "wp_targeted_link_rel adds the rel attribute when the link has data-target=""""" Formatting normal defect (bug) new 2019-04-11T20:07:45Z 2019-04-13T13:58:32Z "To reproduce:
Create a link element (easiest to see bug in classic editor):
{{{
click here
}}}
Save the post, and the link will have the rel=""noopener noreferrer"" attribute.
" jakeparis 5.1
Defects Awaiting Review 59363 wp_tag_cloud and apply_filters Editor normal defect (bug) new 2023-09-15T09:59:24Z 2023-09-15T10:19:33Z "Line https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/blocks/tag-cloud.php#L28
{{{
$tag_cloud = wp_tag_cloud( $args );
}}}
has to be changed to
{{{
$tag_cloud = wp_tag_cloud(
apply_filters(
'widget_tag_cloud_args',
$args
)
);
}}}
to be in line with documentation:
https://developer.wordpress.org/reference/hooks/widget_tag_cloud_args/
I will attach a patch as documented here:
https://make.wordpress.org/core/handbook/contribute/git/
" steffenkrueger 6.3.1
Defects Awaiting Review 57266 wp_suspend_cache_invalidation can be set to no Boolean value which break usage General normal defect (bug) new 2022-12-03T00:14:02Z 2022-12-05T22:20:21Z pbearne has-patch
Enhancements Awaiting Review 37162 wp_style_add_data and wp_script_add_data should accept SRI information Script Loader normal enhancement new 2016-06-24T01:34:38Z 2018-11-14T15:27:09Z "Subresource Integrity Hashes (SRI) is now recommended for many CDN sourced CSS and JavaScript as provided for in http://www.w3.org/TR/SRI/ . WordPress does not allow SRI code (or anything other than a set list) to be added via wp_*_add_data. The same applies to javascript loading in addition to stylesheet loading.
wp_*_add_data should support these tags instead of currently silently ignoring them. The two tag keys are crossorigin and integrity.
Example of recommended link tags that should be generated:
{{{
}}}
Expected (currently non-working usage)
{{{
wp_enqueue_style('bootstrap', ""https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/css/bootstrap.min.css"", array(), null, 'all');
wp_style_add_data('bootstrap', 'crossorigin', 'anonymous');
wp_style_add_data('bootstrap', 'integrity', 'sha384-y3tfxAZXuh4HwSYylfB+J125MxIs6mR5FOHamPBG064zB+AFeWH94NdvaCBm8qnd');
}}}
" michaelkrieger 4.5.3
Defects Awaiting Review 54138 wp_strip_all_tags should remove scripts/styles content recursively Formatting normal defect (bug) new 2021-09-16T20:19:53Z 2021-09-16T20:31:18Z "If we try to run the next code `pt>alert(""krya"");` via the `wp_strip_all_tags` function it remove the script content only once. So, the next hack allows passing the script content throw the function.
## In details.
First iteration:
- input: `pt>alert(""krya"");
- output: ``
Thankfully the `strip_tags` removes scripts tags later, but the content is still present.
" wppunk has-patch
Enhancements Awaiting Review 51318 WP_Sitemaps_Provider protected $name property Sitemaps major enhancement new 2020-09-16T01:05:45Z 2020-09-30T08:56:29Z "See: https://developer.wordpress.org/reference/classes/wp_sitemaps_provider/
Why We need $name property to be protected? It is just name. This is inconvenient and can cause bugs. For example I create my Sitemaps Provider like this:
{{{#!php
name, $provider );
}}}
But if first argument of `wp_register_sitemap_provider()` function and the `$name` prop are different the Sitemap Provider won't run at all!
So all I can to do is copy $name prop value and past it as parameter. And if I will change the name I need to remember to copy because they must be the same (and code itself doesn't tell me this dependency).
" Tkama 5.5.1
Defects Awaiting Review 58932 wp_setup_nav_menu_item() throws PHP warning when using virtual menu-items Menus normal defect (bug) new 2023-07-29T00:25:24Z 2023-07-29T00:35:45Z "I believe this bug was introduced in [changeset:""47211""]
=== TLDR ===
`wp_setup_nav_menu_item()` calls `get_post()` but does no sanity checking before calling `get_post_states()` with what might be a null. Adding a simple `if ( $menu_post !== null )` before calling `get_post_states()` resolves this issue.
I've added a patch.
=== Details ===
I have an old plugin (pre-dating above commit) that renders custom dynamically-generated drop-down menus (eg. recent posts, yearly archives).
The plugin is somewhat based on https://www.ibenic.com/understanding-wordpress-menu-items/ but is a bit more involved. It's a stable and simple plugin.
The way the plugin works is it adds a single menu-item meta-box in the Menu editor page. However on the front it dynamically generates submenu items that don't show on the Edit Menu page. On the front the plugin creates virtual/fake `WP_Post` objects at runtime that are fed into `Walker_Nav_Menu_Checklist`. Therefore these objects have no corresponding `$menu_post` in the database.
Since WordPress 5.4, core throws multiple `Attempt to read property ""post_status|ID"" on null` notices on every page load. These notices have been upgraded to warnings in PHP 8.
{{{
wp-admin/includes/template.php:2288
get_post_states()
wp-includes/nav-menu.php:839
wp_setup_nav_menu_item()
wp-includes/nav-menu.php:839
array_map()
wp-includes/nav-menu.php:727
wp_get_nav_menu_items()
wp-admin/nav-menus.php:596
}}}" apedog 5.4 has-patch
Defects Awaiting Review 54893 wp_set_script_translations() accepts and evaluates ""],
}
}
}
}}}
== Recommendations
Escape JSON string ``
== Impact
* Attackers can inject any JavaScript code they like.
* Translation files can be provided from 3rd party(e.g. voluntary contributors), but hard to detect it's correct or not because they are written in foreign languages for the original authors." Takahashi_Fumiki needs-patch
Reporter Feedback / Close 50080 wp_set_post_tags() adds terms to post types that don't support the term's taxonomy Taxonomy normal defect (bug) new 2020-05-04T16:23:52Z 2020-05-04T16:46:30Z "Setup:
(1) Register a custom post type without taxonomy support
{{{#!php
add_action( 'init', function() {
register_post_type(
'foobar',
[
'labels' => [
'name' => __( 'foobars' ),
'singular_name' => __( 'foobar' ),
],
'public' => false,
'publicly_queryable' => true,
'has_archive' => false,
'hierarchical' => false,
]
);
} );
}}}
(2) Create a tag
{{{#!php
wp_insert_term( 'green', 'post_tag' );
=> array(2) {
[""term_id""]=>
int(4)
[""term_taxonomy_id""]=>
int(4)
}
}}}
(3) Create a post
{{{#!php
wp_insert_post( [ 'post_type' => 'foobar' ] );
=> int(8)
}}}
(4) Assign the term to the post
{{{#!php
wp> wp_set_post_tags( 8, 'green' );
=> array(1) {
[0]=>
string(1) ""4""
}
}}}
Expected behaviour is a `WP_Error` object, since the CPT `foobar` does not support the `post_tag` taxonomy.
(5) Get the tags for the post
{{{#!php
wp> wp_get_post_tags(8)
=> array(1) {
[0]=>
object(WP_Term)#1955 (10) {
[""term_id""]=>
int(4)
[""name""]=>
string(5) ""green""
[""slug""]=>
string(5) ""green""
[""term_group""]=>
int(0)
[""term_taxonomy_id""]=>
int(4)
[""taxonomy""]=>
string(8) ""post_tag""
[""description""]=>
string(0) """"
[""parent""]=>
int(0)
[""count""]=>
int(1)
[""filter""]=>
string(3) ""raw""
}
}
}}}
Expected behaviour is an empty array." paulschreiber 2.3 reporter-feedback
Defects Awaiting Review, reported against no version 41522 wp_set_password() doesn't trigger a changed password notification Users normal defect (bug) new 2017-08-01T20:30:59Z 2017-08-02T13:53:31Z "If {{{wp_update_user()}}} is used to update a user's password, a notification is sent to the user telling them their password has changed.
However, the same doesn't happen if {{{wp_set_password()}}} is used to update a user's password." henry.wright dev-feedback
Defects Awaiting Review 58700 wp_set_comment_status() modifies post_content Comments major defect (bug) new 2023-07-03T04:42:14Z 2023-07-14T21:06:45Z "I've created a standalone PHP script that runs on cron and uses wp_set_comment_status() to automatically approve select comments (based on user name, ip address, etc).
When a comment is approved, if the post_content contains a video tag, the video tag is rewritten.
From :
{{{
}}}
To :
{{{
}}}
My code :
{{{#!php
$comTime )
{
wp_set_comment_status($comment_id, 'approve', false);
}
}}}
Any idea why this is happening? I've had to go back and edit a lot of posts due to this issue." tweakfreaks 6.2.2
Defects Awaiting Review 47170 wp_sensitive_page_meta breaks login on iPad devices Login and Registration major defect (bug) new 2019-05-07T16:28:57Z 2019-05-17T10:58:38Z "iPad Safari will throw a
{{{
Failed to set referrer policy: The value 'strict-origin-when-cross-origin' is not one of 'no-referrer', 'origin', 'no-referrer-when-downgrade', or 'unsafe-url'. Defaulting to 'no-referrer'.
}}}
on wp-login.php page because it does not understand strict-origin-when-cross-origin value for the referer policy.
This effectively breaks the login completely at least on nginx sites.
Present starting with 4.9.10 (5.0.0 if chronologically)." madhazelnut 5.0
Defects Awaiting Review 50893 wp_send_json_success is nothing, no error for any inf/nan General normal defect (bug) new 2020-08-11T06:15:16Z 2022-10-19T15:51:55Z "If wp_send_json_success() has an argument array with INF or Nan in it nothing is printed out, no error is given, this can make it really hard to track down errors in the data of attachments for example.
Steps to reproduce issue:
wp_send_json_success( array('a'=>34/0) );
The fact that can continue and print nothing and nothing but a notice shows how bad PHP can be on multiple levels... :( but there should be some error in this function, or perhaps clean the error since I see it is recursively going through the array for something in _wp_json_sanity_check?" programmin 5.2.5
Enhancements Awaiting Review 58255 wp_send_json_error should respect error state passed in WP_Error. Administration normal enhancement new 2023-05-04T11:00:43Z 2023-06-19T11:03:55Z WP_Error objects support setting the error state. This is used heavily in the REST API. The function `wp_send_json_error` supports error status code and passing WP_Error as an argument. The `wp_send_json_error` function could respect the status code in WP_Error. spacedmonkey has-patch
Defects Awaiting Review 52448 wp_scheduled_delete WP-Cron Job Cannot Be Unscheduled Administration normal defect (bug) new 2021-02-04T16:06:36Z 2021-02-05T15:20:49Z "My organization has disabled automatic trash deletion to preserve history on a large multisite network we host. We have done this via the following method:
{{{#!php
60, 'display' => '60 Seconds');
}
return $schedules;
}
function my_custom_button_menu() {
add_menu_page('My Custom Button', 'Custom Button', 'manage_options', 'my-custom-admin-button', array($this, 'my_custom_button_page'));
}
function my_custom_button_page() {
error_log('my_custom_button_page');
if (isset($_POST['action']) && $_POST['action'] == 'myaction') {
error_log('my_custom_button_page action');
for ($index = 0; $index < 500; $index++) {
$args = array(array('email' => 'toto@foo.org', 'user_id' => '1234', 'tags' => $index));
if (!wp_next_scheduled('nsm_test_cron', $args)) {
$error = wp_schedule_event(time(), 'nsm_60_seconds', 'nsm_test_cron', $args, true);
set_transient( 'doing_cron_' . $index, $index );
error_log('error -> ' . print_r($error, true));
error_log(""wp_next_scheduled ($index)-> "" . print_r(wp_next_scheduled('nsm_test_cron', $args), true));
}
}
}
?>
My Custom Button
' . $args['tags']);
sleep(1);
delete_transient( 'doing_cron_' . $args['tags']);
}
}
}
new NSM_Test_Cron();
}}}" odoremieux 6.4.3
Reporter Feedback / Close 59827 wp_save_post_revision() assumes ALL post meta is text! Fatal error in PHP 8.2. adamsilverstein Revisions normal defect (bug) assigned 2023-11-07T17:31:11Z 2024-02-05T19:14:55Z "The wp_save_post_revision() function assumes that ALL post meta is text:
https://github.com/WordPress/wordpress-develop/blob/6.3/src/wp-includes/revision.php#L164
When using register_meta() with 'revisions_enabled' => true to register post meta that is an array, it causes a fatal error in PHP 8.2:
{{{
PHP Fatal error: Uncaught TypeError: trim():
Argument #1 ($string) must be of type string, array given in /.../wp-includes/formatting.php:5486
}}}
Since registering post meta is announced for WP 6.4 (see https://make.wordpress.org/core/2023/10/24/framework-for-storing-revisions-of-post-meta-in-6-4/), it's a pretty serious problem.
I've tested the issue on WP 6.3.2 and WP 6.4 (although the footer says 6.5-alpha-57075).
js." jsmoriss 6.3.2 reporter-feedback
Defects Awaiting Review 46440 WP_Roles data doesn't load correctly when 'switch_to_blog' is called in a multisite. Role/Capability normal defect (bug) new 2019-03-08T03:07:08Z 2019-03-08T16:35:38Z On `switch_to_blog` call, eventually it will come to `get_roles_data` method of `WP_Roles` through `switch_blog` hook. Then this method checks `is_multisite() && $this->site_id != get_current_blog_id()`, but `$this->site_id != get_current_blog_id()` will always be false, because the current blog id is already set in `switch_to_blog`, hence it fails to load the data. syammohanm 5.1
Enhancements Awaiting Review 43885 WP_Role and WP_Roles::get_role() missing Display Name Role/Capability normal enhancement new 2018-04-27T21:19:41Z 2019-03-15T10:02:05Z "Hello,
While working with roles I found it odd that you can add a Display Name for a role but the WP_Role class and the WP_Roles function get_role don't provide this information.
Please add $display_name as a public attribute of WP_Role so it's available on that object and would be returned in the get_role function.
Thank you
P.S. Currently to access this information you have to use the WP_Roles as follows;
{{{#!php
roles[$role]['name'];
}}}
" garrett-eclipse dev-feedback
Defects Awaiting Review 53262 "wp_robots() (via wp_die) triggers a ""doing_it_wrong_trigger_error"", but should not." General minor defect (bug) new 2021-05-23T21:43:29Z 2022-08-03T15:31:55Z "Hello there.
In my plugin, I need to die early, like, right after the plugins are loaded, imagine this for a shortcut:
`add_action( 'plugins_loaded', 'wp_die' );`
This is the output:
''Notice: is_embed was called incorrectly. Conditional query tags do not work before the query is run. Before then, they always return false. Please see Debugging in WordPress for more information. (This message was added in version 3.1.0.) in /wp-includes/functions.php on line 5313''
{{{
# Time Memory Function Location
1 0.0002 369912 {main}( ) .../admin.php:0
2 0.0003 370552 require_once( '/wp-load.php' ) .../admin.php:34
3 0.0003 370960 require_once( '/wp-config.php' ) .../wp-load.php:37
4 0.0003 375568 require_once( '/wp-settings.php' ) .../wp-config.php:88
5 0.0410 1735152 do_action( ) .../wp-settings.php:423
6 0.0411 1735528 WP_Hook->do_action( ) .../plugin.php:484
7 0.0411 1735528 WP_Hook->apply_filters( ) .../class-wp-hook.php:316
8 0.0882 3856336 wp_die( ) .../class-wp-hook.php:292
9 0.0882 3874480 _default_wp_die_handler( ) .../common.php:275
10 0.0884 3876304 wp_robots( ) .../functions.php:3497
11 0.0884 3876304 apply_filters( ) .../robots-template.php:32
12 0.0884 3876712 WP_Hook->apply_filters( ) .../plugin.php:212
13 0.0884 3878216 wp_robots_noindex_embeds( ) .../class-wp-hook.php:292
14 0.0884 3878216 is_embed( ) .../robots-template.php:93
15 0.0884 3878216 _doing_it_wrong( ) .../query.php:881
16 0.0885 3879304 trigger_error ( ) .../functions.php:5313
}}}
another notice will be trigger, same thing but line 13 will be `wp_robots_noindex_search`.
Since WP 5.7 the `wp_robots()` function is called in a `wp_die()`, but `wp_die()` can be called before the query is done, this is not too soon to die ''(for once, got it?)''.
A possible patch is to delay these default filters a bit later ''(wp-includes/default-filters.php)'' instead of adding them right away:
{{{
add_action( 'wp', 'wp_late_robots_check' );
function wp_late_robots_check() {
add_filter( 'wp_robots', 'wp_robots_noindex_embeds' );
add_filter( 'wp_robots', 'wp_robots_noindex_search' );
}
}}}
Thanks for your attention." juliobox 5.7 dev-feedback
Enhancements Awaiting Review 57361 WP_REST_Attachments_Controller::get_media_types not returning existing mime types, but the ones allowed for upload REST API normal enhancement new 2022-12-20T14:04:31Z 2022-12-20T16:18:55Z "While debugging an [https://github.com/WordPress/gutenberg/issues/46658 issue in Gutenberg's new media tab], it has been [https://github.com/WordPress/gutenberg/pull/46676 pointed out] that the REST API does not actually allows to list items which are already in media library, but can no longer be uploaded (eg.: the list of allowed mime types changed over time).
That's different from what the wp-admin does, as it lists all items in the media library, no matter what their (mime)type is, and whether it can be uploaded or not.
The `WP_REST_Attachments_Controller::get_media_types` method [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php#L1253 uses the `get_allowed_mime_types()` function], which is upload oriented (returns a list of mime types which can be uploaded), while the [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/class-wp-media-list-table.php#L137 listing in wp-admin uses a logic based on existing mime types in the library].
Thus I wonder, if the same logic as used in wp-admin should be used in the REST API, allowing users and developers to get a listing of all existing items in the media library, no matter whether new ones can be uploaded or not." david.binda 4.7
Defects Awaiting Review 53748 wp_render_layout_support_flag assumes centered layout Themes normal defect (bug) new 2021-07-22T18:42:43Z 2021-07-22T18:42:43Z "When applying sizes to a block, margin is also added.
https://core.trac.wordpress.org/browser/tags/5.8/src/wp-includes/block-supports/layout.php#L74
What if a theme doesn't want all content centered?" douglasjohnson 5.8
Enhancements Awaiting Review 42839 wp_remote_post should support multipart uploads HTTP API normal feature request new 2017-12-08T13:49:32Z 2020-01-22T11:05:19Z Currently `wp_remote_post` doesn't support multipart uploads (file uploads). Because of this many plugin authors need to workaround this by implementing their own way to upload files remotely. calin
Defects Awaiting Review 49385 wp_remote_get() cannot retrieve webcal URIs HTTP API normal defect (bug) new 2020-02-07T18:33:22Z 2020-02-07T19:11:06Z "In #31666, `webcal` was added to the list of allowed protocols. Unfortunately this does not bubble up into the HTTP API for remote requests, and `wp_remote_get()` on a `webcal://` URI will fail with:
{{{
object(WP_Error)[532]
public 'errors' =>
array (size=1)
'http_request_failed' =>
array (size=1)
0 => string 'A valid URL was not provided.' (length=29)
public 'error_data' =>
array (size=0)
empty
}}}
Here is my proof-of-concept to show off the failure:
{{{
add_action( 'plugins_loaded', function() {
// Public iCloud calendar I created
$uri = 'webcal://p41-caldav.icloud.com/published/2/AAAAAAAAAAAAAAAAAAAAAF-eqSypTVlehAPwNTiPeHHBkTEvCi1qK6G4LDcU1Fr6AKLM-yaJrbRrhSSGMrjSbAxJZJ6TibzOCKLh0xBSpKI';
// Regular remote get call
$get = wp_remote_get( $uri );
// Dump results
var_dump( $get ); die;
} );
}}}" johnjamesjacoby needs-unit-tests
Defects Awaiting Review 59539 wp_register_style and wp_register_script adds ver incorrectly Script Loader major defect (bug) assigned 2023-10-04T11:57:47Z 2023-10-04T11:57:47Z "Hello,
I'm sorry to report but it seems that function wp_enqueue_style adds ver incorrectly in case of existence some url parameters in src.
**For example:**
**Style example:**
{{{#!php
}}}
(you see '&' instead of just '&')
**Script example (from contact-form-7):**
{{{#!php
$service->get_sitekey(),
),
$url
),
array(),
'3.0',
true
);
}}}
adds:
{{{
}}}
(again, you see ‘&‘ instead of just ‘&’)
You can find these issues on: https://forcesail.ru/" forcesail 6.3.1
Enhancements Awaiting Review 34466 wp_register_form, wp_lost_password_form function Login and Registration normal feature request new 2015-10-27T14:48:11Z 2017-02-22T09:57:13Z "Hi,
We currently have a wp_login_form function to display the login form, however, we do not currently have an opposite for the registration form.
'''Should look into:'''
wp_register_form
wp_lost_password_form
" atomicjack 4.4 dev-feedback
Defects Awaiting Review 49414 wp_read_image_metadata should look for timezone offset Date/Time normal defect (bug) new 2020-02-12T08:00:57Z 2020-02-15T19:56:57Z "Related: #49413
This function should look for where cell phones and cameras store timezone offset data.
Storing the time as a timestamp is a mistake as the time in exif data is minus the timezone and in whatever time the device was set to, it would have been better to store as a formatted time as converting to timezone means that everything is off.
EXIF supports storing timezone offset in several places, if there we should use it, otherwise assume site timezone.
" dshanske
Defects Awaiting Review 48029 WP_Query::query only using a single post_status Query normal defect (bug) new 2019-09-12T18:27:51Z 2020-05-12T05:01:09Z "While investigating why `bbp_forum_get_subforums()` was not returning private forums while being a keymaster, I found that WP_Query::query() will only use the first post_status of a given array.
E.g:
{{{
WP_Query Object
(
[query] => Array
(
[post_parent] => 5420
[post_type] => forum
[post_status] => Array
(
[0] => publish
[1] => private
[2] => hidden
)
[posts_per_page] => 50
[orderby] => menu_order title
[order] => ASC
[ignore_sticky_posts] => 1
[no_found_rows] => 1
)
...
[request] => SELECT wpp_posts.ID FROM wpp_posts WHERE 1=1 AND wpp_posts.post_parent = 5420 AND wpp_posts.post_type = 'forum' AND ((wpp_posts.post_status = 'publish')) ORDER BY wpp_posts.menu_order ASC, wpp_posts.post_title ASC LIMIT 0, 50
}}}
The same thing applies if you pass it a comma-separated string of statuses:
{{{
WP_Query Object
(
[query] => Array
(
[post_parent] => 5420
[post_type] => forum
[post_status] => publish,private,hidden
[posts_per_page] => 50
[orderby] => menu_order title
[order] => ASC
[ignore_sticky_posts] => 1
[no_found_rows] => 1
)
...
[request] => SELECT wpp_posts.ID FROM wpp_posts WHERE 1=1 AND wpp_posts.post_parent = 5420 AND wpp_posts.post_type = 'forum' AND ((wpp_posts.post_status = 'publish')) ORDER BY wpp_posts.menu_order ASC, wpp_posts.post_title ASC LIMIT 0, 50
}}}
Steps to replicate (taken from bbpress/includes/forums/template.php):
{{{
$r = bbp_parse_args( $args, array(
'post_parent' => 0,
'post_type' => bbp_get_forum_post_type(),
'post_status' => implode( ',', $post_stati ),
// 'post_status' => $post_stati,
'posts_per_page' => get_option( '_bbp_forums_per_page', 50 ),
'orderby' => 'menu_order title',
'order' => 'ASC',
'ignore_sticky_posts' => true,
'no_found_rows' => true
), 'forum_get_subforums' );
$r['post_parent'] = bbp_get_forum_id( $r['post_parent'] );
// Create a new query for the subforums
$get_posts = new WP_Query();
// No forum passed
$sub_forums = !empty( $r['post_parent'] ) ? $get_posts->query( $r ) : array();
}}}" useStrict
Defects Awaiting Review 60745 WP_Query::parse_query() does not handle invalid query arg values Query normal defect (bug) new 2024-03-11T11:29:09Z 2024-03-11T11:31:45Z "The code in `WP_Query::parse_query` assumes that most query arguments have the correct type. However, this doesn't seem to be the case for the following arguments:
Things that expect arrays, but the code that call them pass (unintended) invalid data types
{{{
'author__in' => 'string',
'author__not_in' => 'string',
'category__and' => 'string',
'category__in' => 'string',
'category__not_in' => 'string',
'post__in' => 'string',
'post__not_in' => 'string',
'post_name__in' => 'string',
'post_parent__in' => 'string',
'post_parent__not_in' => 'string',
'tag__and' => 'string',
'tag__in' => 'string',
'tag__not_in' => 'string',
'tag_slug__and' => 'string',
'tag_slug__in' => 'string',
}}}
Using most of the above query args in a `WP_Query::get_posts()` call result in a PHP fatal.
Things that expect scalars:
{{{
'attachment' => array(),
'author_name' => array(),
'feed' => array(),
}}}
Using any of the above query args result in a PHP fatal on a default WP installation:
{{{
alex@wayra core % cat .wp-env.json
{
""core"": null
}
}}}
http://localhost:8888/?attachment[]=admin
{{{
Fatal error: Uncaught TypeError: urlencode(): Argument #1 ($string) must be of type string, array given in /var/www/html/wp-includes/formatting.php:5683 Stack trace: #0 /var/www/html/wp-includes/formatting.php(5683): urlencode(Array) #1 /var/www/html/wp-includes/class-wp-query.php(2183): wp_basename(Array) #2 /var/www/html/wp-includes/class-wp-query.php(3824): WP_Query->get_posts() #3 /var/www/html/wp-includes/class-wp.php(696): WP_Query->query(Array) #4 /var/www/html/wp-includes/class-wp.php(816): WP->query_posts() #5 /var/www/html/wp-includes/functions.php(1336): WP->main('') #6 /var/www/html/wp-blog-header.php(16): wp() #7 /var/www/html/index.php(17): require('/var/www/html/w...') #8 {main} thrown in /var/www/html/wp-includes/formatting.php on line 5683
}}}
http://localhost:8888/?author_name[]=admin
{{{
Fatal error: Uncaught TypeError: str_contains(): Argument #1 ($haystack) must be of type string, array given in /var/www/html/wp-includes/class-wp-query.php:2358 Stack trace: #0 /var/www/html/wp-includes/class-wp-query.php(2358): str_contains(Array, '/') #1 /var/www/html/wp-includes/class-wp-query.php(3824): WP_Query->get_posts() #2 /var/www/html/wp-includes/class-wp.php(696): WP_Query->query(Array) #3 /var/www/html/wp-includes/class-wp.php(816): WP->query_posts() #4 /var/www/html/wp-includes/functions.php(1336): WP->main('') #5 /var/www/html/wp-blog-header.php(16): wp() #6 /var/www/html/index.php(17): require('/var/www/html/w...') #7 {main} thrown in /var/www/html/wp-includes/class-wp-query.php on line 2358
}}}
http://localhost:8888/?feed[]=admin
{{{
Fatal error: Uncaught TypeError: str_contains(): Argument #1 ($haystack) must be of type string, array given in /var/www/html/wp-includes/class-wp-query.php:1018 Stack trace: #0 /var/www/html/wp-includes/class-wp-query.php(1018): str_contains(Array, 'comments-') #1 /var/www/html/wp-includes/class-wp-query.php(1868): WP_Query->parse_query() #2 /var/www/html/wp-includes/class-wp-query.php(3824): WP_Query->get_posts() #3 /var/www/html/wp-includes/class-wp.php(696): WP_Query->query(Array) #4 /var/www/html/wp-includes/class-wp.php(816): WP->query_posts() #5 /var/www/html/wp-includes/functions.php(1336): WP->main('') #6 /var/www/html/wp-blog-header.php(16): wp() #7 /var/www/html/index.php(17): require('/var/www/html/w...') #8 {main} thrown in /var/www/html/wp-includes/class-wp-query.php on line 1018
}}}" xknown has-patch
Defects Awaiting Review 54258 WP_Query::is_tax() returns true on custom post type archives (5.8.1) Posts, Post Types normal defect (bug) new 2021-10-13T19:26:11Z 2021-10-19T13:52:35Z "I was testing the upgrade to 5.8.1 (from 5.7.3) on a copy of my (Lightsail/Bitnami-hosted) live instance and found that after upgrading to 5.8.1, a `post_type=` parameter is added to the URL when I navigate away from a page that displays posts from one of my custom post types. This happens whether or not I update plugins and themes.
E.g. I visit `/photographs`, then click to go to `/quotes`; `post_type=photos` gets added to the URL (i.e. `/quotes/?post_type=photos`) and it continues displaying photographs instead of quotes.
This happens both with my custom post types defined through the CPT plugin and with the ones I've defined in my own code. The parameter is not added when navigating away from standard post results.
Even if the parameter didn't interfere with the website's behavior, it would be a bug, as it's adding unnecessary and unwanted clutter to my URLs, but it does interfere and is a breaking change." arestelle 5.8.1
Defects Awaiting Review 39945 WP_Query::get_posts fails to correctly sanitize 'posts_per_page' Query normal defect (bug) new 2017-02-22T21:34:01Z 2020-03-03T22:32:24Z "WP_Query::get_posts fails to correctly sanitize the 'posts_per_page' argument when a negative value in range (-2, -1) is supplied.
== Example ==
The following get_posts query causes an exception:
{{{
get_posts(array('posts_per_page' => '-1.5'));
}}}
Exception: WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-1' at line 1 for query SELECT wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'post' AND ((wp_posts.post_status = 'publish')) ORDER BY wp_posts.post_date DESC LIMIT 0, -1 made by get_posts, WP_Query->query, WP_Query->get_posts
== Cause ==
Incomplete sanitization in WP_Query::get_posts(), line 1775 - 1779:
{{{
$q['posts_per_page'] = (int) $q['posts_per_page'];
if ( $q['posts_per_page'] < -1 )
$q['posts_per_page'] = abs($q['posts_per_page']);
elseif ( $q['posts_per_page'] == 0 )
$q['posts_per_page'] = 1;
}}}
== Impact ==
Some plugins (e.g. Woocommerce) initialize the posts_per_page argument with user supplied values and may suffer from an information disclosure vulnerability, depending on the webserver configuration.
Confirmed on the latest Wordpress version 4.7.2.
First reported at 19.02.2017 to security[at]wordpress.org without response (not nice!), so I assume you do not consider this security relevant in accordance with e.g. https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/#why-are-there-path-disclosures-when-directly-loading-certain-files" biisent 4.7.2 dev-feedback
Enhancements Awaiting Review 42703 WP_Query: Swap parsing date into own method Database normal enhancement new 2017-11-26T17:32:44Z 2019-01-16T06:50:09Z "The WP_Query::get_posts also parses the date query.
This is modular enough to swap it to its own method at last.
A proof of concept has been made and all tests are still green.
Some details and todos:
- see https://github.com/ScreamingDev/wordpress-develop-1/commit/6bb681e8caf4df8ba4811690ee19f12ad1755371
- Check if the whole logic can be shifted to WP_Date_Query::get_sql
Hint: The long run is about enabling WordPress to support multiple tables (per ""post-type""). To achieve this some enhancements to the current wpdb and WP_Query class are needed. This issues covers a small bit of it by refurbishing the source." screamingdev
Defects Awaiting Review 44259 wp_query: Post & Page Parameters doc section incorrect General normal defect (bug) new 2018-05-29T13:15:46Z 2018-05-29T13:46:25Z "The [[https://developer.wordpress.org/reference/classes/wp_query/#post-page-parameters|Post & Page Parameters]] section of the code ref page for `WP_Query` contains the following incorrect text:
{{{
post_name__in (array) – use post slugs. Specify posts to retrieve. (Will be available in version 4.4)
}}}
The ""Will be available in..."" text should be removed since 4.4 was released long ago." pbiron
Enhancements Awaiting Review 52167 WP_Query: always convert `any` post type values to public values. Query normal enhancement new 2020-12-24T01:01:27Z 2020-12-24T02:08:37Z "Instantiating a WP_Query with each of the following parameters will return all public post types (post, pages and attachments by default):
{{{#!php
'any' ] );
new WP_Query( [ 'post_type' => [ 'any' ] ] );
/*
WHERE 1=1
AND wp_posts.post_type IN ('post', 'page', 'attachment')
AND ((wp_posts.post_status <> 'trash' AND wp_posts.post_status <> 'auto-draft'))
*/
}}}
However, manually adding another post type to an array containing `any` will result in a query searching for the post types `any` and the subsequent post types. This is the case regardless as to whether the included types are public or private.
{{{#!php
[ 'any', 'post' ] ] );
/*
WHERE 1=1
AND wp_posts.post_type IN ('any', 'post')
AND ((wp_posts.post_status <> 'trash' AND wp_posts.post_status <> 'auto-draft'))
*/
new WP_Query( [ 'post_type' => [ 'any', 'revision' ] ] );
/*
WHERE 1=1
AND wp_posts.post_type IN ('any', 'revision')
AND ((wp_posts.post_status <> 'trash' AND wp_posts.post_status <> 'auto-draft'))
*/
}}}
I am writing up some basic tests and create a pull request on GH to demonstrate the unexpected queries." peterwilsoncc has-patch
Enhancements Awaiting Review 45092 WP_Query->is_category wrongly calculate current category when WP_Term is passed Taxonomy normal enhancement new 2018-10-15T12:45:06Z 2018-10-15T12:45:06Z "Let's analyze this piece of code, part of class WP_Query, file wp-includes/class-wp-query.php ...
{{{#!php
is_category )
return false;
if ( empty($category) )
return true;
$cat_obj = $this->get_queried_object();
$category = array_map( 'strval', (array) $category );
if ( in_array( (string) $cat_obj->term_id, $category ) )
return true;
elseif ( in_array( $cat_obj->name, $category ) )
return true;
elseif ( in_array( $cat_obj->slug, $category ) )
return true;
return false;
}
}}}
now, trying to pass 2 WP_Term, something really funny happens (i know specifications want the $category variable as a single id or slug or term_name, and not as class, but there was nothing blocking the thing to work, so i tried, and i wanted to report results).
$cat_obj value was
{{{#!php
int(7)
[""name""]=>
string(8) ""Consigli""
[""slug""]=>
string(8) ""consigli""
[""term_group""]=>
int(0)
[""term_taxonomy_id""]=>
int(7)
[""taxonomy""]=>
string(8) ""category""
[""description""]=>
string(0) """"
[""parent""]=>
int(0)
[""count""]=>
int(4)
[""filter""]=>
string(3) ""raw""
[""cat_ID""]=>
int(7)
[""category_count""]=>
int(4)
[""category_description""]=>
string(0) """"
[""cat_name""]=>
string(8) ""Consigli""
[""category_nicename""]=>
string(8) ""consigli""
[""category_parent""]=>
int(0)
}
}}}
the first WP_Term was
{{{#!php
int(7)
[""name""]=>
string(8) ""Consigli""
[""slug""]=>
string(8) ""consigli""
[""term_group""]=>
int(0)
[""term_taxonomy_id""]=>
int(7)
[""taxonomy""]=>
string(8) ""category""
[""description""]=>
string(0) """"
[""parent""]=>
int(0)
[""count""]=>
int(4)
[""filter""]=>
string(3) ""raw""
[""cat_ID""]=>
int(7)
[""category_count""]=>
int(4)
[""category_description""]=>
string(0) """"
[""cat_name""]=>
string(8) ""Consigli""
[""category_nicename""]=>
string(8) ""consigli""
[""category_parent""]=>
int(0)
}
}}}
The second term was instead:
{{{#!php
int(5)
[""name""]=>
string(4) ""News""
[""slug""]=>
string(4) ""news""
[""term_group""]=>
int(0)
[""term_taxonomy_id""]=>
int(5)
[""taxonomy""]=>
string(8) ""category""
[""description""]=>
string(0) """"
[""parent""]=>
int(0)
[""count""]=>
int(7)
[""filter""]=>
string(3) ""raw""
[""cat_ID""]=>
int(5)
[""category_count""]=>
int(7)
[""category_description""]=>
string(0) """"
[""cat_name""]=>
string(4) ""News""
[""category_nicename""]=>
string(4) ""news""
[""category_parent""]=>
int(0)
}
}}}
Please be aware that $cat_obj->term_id is 7, first term term_id is 7, and second term category_count is 7.
When the WP_Term object passes into this
{{{#!php
term_id, $category ) )
return true;
}}}
will return true for both searched terms.
More generally, if {{{$cat_obj->term_id}}} or {{{$cat_obj->name}}} or {{{$cat_obj->slug}}} are in some ways contained in searched WP_Term, this method will always return true. I know you need to respect old styled code, but nowadays we're best working with objects, so i'm wondering if you could do a more pointed and precise logging of these kind of errors. For example, you could hook a logger in each is_something method of class WP_Query, when you can check if we passed an instanceof the correct class (WP_Term for is_tag, is_category, is_tax etc) and warn if we passed a wrong class. Or if you have a better way to solve this, my ears are opened :)" matteowebsolution 4.9.8
Defects Awaiting Review 52971 WP_Query's meta_query With Multiple EXISTS keys and OR Relation Doesn't Work Properly Query critical defect (bug) new 2021-04-05T12:31:53Z 2021-04-05T12:31:53Z "Hi There!
Another Very Weird Issue :)
Using WP_Query's [meta_query] with **OR relation** and Multiple **EXISTS Keys** generates a very long unnecessary inner joins relation and **stuck in an infinite loop** and **consume the MySQL resources** with high load.
I'm trying to get all post IDs that have one of 50 meta keys to replace with new keys, So I collect all meta keys using foreach statement with **OR relation** and pass it to the [meta_query] in WP_Query .. Very simple but I noticed that there's no result and infinite page load and using high resources of MySQL.
I create the SQL statement with $wpdb and it works very fast, So I create a new WP_MetaQuery object to see the result and I noticed a huge unnecessary INNER JOINs relation.
**Here's a full example:**
1. Insert 100 Test Posts and 50 Metas For Each: Append [?action=insert] in the URL
2. Try to get posts using WP_Query: Append [?action=wp_query_and_meta_query] in URL - **RESULT: Infinite Loop**
3. Try to use $wpdb instead: Append [?action=wpdb_query_get_ids] in URL - **RESULT: Success, Takes few seconds**
4. See the SQL statement generated by WP_MetaQuery: add [?action=show_meta_query_clause] - **RESULT: a Huge unnecessary **INNER JOIN x AS x# ON y** relation**
5. [?action=wpdb_query_delete] to delete all added posts only.
{{{
add_action('wp', 'oxibug_trigger_action');
/**
* Trigger Suitable Function
*
* @return void
*/
function oxibug_trigger_action() {
if( ! isset( $_GET['action'] ) ) {
return;
}
$action = wp_strip_all_tags( $_GET['action'] );
switch( strtolower( $action ) ) {
case 'insert': {
oxibug_insert_posts_and_metas();
} break;
case 'wp_query_and_meta_query': {
oxibug_WP_Query_and_meta_query();
} break;
case 'show_meta_query_clause': {
oxibug_show_meta_query_clause();
} break;
case 'wpdb_query_get_ids': {
oxibug_wpdb_query_get_ids();
} break;
case 'wpdb_query_delete': {
oxibug_wpdb_query_delete();
} break;
}
}
/**
* Return New Meta Key
*
* @param mixed $key
* @return string
*/
function oxibug_get_new_meta_key( $key ) {
return sanitize_text_field( sprintf( 'oxibug_xyz%s', $key ) );
}
/**
* Return Key-Value Pairs array with Old and New meta keys
*
* @return array
*/
function oxibug_legacy_and_new_meta_keys() {
return [
'oxibug_abc_post_main_color' => oxibug_get_new_meta_key('_page_main_color'),
'oxibug_abc_page_layout' => oxibug_get_new_meta_key('_page_layout'),
'oxibug_abc_post_sbwide' => oxibug_get_new_meta_key('_page_sb_wide'),
'oxibug_abc_post_sbnarrow' => oxibug_get_new_meta_key('_page_sb_narrow'),
'oxibug_abc_page_sbwide' => oxibug_get_new_meta_key('_page_sb_wide'),
'oxibug_abc_page_sbnarrow' => oxibug_get_new_meta_key('_page_sb_narrow'),
'oxibug_abc_self_video_m4v_url' => oxibug_get_new_meta_key('_format_video_selfhosted_mp4'),
'oxibug_abc_self_video_ogv_url' => oxibug_get_new_meta_key('_format_video_selfhosted_ogv'),
'oxibug_abc_self_video_webmv_url' => oxibug_get_new_meta_key('_format_video_selfhosted_webmv'),
'oxibug_abc_self_video_poster_url' => oxibug_get_new_meta_key('_format_video_selfhosted_poster'),
/* Audio */
'oxibug_abc_soundcloud_url' => oxibug_get_new_meta_key('_format_audio_oembed'),
'oxibug_abc_self_audio_mp3_url' => oxibug_get_new_meta_key('_format_audio_selfhosted_mp3'),
'oxibug_abc_self_audio_oga_url' => oxibug_get_new_meta_key('_format_audio_selfhosted_ogg'),
'oxibug_abc_self_audio_m4a_url' => oxibug_get_new_meta_key('_format_audio_selfhosted_m4a'),
/* Post Formats: Image | Video */
'oxibug_abc_lightbox_check' => oxibug_get_new_meta_key('_format_image_lighbox_enable'),
'oxibug_abc_post_banner_caption' => oxibug_get_new_meta_key('_format_status_banner_caption'),
'oxibug_abc_quote_text' => oxibug_get_new_meta_key('_format_quote_text'),
'oxibug_abc_quote_author' => oxibug_get_new_meta_key('_format_quote_author_name'),
'oxibug_abc_url_text' => oxibug_get_new_meta_key('_format_link_text'),
'oxibug_abc_url_destination' => oxibug_get_new_meta_key('_format_link_url'),
/*
* Layout Settings - if Old = [hide] turn ON the new option
*
* */
'oxibug_abc_post_breadcrumb' => oxibug_get_new_meta_key('_hide_breadcrumb'),
'oxibug_abc_post_meta_info' => oxibug_get_new_meta_key('_hide_metas'),
'oxibug_abc_post_share_box' => oxibug_get_new_meta_key('_hide_share_icons'),
'oxibug_abc_post_tags' => oxibug_get_new_meta_key('_hide_tags_box'),
'oxibug_abc_post_author_box' => oxibug_get_new_meta_key('_hide_author_box'),
'oxibug_abc_related_posts' => oxibug_get_new_meta_key('_hide_related_posts_box'),
'oxibug_abc_posts_navigation' => oxibug_get_new_meta_key('_hide_nav_box'),
/* Review Items */
'oxibug_abc_post_review_types' => oxibug_get_new_meta_key('_review_type'), /* [disabled] => Add 0 to the new meta [_review_show] */
'oxibug_abc_post_review_position' => oxibug_get_new_meta_key('_review_position'),
'oxibug_abc_post_reviews_summation' => oxibug_get_new_meta_key('_review_items_avg'), /* This field is Dynamic - SUM of all review items */
'oxibug_abc_review_item' => oxibug_get_new_meta_key('_review_items'),
'oxibug_abc_post_review_title' => oxibug_get_new_meta_key('_review_title'),
'oxibug_abc_post_review_desc' => oxibug_get_new_meta_key('_review_desc'),
'oxibug_abc_post_review_summary_title' => oxibug_get_new_meta_key('_review_summary_title'),
'oxibug_abc_post_review_summary_desc' => oxibug_get_new_meta_key('_review_summary_desc'),
'oxibug_abc_post_review_user_rates' => oxibug_get_new_meta_key('_review_user_ratings_status'),
'oxibug_abc_post_review_user_rates_bgcolor' => oxibug_get_new_meta_key('_review_user_ratings_result_bgcolor'),
'oxibug_abc_post_review_btn_text' => oxibug_get_new_meta_key('_review_add_btn_text'),
'oxibug_abc_post_review_btn_icon' => oxibug_get_new_meta_key('_review_add_btn_icon'),
'oxibug_abc_post_review_btn_url' => oxibug_get_new_meta_key('_review_add_btn_url'),
'oxibug_abc_post_review_btn_bgcolor' => oxibug_get_new_meta_key('_review_add_btn_bgcolor'),
'oxibug_abc_post_review_pros_word' => oxibug_get_new_meta_key('_review_pros_word'),
'oxibug_abc_post_review_pros_icon' => oxibug_get_new_meta_key('_review_pros_icon'),
'oxibug_abc_post_review_pros_list' => oxibug_get_new_meta_key('_review_pros_list'),
'oxibug_abc_post_review_cons_word' => oxibug_get_new_meta_key('_review_cons_word'),
'oxibug_abc_post_review_cons_icon' => oxibug_get_new_meta_key('_review_cons_icon'),
'oxibug_abc_post_review_cons_list' => oxibug_get_new_meta_key('_review_cons_list'),
/* Post Views */
'oxibug_abc_post_views_count' => oxibug_get_new_meta_key('_post_views'),
];
}
/**
* Insert 100 Test Posts and some Meta Keys
*
*/
function oxibug_insert_posts_and_metas() {
$legacy_and_new_keys = oxibug_legacy_and_new_meta_keys();
$result = [];
for( $i=0; $i<100; $i++ ) {
$post_id = wp_insert_post( [
'post_type' => 'post',
'post_title' => wp_strip_all_tags( sprintf( 'Test Meta Query Post #:%s', $i ) ),
'post_content' => sprintf( 'Test Meta Query Post Content #:%s', $i ),
'post_content_filtered' => '',
'post_excerpt' => '',
'post_status' => 'publish',
// 'post_author' => 1,
// 'post_category' => [],
'comment_status' => '',
'ping_status' => '',
'post_password' => '',
'to_ping' => '',
'pinged' => '',
'post_parent' => 0,
'menu_order' => 0,
'guid' => '',
'import_id' => 0,
'context' => '',
'post_date' => '',
'post_date_gmt' => '',
], TRUE, TRUE );
if( ! is_wp_error( $post_id ) ) {
$result[ $post_id ] = [];
foreach( (array) array_keys( $legacy_and_new_keys ) as $_legacy_key ) {
$upstatus = update_post_meta( $post_id, $_legacy_key, '' );
$result[ $post_id ][ $_legacy_key ] = $upstatus ? 'Added' : 'Failed';
}
/* Clean Cache */
clean_post_cache( $post_id );
}
else {
echo 'ERROR: Insert Post Failed!';
}
}
/* DEBUG */
echo sprintf( '%d Posts Inserted', count( $result ) );
// echo print_r( $result );
}
/**
* --- DEBUG ---
* Show the Meta Query SQL Statement
*
*/
function oxibug_show_meta_query_clause() {
/**
*
* @var wpdb
* */
global $wpdb;
$legacy_meta_keys = oxibug_legacy_and_new_meta_keys();
$meta_query = [
'relation' => 'OR'
];
foreach( (array) array_keys( $legacy_meta_keys ) as $_legacy_key ) {
$meta_query[] = [
'key' => $_legacy_key,
'compare' => 'EXISTS'
];
}
$objMetaQuery = new WP_Meta_Query( $meta_query );
echo print_r( $objMetaQuery->get_sql( 'post', $wpdb->posts, 'ID', NULL ) );
}
/**
* Query using WP_Query and meta_query key inside it
*
*/
function oxibug_WP_Query_and_meta_query() {
/**
*
* @var wpdb
* */
global $wpdb;
$legacy_meta_keys = oxibug_legacy_and_new_meta_keys();
$meta_query = [
'relation' => 'OR'
];
foreach( (array) array_keys( $legacy_meta_keys ) as $_legacy_key ) {
$meta_query[] = [
'key' => $_legacy_key,
'compare' => 'EXISTS'
];
}
$obj_WP_Query = new WP_Query( [
'numberposts' => -1,
'paged' => null,
'post_type' => 'post',
'post_status' => 'publish',
'meta_query' => $meta_query,
'fields' => 'ids',
'cache_results' => false,
] );
/*
* Stuck in an Infinite Loop Because of the Huge SQL Statement
* generated by [meta_query]
*
* */
if( $obj_WP_Query->have_posts() ) {
echo sprintf( '%d Posts Found', $obj_WP_Query->found_posts );
/* DEBUG - NOT Working - */
// echo print_r( $obj_WP_Query->meta_query->get_sql( 'post', $wpdb->posts, 'ID', NULL ) );
}
else {
echo 'No Posts Found';
}
$obj_WP_Query->reset_postdata();
wp_cache_flush();
}
/**
* Get Posts IDs by one of the meta_key(s) provided
*
*/
function oxibug_wpdb_query_get_ids() {
global $wpdb;
$legacy_meta_keys = oxibug_legacy_and_new_meta_keys();
$qry = ""SELECT DISTINCT tbl_posts.ID FROM {$wpdb->posts} tbl_posts INNER JOIN {$wpdb->postmeta} tbl_metas ON ( tbl_posts.ID = tbl_metas.post_id ) WHERE"";
/* Add [OR] in the second condition */
$where_clause = 0;
foreach( (array) array_keys( $legacy_meta_keys ) as $_legacy_key ) {
$where_clause++;
$qry .= ( $where_clause === 1 ) ?
$wpdb->prepare( ' tbl_metas.meta_key = %s', esc_sql( $_legacy_key ) ) :
$wpdb->prepare( ' OR tbl_metas.meta_key = %s', esc_sql( $_legacy_key ) );
}
$result = $wpdb->get_results( $qry );
$wpdb->flush();
echo print_r( wp_list_pluck( $result, 'ID' ) );
}
/**
* --- DEBUG ---
*
* DELETE all added Posts by meta_key(s)
*
*/
function oxibug_wpdb_query_delete() {
global $wpdb;
$legacy_meta_keys = oxibug_legacy_and_new_meta_keys();
$qry = ""DELETE tbl_posts, tbl_metas FROM {$wpdb->posts} tbl_posts INNER JOIN {$wpdb->postmeta} tbl_metas ON ( tbl_posts.ID = tbl_metas.post_id ) WHERE"";
$where_clause = 0;
foreach( (array) array_keys( $legacy_meta_keys ) as $_legacy_key ) {
$where_clause++;
$qry .= ( $where_clause === 1 ) ?
$wpdb->prepare( ' tbl_metas.meta_key = %s', esc_sql( $_legacy_key ) ) :
$wpdb->prepare( ' OR tbl_metas.meta_key = %s', esc_sql( $_legacy_key ) );
}
$result = $wpdb->get_results( $qry );
$wpdb->flush();
}
}}}
" oxibug 5.7 needs-patch
Defects Awaiting Review 43634 WP_Query returns wrong result if 10+ search terms and all negative. Query normal defect (bug) new 2018-03-26T15:09:42Z 2019-01-17T01:18:05Z "Set up: create single post with title or body ""Don't match this one!""
Use WP_query with 's' parameter:
{{{
-one -two -three -four -five -six -seven -eight -nine -ten
}}}
WP_Query will find and return the single post and it shouldn't.
Less than 10 negative search terms works fine.
I believe it has to do with a special 'if clause' in the function '''parse_search''' in ''class-wp-query.php''
{{{
// if the search string has only short terms or stopwords, or is 10+ terms long, match it as sentence
if ( empty( $q['search_terms'] ) || count( $q['search_terms'] ) > 9 ) {
$q['search_terms'] = array( $q['s'] );
}
}}}
this makes
{{{
JPH q['search_terms'] : Array
(
[0] => -one -two -three -four -five -six -seven -eight -nine -ten
)
}}}
and later in the function the search variable becomes
{{{
JPH search variable is: AND (((testsite_posts.post_title NOT LIKE '{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}one -two -three -four -five -six -seven -eight -nine -ten{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}') AND (testsite_posts.post_excerpt NOT LIKE '{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}one -two -three -four -five -six -seven -eight -nine -ten{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}') AND (testsite_posts.post_content NOT LIKE '{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}one -two -three -four -five -six -seven -eight -nine -ten{07e030b91cb064568b0acafd83d99152667b06f2ffd415e48cd2d2f458c2c217}'))) AND (testsite_posts.post_password = '')
}}}
" johnh10
Defects Awaiting Review 55748 wp_query post_type taxonomies doesn't accept array in url if hierarchical Query minor defect (bug) new 2022-05-17T13:53:10Z 2022-05-17T13:53:10Z "if you put the custom taxonomy in the url with an array value
i.e. ?custom_tax[]=term-1&custom_tax[]=term-2
it should filter by those terms
however if you look at the code for wp_query if the taxonomy is hierarchical it is put through wp_basename which cannot process arrays and so the input is completely lost
https://github.com/WordPress/WordPress/blob/102004b50565c767390328aef2357a235d60b026/wp-includes/class-wp-query.php#L1131-L1151
to resolve either we need to move the if(is_array()) above the wp_basename if or make wp_basename accept arrays
" dg12345 5.9.3
Defects Awaiting Review 42546 WP_Query not handling 'LIKE' correctly. Query normal defect (bug) new 2017-11-14T16:27:03Z 2018-03-14T09:30:49Z "I am doing custom PHP to retrieve listings (as a CPT) from the database for a Realty Company website I'm working on and one of the criteria is searching on the city from a search field on a form. The problem is the generated SQL has some sort of guid in it instead of the expected percent character normally used with LIKE. Here is the generated SQL from WP_Query:
{{{
SELECT SQL_CALC_FOUND_ROWS wp_posts.* FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) INNER JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id ) WHERE 1=1 AND ( ( wp_postmeta.meta_key = 'city' AND wp_postmeta.meta_value LIKE '{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}fairfield{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}' ) AND ( mt1.meta_key = 'beds' AND mt1.meta_value >= '0' ) ) AND wp_posts.post_type = 'listings' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future' OR wp_posts.post_status = 'draft' OR wp_posts.post_status = 'pending' OR wp_posts.post_status = 'private') GROUP BY wp_posts.ID ORDER BY wp_posts.post_date DESC LIMIT 0, 10
}}}
As you can see the generated code for searching the ""city"" field is:
{{{
wp_postmeta.meta_value LIKE '{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}fairfield{f270e6c7d3b231242ceefa28fdd47243cac2100fe4fe8c9df633ec6f3cc2f583}'
}}}
The ""expected"" code should look like this:
{{{
wp_postmeta.meta_value LIKE '%fairfield%'
}}}
The form is found here: https://millersells.com/search-2/
After making selections and clicking the Search button it calls itself with url parameters and you get one of these errors:
""Fatal error: Maximum execution time of 60 seconds exceeded in /home/extremx1/public_html/millersells2017b/wp-includes/query.php on line 0""
OR
""Fatal error: Maximum execution time of 60 seconds exceeded in /home/extremx1/public_html/millersells2017b/wp-includes/class-wp-query.php on line 3090""
(Example URL with parameters: https://millersells.com/search-2/?cf_id=37&loc=fairfield&type=SingleFamilyHome&beds=3&baths=2&min_price=0&max_price=0)
I am using this PHP code to create the query (for now I'm just working with 2 of the search fields):
{{{
array( 'listings' ),
'meta_query' => array(
array(
'key' => 'city',
'value' => $location,
'type' => 'CHAR',
'compare' => 'LIKE',
),
array(
'key' => 'beds',
'value' => $bedrooms,
'compare' => '>='
)
)
);
$the_query = new WP_Query( $args );
?>
}}}
To see the generated SQL I added this code at line 2752 in wp_includes/class-wp-query.php: echo $this->request;
Also to aid in debugging I would suggest you add a ""generated_sql"" parameter to the query object that we can echo to see what the actual generated SQL looks like. EX: {{{echo $the_query->generated_sql;}}}
Thanks!
Tim :o]
PS: Your welcome to contact me at tberneman@gmail.com" tberneman 4.8.3
Reporter Feedback / Close 59172 wp_query meta_query NOT EXISTS not creating correct sql query Database normal defect (bug) new 2023-08-23T12:53:28Z 2023-09-05T16:55:37Z "With the following wp_query:
{{{#!php
""ids"",
""post_type"" => ""shop_order"",
""post_status"" => array('wc-processing'),
""posts_per_page"" => ""-1"",
""offset"" => ""0"",
'meta_query' => array(
'relation' => 'AND',
array(
'key' => 'scg_is_glass',
'value' => ""1"",
),
[
'relation' => 'OR',
[
'key' => 'scg_processed',
'value' => ""0"",
'compare' => '=',
],
[
'key' => 'scg_processed',
'value' => ""0"",
'compare' => 'NOT EXISTS',
],
]
),
'date_query' => array(
array(
'after' => date('Y-m-d', strtotime('-1 month')),
),
),
);
}}}
The outputeed sql query is the following:
SELECT wp_posts.ID
FROM wp_posts
LEFT JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id )
LEFT JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id )
LEFT JOIN wp_postmeta AS mt2 ON ( wp_posts.ID = mt2.post_id AND mt2.meta_key = 'scg_processed' )
WHERE 1=1
AND (wp_posts.post_date > '2023-07-23 23:59:59')
AND (
( wp_postmeta.meta_key = 'scg_is_glass' AND wp_postmeta.meta_value = '1' )
AND (
( mt1.meta_key = 'scg_processed' AND mt1.meta_value = '0' )
OR **mt2.post_id IS NULL**
)
)
AND wp_posts.post_type = 'shop_order'
AND ((wp_posts.post_status = 'wc-processing'))
GROUP BY wp_posts.ID
ORDER BY wp_posts.post_date DESC
If you looked at the bolded (mt2.post_id IS NULL) above you would expect it to be:
**( mt2.meta_key = 'scg_processed' AND mt2.meta_value IS NULL )**" anteatersa 6.3 reporter-feedback
Defects Awaiting Review 60468 "WP_Query matches any post when query parameter ""name"" is an empty string" Query minor defect (bug) new 2024-02-07T17:25:07Z 2024-02-07T17:25:07Z "`WP_Query` matches any post when query parameter `name` is an empty string.
For example:
{{{
$query = new WP_Query([
'name' => '',
'post_type' => 'post',
'posts_per_page' => 1,
]);
var_dump($query->posts);
}}}
The same is true for `get_posts()` which uses `WP_Query` internally.
This might be the intended behavior, but it's unintuitive and surprising. It can (did) cause a bug in user code that expects such a query to return no results." miyarakira
Defects Awaiting Review 47802 WP_Query get_posts sometimes inserts contradictory taxonomy queries Query normal defect (bug) new 2019-07-30T18:15:54Z 2020-09-04T15:17:24Z "In our website, we have a custom taxonomy called 'section.' It figures prominently in a query we're doing. Here's a (lightly anonymized) dump of the array we pass to the WP_Query constructor, before calling get_posts() on the query created:
{{{
[posts_per_page] => 25
[post_type] => post
[tax_query] => Array
(
[0] => Array
(
[operator] => IN
[taxonomy] => section
[field] => slug
[terms] => Array
(
[0] => section1
[1] => section2
[2] => section3
[3] => section4
)
)
[1] => Array
(
[operator] => NOT IN
[taxonomy] => section
[field] => slug
[terms] => Array
(
[0] => section5
)
)
[relation] => AND
)
[orderby] => post_date
[order] => DESC
}}}
We had a problem where many posts that should be returned here, are not. After much digging, I found the problem in get_posts. specifically in the segment of code commented:
{{{
/*
* Set 'taxonomy', 'term', and 'term_id' to the
* first taxonomy other than 'post_tag' or 'category'.
*/
}}}
It's true, the code is doing just that. It's adding a taxonomy parameter. But it's picking up one of the sections that is supposed to be one of several possibilities the section can be IN, not required. It then makes that one single section required in an appended AND! Sample (again, lightly anonymized) SQL segment of the obviously self-contradictory conditions created (where 1001-1005 are the IDs corresponding to sections 1-5)
{{{
wp_term_relationships.term_taxonomy_id IN (1001, 1002, 1003, 1004)
AND
wp_posts.ID NOT IN (
SELECT object_id
FROM wp_term_relationships
WHERE term_taxonomy_id IN (1005)
)
AND
tt1.term_taxonomy_id IN (1001)
)
}}}
That third clause, the final IN (1001) is being added by get_posts in the above-commented section. That's why we only get a fraction of the posts we're supposed to get. It's effectively overriding most of our IN list!
I can work around this by prepending to my tax_query an effective no-op using some custom taxonomy, but this seems like a problem that should be addressed in the WP core.
thank you," nstevensdc
Reporter Feedback / Close 58600 wp_query Enhancement Query normal feature request new 2023-06-22T13:21:56Z 2023-07-03T16:51:04Z "I wolud like to enhance the wp_query to retrive post base on catgory orders.
Category Ex. with post
Mobile -: Post-1, Post-3, Post-6
Appliance -: Post-2, Post-8, Post-10
I Need Posts like in this order using wp_query of order by category ASC/DESC
Current output is according to ID order
Post-1
Post-2
Post-3
Post-6
Post-8
Post-10
Expected output
Post-2
Post-8
Post-10
Post-1
Post-3
Post-6" thakordarshil 6.2 close
Defects Awaiting Review 44372 WP_Query cannot properly order by nested Parent/Child relationships Query minor defect (bug) new 2018-06-14T19:28:48Z 2018-06-14T20:23:58Z "Steps to reproduce the problem:
- Create a new CPT named `series`.
- Create numerous parent/child relationships in no particular order. Some are nested since we have the concept of seasons and episoded in series. These will not fit properly with taxonomies because data for each ""Season 1"" is unique to the parent series.
- The parent can be added after the child is created and then associated (important as the date is taken into account here as it is unreliable in this case and is a very realistic scenario).
- use `menu_order` as a way to order these items. Seasons `menu_order` will be the season number and episodes are most commonly going to be used 1-10. One could argue season 2 should be 20-30 but that is not normal user expectation when using the system (I already have teams working on this and they all favor 1-10 and not 20... 30... per season. I tried...)
Basically, what you are creating is a bunch of series that have seasons as their immediate children then these seasons have episodes assigned to them. Typical series structure.
Series (parent) -> Season (child of Series, parent of Episode) -> Episode (child of Season).
I can easily filter the results for parents and list the children. The issue I have is that I am not able to sort by children properly.
What I expect is a structure like:
Game of Thrones
{{{
- Season 1
-- Episode 1
-- Episode 2
-- Episode 3
- Season 2
-- Episode 1
-- Episode 2
-- Episode 3
- Season 3
-- Episode 1
-- Episode 2
-- Episode 3
...
}}}
What I get:
Game of Thrones
{{{
- Season 1
- Season 2
- Season 3
-- Episode 1 - season 3
-- Episode 2 - season 3
-- Episode 3 - season 3
-- Episode 1 - season 1
-- Episode 2 - season 1
-- Episode 3 - season 1
-- Episode 1 - season 2
-- Episode 2 - season 2
-- Episode 3 - season 2
...
}}}
I have tried playing with the orderby for all available options and I can not get the structure I expect.
It seems like this is a limitation with the table design as menu_order and post_parent are not enough to create this structure. In fact, you can pretty much only do what I am getting, not what I would expect. It would seem that we need a better way to handle deeper parent/child relationships for this to order properly. Perhaps a meta field would help with this.
I'm not sure if there is anything that can be done here. I am very doubtful. I may have to rethink the system and add more meta fields for ordering as this is going to be a problem for the project.
Reporting this here to see if it's worth anyone's time to research.
I've included my class to help with testing.
{{{
_getAllSeriesParents();
if (empty($_series)) {
return;
}
$selected = isset($_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE]) ? $_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE] : '';
?>
""
name="""">
$sTitle) : ?>
"" >
is_main_query()) {
return $query;
}
// Ensure proper post_type and that we have the request var
if ('series' !== $query->query['post_type'] || empty($_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE])) {
// No need to filter, not where we want to be
return $query;
}
// Ok, let's extend the WP_Query to use our filter
// Fetch Series Object so we can extract the season post IDs
$_seriesObject = VideoFactory::getObject($_REQUEST[self::REQUEST_SERIES_NAME_VARIABLE]);
$_seriesSeasons = $_seriesObject->getSeasons();
$_seriesSeasons = array_keys($_seriesSeasons); // gets the season post ID
// build $_parentIDs to be used to limit the result set
$_parentIDs = [(int)$_seriesObject->getPostID()];
$_parentIDs = array_merge($_parentIDs, $_seriesSeasons);
// Modify the query object to use our new filter
$query->query_vars['post_parent__in'] = $_parentIDs;
$query->query_vars['orderby'] = [
'parent' => 'ASC',
'menu_order' => 'ASC'
];
return $query;
}
/**
* Returns all series parents
* @return mixed
*/
private function _getAllSeriesParents() {
if (NULL === $this->allSeriesParents) {
// Build query for genre query
$args = array(
'posts_per_page' => -1,
'post_status' => 'publish',
'orderby' => 'title',
'order' => 'ASC',
'post_parent' => 0,
'post_type' => array(
'series'
),
'ignore_sticky_posts' => 1
);
// Do query
$wpQuery = new \WP_Query($args);
if ($wpQuery->have_posts()) {
foreach ($wpQuery->get_posts() as $p) {
// Normal loop logic using $p as a normal WP_Post object
$this->allSeriesParents[$p->ID] = $p->post_title;
}
}
}
return $this->allSeriesParents;
}
}
}}}
Series CPT is:
{{{#!php
array(
'name' => __('Series', 'parables_core'),
'singular_name' => __('Series', 'parables_core'),
'featured_image' => __('Poster Image', 'parables_core'),
'set_featured_image' => __('Set Poster Image', 'parables_core'),
'remove_featured_image' => __('Remove Poster Image', 'parables_core'),
'use_featured_image' => __('Use Poster Image', 'parables_core'),
),
'public' => true,
'menu_position' => 21,
'menu_icon' => 'dashicons-video-alt2',
'hierarchical' => true,
'capability_type' => 'series',
'capabilities' => array(
'edit_post' => ""edit_{$capabilityType}"",
'read_post' => ""read_{$capabilityType}"",
'delete_post' => ""delete_{$capabilityType}"",
'edit_posts' => ""edit_{$capabilityType}s"",
'edit_others_posts' => ""edit_others_{$capabilityType}s"",
'publish_posts' => ""publish_{$capabilityType}s"",
'read_private_posts' => ""read_private_{$capabilityType}s"",
'delete_posts' => ""delete_{$capabilityType}s"",
'delete_private_posts' => ""delete_private_{$capabilityType}s"",
'delete_published_posts' => ""delete_published_{$capabilityType}s"",
'delete_others_posts' => ""delete_others_{$capabilityType}s"",
'edit_private_posts' => ""edit_private_{$capabilityType}s"",
'edit_published_posts' => ""edit_published_{$capabilityType}s""
),
'rewrite' => array(
'with_front' => false
),
'supports' => array(
'title',
'editor',
'page-attributes',
),
)
);
}}}
" son9ne 4.9.6
Defects Awaiting Review 40387 WP_Query bug with product post type with search parameter on Query normal defect (bug) reopened 2017-04-07T11:07:02Z 2017-04-18T21:09:16Z "I am not sure if it is a WordPress core bug, but seems like it! I have 5 different custom post types along with 'product' post type from Woocommerce.
The following query gives (only) product result:
{{{
$args = array(
'post_type' => array('product'),
'posts_per_page' => 5,
'post_status' => array('publish', 'future')
);
}}}
Actual query output:
{{{SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.post_type = 'product' AND ((wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future')) ORDER BY wp_posts.post_date DESC LIMIT 0, 5}}}
But the following query:
{{{
$args = array(
'post_type' => array('product'),
's' => 'mobile',
'posts_per_page' => 5,
'post_status' => array('publish', 'future')
);
}}}
outputs this (even post_type is specified the query is generated to search all other post types and surprisingly not product):
{{{SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND (((wp_posts.post_title LIKE '%htc%') OR (wp_posts.post_excerpt LIKE '%htc%') OR (wp_posts.post_content LIKE '%htc%'))) AND wp_posts.post_type IN ('post', 'travelog', 'hotel-info', 'trips', 'package_tour') AND ((wp_posts.post_status = 'publish' OR wp_posts.post_status = 'future')) ORDER BY wp_posts.post_title LIKE '%htc%' DESC, wp_posts.post_date DESC LIMIT 0, 5}}}
and brings up results from all other post types and simply ignoring product.
" subrataemfluence 4.7.3
Defects Awaiting Review 47009 WP_Query bug with author=0 Query normal defect (bug) new 2019-04-22T07:10:12Z 2019-04-22T08:17:08Z "Hi all,
I found a weird behaviour of WP_Query using the argument author.
If author is set to 0, the query returns all the posts and not an empty set.
Is this a wanted behaviour or a bug?" mikylucky
Enhancements Awaiting Review 44370 wp_privacy_delete_old_export_files runs too much on some setups Privacy normal enhancement new 2018-06-14T14:38:31Z 2019-06-19T12:10:21Z "The `wp_privacy_delete_old_export_files` cron job added in [43046] #43546 runs on an hourly schedule. On large multisite networks, this means that these cleanup are running more or less constantly. Yet they're almost never needed.
It's possible to write a plugin that modifies the behavior, by changing the way that scheduling is done so that it conforms better to the needs of a large network. However, I thought it might be worth considering whether there are changes that WP itself could make that would mitigate the problem for all installations. A few ideas, some of which are mutually compatible:
1. Instead of scheduling the event on 'init', only schedule it when an export file is generated.
2. During the cleanup routine, check for the existence of export files. If none are found, unschedule the recurring event (or don't schedule the next one)
3. In combination with the above, use single events rather than recurring ones
4. Perhaps the cleanup routine itself would be a single event, while a less-frequent (say, daily) recurring event would be to check whether specific cleanup events need to be scheduled (these would be cases missed by 1)
If the team thinks this is too complex, or should be left up to the maintainer of the site in cases where it makes a difference, feel free to close the ticket." boonebgorges 4.9.6 needs-patch
Defects Awaiting Review 47640 "WP_Posts_List_Table::get_views() doesn't allow the ""Mine"" counts to be filtered" Posts, Post Types normal defect (bug) new 2019-07-02T16:37:23Z 2021-05-08T18:51:27Z "[https://developer.wordpress.org/reference/classes/wp_posts_list_table/get_views/ WP_Posts_List_Table::get_views()] calls [https://developer.wordpress.org/reference/functions/wp_count_posts/ wp_count_posts()] to get the counts for the various post statuses.
It then computes the count for posts owned by the current user for use in the ""Mine"" view. That computation uses `$this->user_posts_count` which is computed in [https://developer.wordpress.org/reference/classes/wp_posts_list_table/__construct/ WP_Posts_List_Table::__construct()] with custom SQL.
The problem is that if you hook into the [https://developer.wordpress.org/reference/hooks/wp_count_posts/ wp_count_posts] filter and alter the counts for each post status you can end up with a situation where the ""Mine"" count is very different than the sum of the post status counts.
For example, I've got a CPT where some (but not all) of the posts of that type are just ""placeholders"" for posts of another CPT. I hide those ""placeholder"" posts from the list table by hooking into [https://developer.wordpress.org/reference/hooks/request/ request] and altering the request that the list table uses. I then hook into `wp_count_posts` to adjust the counts by post status accordingly (e.g., don't count the ""hidden"" posts). This results in a situation that could be **very** confusing for users (see screenshot).
Thus, I suggest that a filter be added to filter the value of `$this->user_posts_count`.
" pbiron has-patch
Enhancements Awaiting Review 40711 WP_Post:get_instance: Update cache if $_post->filter is empty Posts, Post Types normal enhancement new 2017-05-10T09:52:07Z 2017-05-10T12:48:51Z "WP_Post::get_instance always returns raw filtered posts. At least in my tests it gets many hits where a post is already cached, but not filtered. For each hit it calls sanitize_post again.
To improve performance, if a cached post isn't filtered, update the cache after calling sanitize_post.
class-wp-post.php, line 228:
Instead of
{{{#!php
} elseif ( empty( $_post->filter ) ) {
$_post = sanitize_post( $_post, 'raw' );
}
}}}
add wp_cache_replace
{{{#!php
} elseif ( empty( $_post->filter ) ) {
$_post = sanitize_post( $_post, 'raw' );
wp_cache_replace( $_post->ID, $_post, 'posts' );
}
}}}
This significantly reduces unnecessary calls to sanitize_post.
" greencp 4.7.4 has-patch
Defects Awaiting Review 49656 WP_Plugins_List_Table: redirects on core row actions when the current view is a custom view Plugins normal defect (bug) new 2020-03-16T18:49:55Z 2020-03-16T18:49:55Z "`WP_Plugins_List_Table::__construct()` sets a global variable to the current value of the `plugin_status` query arg. That global is used in the URLs of the row action links ('activate', 'deactivate', etc) core adds, so that when a user clicks any of those links the user is returned to same view they were on.
Like all good list tables, `WP_Plugins_List_Table` allows custom views to be added (with the `views_plugins` and `views_plugins-network` filters).
The problem is that the list table constructor sets the global variable to 'all' if `plugin_status` query arg is for a custom one.
Hence, when the current view is a custom view, then the core row actions take the user back to 'all', which is a bad UX in that he behavior of core's row actions is different depending on whether the current view is built-in to core or is custom.
This came up recently in [https://github.com/audrasjb/wp-autoupdates/issues/49#issuecomment-599068276 an issue] opened against the [https://wordpress.org/plugins/wp-autoupdates/ WordPress Auto-updates] Feature plugin.
That specific issue will resolve itself when the feature plugin is merged in core because the `plugin_status` for the 2 views it adds will be added to the whitelist in the constructor. But the problem will still exist for any other plugins that add custom views to that list table.
`WP_MS_Themes_List_Table::__construct()` also sets a global that is whitelisted to the statuses that core knows about. However, that is not a problem because it doesn't use that global to add a query arg to the row action links: the redirects on the row actions are handled differently.
I think the easiest way to address this would be modify `WP_Plugins_List_Table` (and `wp-admin/plugins.php`) to handle the redirects on core row actions actions the same way that `WP_MS_Themes_List_Table` does." pbiron
Reporter Feedback / Close 30430 WP_Object_Cache does not properly cache objects nested in arrays Cache API normal defect (bug) new 2014-11-21T00:17:31Z 2022-07-08T23:23:03Z "I noticed on a plugin that cached data wasn't coming out the way it was inserted. What was happening is that it was an array of objects. The code would then go and change the original data and the data in the cache is changed. I would expect data retrieved from the cache to be exactly the same as what was inserted.
To make sure there was minimal performance impact I did some tests and the test script is attached. Initially I thought unserialize(serialize($data)) would be a good route, but it was twice as slow as rolling your own solution. I tried numerous methods and the function I initially build was always the fastest.
The transient/option table doesn't have this problem because it calls maybe_serialize.
Another way to fix this would be to call maybe_serialize on the set, and maybe_unserialize on a get but that would spread the cost to both functions and I think it is better to have the set be slightly more expensive than having every set and get take slightly longer.
" jamesgol 2.0 needs-unit-tests
Defects Awaiting Review 47827 wp_notify_moderator email error when Site Language is fr_CA Mail normal defect (bug) new 2019-08-04T02:31:38Z 2019-10-03T16:32:18Z "WordPress version: 5.2.2
PHP version: 5.6.27
Hosting: GoDaddy
""Please moderate:"" email is sent without issue when Site Language is en_US.
However, when Site Language is fr_CA, the following error occurs:
{{{
[04-Aug-2019 01:51:40 UTC] WP_Error Object
(
[errors] => Array
(
[wp_mail_failed] => Array
(
[0] => Could not instantiate mail function.
)
)
[error_data] => Array
(
[wp_mail_failed] => Array
(
[to] => Array
(
[0] => wpadmin@example.com
)
[subject] => [WPSite] Demande de modération pour « Foo »
[message] => Un nouveau commentaire sur l’article « Foo » attend votre approbation
http://blog.example.com/foo/
Auteur : JoeUser (adresse IP : xx.xx.xxx.xxx, joe.example.com)
Adresse courriel : joe_user@example.com
Adresse web :
Commentaire :
Commentaire en français
L’approuver : http://blog.example.com/wp-admin/comment.php?action=approve&c=12#wpbody-content
Le mettre dans la corbeille : http://blog.example.com/wp-admin/comment.php?action=trash&c=12#wpbody-content
Le marquer comme indésirable : http://blog.example.com/wp-admin/comment.php?action=spam&c=12#wpbody-content
En ce moment, 4 commentaires attendent vos approbations. Veuillez vous rendre sur le panneau de modération :
http://blog.example.com/wp-admin/edit-comments.php?comment_status=moderated#wpbody-content
[headers] => Array
(
)
[attachments] => Array
(
)
[phpmailer_exception_code] => 2
)
)
)
}}}
" zzzz4
Defects Awaiting Review 18842 wp_nav_menu confuses new developers when it falls through to page listing Menus normal defect (bug) reopened 2011-10-02T10:54:12Z 2017-09-20T19:42:00Z "It appears that when wp_nav_menu() falls through to a page listing, many menu-specific args are not passed to the page listing, which ultimately confuses new developers.
I seem to answer this at least weekly in #wordpress
One example is the 'container_class' arg, if it falls through to the fallback_cb, the container_class is not applied.
Ideally, template-related arguements should be passed to the fallback (And with pages as the default callback, it should handle these) or wp_nav_menu() should output any extra wrapping divs if appropriate." dd32 3.2 needs-patch
Defects Awaiting Review 46042 wp_nav_menu always returns a container Menus normal defect (bug) new 2019-01-19T16:03:15Z 2019-01-19T20:20:35Z "wp_nav_menu('container' => false) is returning an empty div when there is no menu items. This should return either false or an empty string. You can change the div to a different element, but you cannot remove the container.
This makes it difficult to test whether the menu is empty or not. Checking !empty($menu) no longer works like it used to." thememason
Defects Awaiting Review 49284 WP_Meta_Query's 'compare_key' does not support 'NOT EXISTS' when used with WP_User_Query Query normal defect (bug) new 2020-01-24T13:30:25Z 2020-01-24T13:37:44Z "The following snippet:
{{{#!php
'OR',
array(
'key' => 'learner_calculated_version',
'value' => '3',
'compare' => '!=',
),
array(
'key' => 'learner_calculated_version',
'compare_key' => 'NOT EXISTS',
)
);
$user_args = array(
'meta_query' => $meta_query
);
$users = get_users( $user_args );
global $wpdb;
print_r($wpdb->queries);
}
add_action('admin_init', 'test_get_users');
}}}
produces the following error:
{{{
WordPress database error: [Unknown column 'mt1.post_ID' in 'where clause']
SELECT DISTINCT wp_users.* FROM wp_users INNER JOIN wp_usermeta ON ( wp_users.ID = wp_usermeta.user_id ) INNER JOIN wp_usermeta AS mt1 ON ( wp_users.ID = mt1.user_id ) WHERE 1=1 AND ( ( wp_usermeta.meta_key = 'learner_calculated_version' AND wp_usermeta.meta_value != '3' ) OR NOT EXISTS (SELECT 1 FROM wp_postmeta mt2 WHERE mt2.post_ID = mt1.post_ID AND mt2.meta_key = 'learner_calculated_version' LIMIT 1) ) ORDER BY user_login ASC
}}}
The issue is that in the subquery, wp_postmeta is queried instead of wp_usermeta." gikaragia 5.3.2 has-patch
Defects Awaiting Review 33341 WP_Meta_Query IN operator with empty array does not return expected result Query critical defect (bug) reopened 2015-08-11T18:32:26Z 2023-10-17T19:18:10Z "When using the `IN` compare mode in a `WP_Meta_Query` where the value is an empty array, this query is evaluated with an unexpected behavior.
For example, I have some posts with a meta field called `'some-textfield'`:
{{{
$posts = get_posts( array(
'posts_per_page' => -1,
'post_type' => 'post',
'post_status' => 'publish',
'meta_query' => array(
array(
'key' => 'some-textfield',
'value' => array(),
'compare' => 'IN',
),
),
) );
}}}
This code returns all posts although I would rather expect it to return no posts at all since the value of `'some-textfield'` (whatever it may be) is not ''in'' those provided in the `value` field.
I discovered it when I needed to perform a meta query where the value was an array that was returned by a previous operation. It is obviously a minor issue since we can simply check if the array is empty (and in that case do not make the query at all) - but I thought it's not really the expected result of such a query.
The solution would be to:
* ignore this condition if the `relation` is set to `OR` and there are other conditions available
* evaluate this condition to false otherwise (and thus return no results)" flixos90 3.2 dev-feedback
Defects Awaiting Review 46217 wp_mail() not sending messages on PHP7.3.x Mail major defect (bug) new 2019-02-08T14:57:30Z 2019-11-21T08:10:30Z "Hi,
I believe that this is a bug but my PHP-fu is not yet the belt color needed to further debug and fix this.
I have tested this behavior on WordPress 5.0.3 and GitHub sources from 2019-02-07, on FreeBSD and Linux Ubuntu 18.04, with PHP 7.3.1.
PHP versions 7.2 and older work as expected.
While PHP's mail() sends e-mails flawlessly, there are no attempts to open connection to a SMTP server when using wp_mail().
This issue covers all WordPress e-mails including the initial ""New WordPress Site"" message. Example code, working on PHP 7.2 but not on 7.3.
{{{#!php
' . ""\r\n"";
wp_mail('something@proper-and-existing-domain.com','wp mail test','test test test', $headers );
}}}
The above example works with PHP 7.3 when ""wp_mail"" is replaced with ""mail"". 3rd party PHPmailer also works on PHP 7.3 with no issues.
Upon testing this behavior with tcpdump I can see that with PHP 7.2, WordPress opens a connection to 127.0.0.1:25 and tries to send the message. With PHP 7.3 there are no attempts to establish such connection on lo interface nor any other.
The following change results in: ""Invalid address: (setFrom) tester@proper-and-existing-domain.net""
{{{
--- wp-includes/pluggable.php 2019-02-08 15:37:38.459579000 +0100
+++ wp-includes/pluggable.php-debug 2019-02-08 15:37:29.683718000 +0100
@@ -364,7 +364,8 @@
$mail_error_data['phpmailer_exception_code'] = $e->getCode();
/** This filter is documented in wp-includes/pluggable.php */
- do_action( 'wp_mail_failed', new WP_Error( 'wp_mail_failed', $e->getMessage(), $mail_error_data ) );
+ //do_action( 'wp_mail_failed', new WP_Error( 'wp_mail_failed', $e->getMessage(), $mail_error_data ) );
+ print('DEBUG '.$e->getMessage().' DEBUG');
return false;
}
}}}
" whatevs 5.0.3 has-patch
Enhancements Awaiting Review 49687 wp_mail() - Why is no envelope sender defined? Mail minor enhancement new 2020-03-23T23:15:14Z 2022-11-17T08:47:39Z "As just figured out, some (mail) servers require the envelope sender to be set in order to accept outgoing emails.
For the PHP built-in mail() function (https://www.php.net/manual/en/function.mail.php) this can be done using the additional parameter (e.g. ""-fwebmaster@example.com) as explained in example 4 of the PHP manual page.
In order to use that option and set the envelope sender in PHPmailer either the sender attribute of the phpmailer object needs to be set ($phpmailer->Sender = ""sender@example.com"") or when using the setFrom() method of PHPmailer, the 3rd parameter needs to be set to true (=default).
Unfortunately, the current implementation of wp_mail() explicitly sets that 3rd parameter to false, which prevents the envelope sender from being set (see https://core.trac.wordpress.org/browser/trunk/src/wp-includes/pluggable.php?rev=47494#L358).
Is there any reason for doing so and could we change L358 to
$phpmailer->setFrom( $from_email, $from_name, true );
?" vbbp 5.4 dev-feedback
Reporter Feedback / Close 46333 wp_mail successfully working but not sending mails - WordPress 5.1 Mail major defect (bug) new 2019-02-23T19:00:10Z 2020-06-04T17:53:02Z The function wp_mail is used by many plugins and always giving a success message but never really sending mails out. JulesPryla 5.1 needs-unit-tests
Defects Awaiting Review, reported against no version 39775 wp_mail miss send Content-Type with boundary when array header does not have other custom headers Mail normal defect (bug) new 2017-02-03T07:42:43Z 2017-04-14T09:46:47Z "It's a PR send in github. https://github.com/WordPress/WordPress/pull/273
Fix empty charset in line 436.
Before:
`Content-Type: multipart/alternative; charset=`
After:
`Content-Type: multipart/alternative; charset=UTF-8`
-------------
fix `$headers[] = ""Content-Type: multipart/alternative; boundary=\""$boundary\"""";` not send when not other headers.
Test Code:
{{{#!php
"";
$headers[] = ""Content-Type: multipart/alternative; boundary=\""$boundary\"""";
$body = ""--$boundary\r\n"" .
""Content-Type: text/plain; charset=UTF-8\r\n"";
$body .= 'test';
$body .= ""--$boundary\r\n"" .
""Content-Type: text/html; charset=UTF-8\r\n"";
$body .= 'test
';
wp_mail( $to, $subject, $body, $headers );
}}}
Before:
[[Image(https://cloud.githubusercontent.com/assets/6196903/22583305/a84c5f1c-ea26-11e6-8718-2bde99d20484.png)]]
After:
[[Image(https://cloud.githubusercontent.com/assets/6196903/22583326/c4055362-ea26-11e6-8890-1da8fac8552e.png)]]
I could search some issue for this, like
http://wordpress.stackexchange.com/questions/191923/sending-multipart-text-html-emails-via-wp-mail-will-likely-get-your-domain-b
https://wordpress.org/support/topic/using-wp_mail-with-php-generated-attachments/
but still have same problem here." kn007
Defects Awaiting Review 28473 wp_mail incorrectly parses multiline From header Mail normal defect (bug) new 2014-06-06T19:08:32Z 2020-09-16T19:37:01Z "`wp_mail` tries to parse `From:` header when it is contained in headers. It fails when the header is multiline. Multiline headers are common when non-ascii characters are used and quoted-printable escaping kicks in.
Example input:
{{{
From: =?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?=
=?UTF-8?Q?=D0=BA=D1=80=D1=83=D0=B6=D0=B0=D1=8E=D1=89=D0=B8=D0=B9=20=D0=BC?=
=?UTF-8?Q?=D0=B8=D1=80?=
}}}
Parsed email in `$from_email`:
{{{
=?UTF-8?Q?=D0=92=D0=B7=D0=B3=D0=BB=D1=8F=D0=B4=20=D0=BD=D0=B0=20=D0=BE?=
}}}" arty.name 3.9.1 has-patch
Enhancements Awaiting Review 56779 wp_mail header ignores multiple headers with same name Mail normal enhancement new 2022-10-10T10:07:49Z 2022-10-10T10:07:49Z "Context:
https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/pluggable.php#L344
Snippet `wp_mail`
{{{#!php
default:
// Add it to our grand headers array.
$headers[ trim( $name ) ] = trim( $content );
break;
}}}
Passing headers this way:
{{{#!php
$headers[] = 'x-my-things: thing1';
$headers[] = 'x-my-things: thing2';
}}}
Will resulting headers only generated one ( the last one )
{{{#!php
$headers['x-my-things'] = 'thing2';
}}}
Expectation, it should retain the headers index, should behave similarly with `phpmaailer::addCustomHeader`, headers indexed by numeric, and each item contains name and value.
Example use case Mailgun `x-mailgun-tag`, https://documentation.mailgun.com/en/latest/user_manual.html?highlight=x-mailgun-tag" pentatonicfunk
Defects Awaiting Review 43425 WP_Mail BCC and CC - RCPT TO Errors Mail normal defect (bug) new 2018-02-26T22:15:08Z 2018-02-26T22:15:08Z "Adding BCC and CC Fields are having inconsistent results. Undeliverable emails, incorrect ""RCPT TO"" Addresses in SMTP Communication etc. ""RCPT TO"" is being set to ""Message-ID"".
See Tests Below - I tested with standard PHP Mail and wp_mail
If anyone has any pointers that would be great.
Windows Server 2012R2
IIS: 8.5
PHP: 7.0.9
WP: 4.9.4
No special plugins or code.
Test 1: Standard PHP Mail with CC Field
{{{
$headers = 'From: Test ' . ""\r\n"" . 'cc: myotheremail@myname.com';
$to = ""myemail@gmail.com"";
$subject = ""TEST SUBJECT"";
$body = ""Test"";
if (mail($to, $subject, $body, $headers)) {
echo(""Message successfully sent"");
} else {
echo(""Message sending failed"");
}
}}}
Results
Both emails received. Content looks ok
----
Test 2: Standard PHP Mail with BCC Field
{{{
$headers = 'From: Test ' . ""\r\n"" . 'bcc: myotheremail@myname.com';
$to = ""myemail@gmail.com"";
$subject = ""TEST SUBJECT"";
$body = ""Test"";
if (mail($to, $subject, $body, $headers)) {
echo(""Message successfully sent"");
} else {
echo(""Message sending failed"");
}
}}}
Results: Both emails were received
However. The body of each email now has the letter ""b"" appended to the content.
Body Content
{{{
b
Test
}}}
Is something in WP causing this or is this an issue in Windows PHP??
----
Test 3: WordPress wp_mail with CC Field
{{{
$headers = 'From: Test ' . ""\r\n"" . 'cc: myotheremail@myname.com';
$to = ""myemail@gmail.com"";
$subject = ""TEST SUBJECT"";
$body = ""Test"";
if (wp_mail($to, $subject, $body, $headers)) {
echo(""Message successfully sent"");
} else {
echo(""Message sending failed"");
}
}}}
Results
CC never received - SMTP Log file shows: [2018.02.26] 16:46:04 [55583] CMD: RCPT TO:<945dc26bed6e74aeec984fc4ae828e32@myname.com>
Why did the CC field get changed? It looks like the ""CC"" Field is now the ""Message-ID"" as they are the same now.
Gmail received the copy as expected.
----
Test 4: WordPress wp_mail with BCC Field
{{{
$headers = 'From: Test ' . ""\r\n"" . 'bcc: myotheremail@myname.com';
$to = ""myemail@gmail.com"";
$subject = ""TEST SUBJECT"";
$body = ""Test"";
if (wp_mail($to, $subject, $body, $headers)) {
echo(""Message successfully sent"");
} else {
echo(""Message sending failed"");
}
}}}
Results
Same as Test 3 -- The BCC Field ""RCPT TO"" command became the ""Message-ID""??
Gmail received the copy but still had the letter ""b"" appended into the message body.
Any ideas, pointers etc? Suspecting Bug in WordPress or Windows PHP.
" JWGarber1725 4.9.4
Defects Awaiting Review 54246 wp_logout sometimes causes 'upstream sent too big header' Login and Registration normal defect (bug) new 2021-10-12T14:15:58Z 2021-12-06T07:09:33Z "I'm using nginx as a proxy for my wp.
By default setting for 'fastcgi_buffer_size' is set to 4k.
If you do a headers_list() during wp_logout. you will see the size is almost 3k.
So if we combine this wp_logout with other hook which also sets couple headers. Sometimes this 4k limit reached and blowing out the buffer and resulting in a HTTP 500 error. The fix is to increase the 'fastcgi_buffer_size' setting. But increasing this setting will cause unnessasary memory usage for regular use.
So Its recommended to decrease this huge list of setcookie especially each of this is so long." erikdemarco has-patch
Enhancements Awaiting Review 57405 wp_localize_script() doesn't decode html entities in nested arrays I18N normal enhancement new 2022-12-30T09:27:39Z 2023-01-03T10:02:26Z "If we localize a script with an array like this:
{{{
$data = [
'key1' => 'Value 1',
'key2' => [
'subkey1' => 'String contains ' single quote encoded',
'subkey2' => 'String contains " double quote encoded',
],
];
// Encoded strings stay encoded.
wp_localize_script( 'myhandle', 'myname', $data );
}}}
Then the outputted values of `$data` on the front end is exactly the same, e.g. encoded strings stay encoded:
{{{
array(2) {
[""key1""]=>
string(7) ""Value 1""
[""key2""]=>
array(2) {
[""subkey1""]=>
string(43) ""String contains ' single quote encoded""
[""subkey2""]=>
string(43) ""String contains " double quote encoded""
}
}
}}}
However, `wp_localize_script()` decode strings correctly if the array is not nested. So this code works correctly;
{{{
$data = [
'key1' => 'Value 1',
'key2_1' => 'String contains ' single quote encoded',
'key2_2' => 'String contains " double quote encoded',
];
// Encoded strings are decoded.
wp_localize_script( 'myhandle', 'myname', $data );
}}}
Output:
{{{
array(3) {
[""key1""]=>
string(7) ""Value 1""
[""key2_1""]=>
string(38) ""String contains ' single quote encoded""
[""key2_2""]=>
string(38) ""String contains "" double quote encoded""
}
}}}
This inconsistent behavior might cause issues when JS outputs/uses the text directly.
I'd suggest making the `wp_localize_script` function decoded strings in all cases." rilwis has-patch
Defects Awaiting Review 46334 wp_localize_script did not output anything in wp_print_footer_scripts hook although document suggested that it should be working Script Loader major defect (bug) new 2019-02-24T01:10:11Z 2019-02-24T01:10:11Z "Note: it should be WordPress 4.9.9 but the version list did not provide this option
According to this page, there is a statement showing that the ""localize"" can be achieved at the last chance hook ""wp_print_footer_scripts""
https://codex.wordpress.org/Function_Reference/wp_localize_script
The last chance to localize your script would then be on the 'wp_print_footer_scripts' hook.
However, I have tried the following code, it did not showing up. I tried to trace back the original localize() function and even looking into the WP_Dependencies class, I only find that it is added to the queue for localize() but it is gone at print_extra_script() stage. Cannot find out the exact reason, maybe due to the enqueue process and timing is only allowed to be used in the ""wp_enqueue_script"" hook.
The following is working.
{{{#!php
'list') );
}
add_action( 'wp_enqueue_scripts', 'theme_enqueue_scripts', 12 );
}}}
Since my page have a variable appear almost end of the page so I need to localize it in later time and considered ""wp_print_footer_scripts"" hook, so I tried like this:
Adding the handle first and localize it in later time.
{{{#!php
'list')
// tried also putting here but not working as well, the handle is also being queued but gone in output
// wp_enqueue_script( 'handle_name_js', SOMEWHERE . '/js/custom.js', array( 'jquery' ), false, true);
// did not output anything
wp_localize_script( 'handle_name_js', 'memberMeta', $team_member_meta );
}
add_action( 'wp_print_footer_scripts', 'set_member_meta', 20 );
}}}
I have traced through core, the handle data is added actually.
But it is out of my ability to trace the exact point of problem because it is pointing from a to b and b to c with many checking or modifiers, I am not familiar enough with the core nor have enough debugging technique in dealing with wordpress hooks.
I run the above code inside functions or functions required php files in theme folder.
Because it is not working as expected nor as suggested in the document and the trace of the code is also showing that the handle is finally gone before using it. So I think it is possibly a bug.
" simongcc 4.9.8
Enhancements Awaiting Review 56425 wp_localize_script assign to const and freeze instead of var to avoid reassignments Script Loader normal enhancement new 2022-08-23T23:59:48Z 2022-11-08T07:36:06Z "wp_localize_script adds elements as ""var"".
To avoid accidental, silent overwrites by other plugins or malicious code, it would be better if we used a const and freeze the object, to disable reassignments.
" malthert dev-feedback
Defects Awaiting Review 57955 wp_localize_jquery_ui_datepicker parsing general settings date_format wrong Date/Time minor defect (bug) new 2023-03-20T10:23:54Z 2023-03-20T19:08:16Z "Hi,
I found that function **wp_localize_jquery_ui_datepicker** under wp-includes/script-loader.php isn't formatting **date_format** right.
**date_format** settings may include scaped characters as in spanish: ""j \d\e F \d\e Y""
and this function using php **str_replace** isn't having in consideration that posibility so we end up having: ""d \dd\e MM \dd\e yy""
Expected output should be: ""d \d\e MM \d\e yy""
[https://developer.wordpress.org/reference/functions/wp_localize_jquery_ui_datepicker/ wp_localize_jquery_ui_datepicker]
Thanks,
" naamb 6.1.1
Enhancements Awaiting Review 58658 WP_Locale add get_month_genitive() method I18N minor enhancement new 2023-06-28T14:07:49Z 2023-06-28T14:36:02Z "The `WP_Locale` class has `get_month()` and `get_month_abbrev()` methods, but does not have `get_month_genitive()`. It should be there as well.
We should add such a code:
{{{
/**
* Retrieves the full translated month in genitive case by month number.
*
* @since 6.2.3
*
* @param string|int $month_number From 1 to 12. If a number less than 10 is
* passed in integer or string format, a '0' will be added before it.
*
* @return string Translated full month name in genitive case.
*/
public function get_month_genitive( $month_number ) {
return $this->month_genitive[ zeroise( $month_number, 2 ) ];
}
}}}
" Tkama 4.4
Defects Awaiting Review 30049 wp_load_translations_early does not without WPLANG defined I18N normal defect (bug) reopened 2014-10-20T14:24:48Z 2019-05-01T18:27:18Z "In the Hungarian WP 4.0 the maintenance text appears in english.
" szepe.viktor 4.0
Defects Awaiting Review, reported against no version 28664 "wp_load_alloptions() fails to set object cache when persistent alloptions cache is ""0""" Cache API normal defect (bug) new 2014-06-28T17:44:57Z 2022-07-08T14:55:25Z "When alloptions persistent object cache is set to `0`, `wp_load_alloptions()` fails to reset it with appropriate values. This results in every use of `get_option()` to produce the load alloptions query `SELECT option_name, option_value FROM wp_options WHERE autoload = 'yes'` because the object cache never gets appropriately populated. Specifically, `wp_cache_add()`won't set the alloptions value when it's already seen to be set.
The end result is a massive impact on site performance when the object cache backend failboats. I'd expect WordPress to handle this scenario a bit more gracefully, possibly falling back to its internal object cache if it detects failures with the persistent object cache. However, it's debatable as to whether the solution lies within a drop-in, or whether it's the responsibility of core.
`wp_cache_add()` is used over `wp_cache_set()` for performance reasons with *external* object caches — it doesn't matter one way or another for the internal object cache (genesis #4138). One option is to distinguish between them, and offer different behaviors. However, the most technically appropriate solution is likely to check that the data coming from `wp_cache_get()` is as expected.
To answer your question before you ask it, I'm not sure how the Memcached persistent object cache value gets set to zero. It seems to come and go, sometimes occurring regularly when I restart Memcached, and I've seen the issue reproduce with both Ryan Boren's and Zack Tollman's drop-ins (meaning real bug is most likely outside of WordPress)." danielbachhuber needs-unit-tests
Enhancements Awaiting Review 56262 WP_List_Util::pluck doesn't support a null $field General minor enhancement new 2022-07-20T20:28:53Z 2022-07-26T17:45:51Z "[https://www.php.net/manual/en/function.array-column.php array_column()] accepts a `null` value for the `$column_key` parameter. When passed `null`, it returns the complete array, which is a useful trick for reindexing database results, etc.
{{{#!php
$array = [
[ 'id' => 123, 'name' => 'Joe' ],
[ 'id' => 345, 'name' => 'Sally' ]
];
array_column( $array, null, 'id' ); // [ 123 => [ 'id' => 123, 'name' => 'Joe'] ...
}}}
`wp_list_pluck()` doesn't work when using that on an object, though:
> Warning: Undefined property: stdClass::$ in wp-includes/class-wp-list-util.php on line 185
It seems like `array_column()` has had support for objects since PHP7, so one way to achieve this might be something like:
{{{#!php
if ( version_compare( ... ) {
return array_column( $this->output, $field, $index_key )
}
// existing code remains as fallback for older versions
}}}
It might be good to use something like `7.0.7` to skip a few bugs that were fixed." iandunn 3.1 has-patch
Enhancements Awaiting Review 57200 WP_List_Table::pagination use singular and plural Administration normal enhancement new 2022-11-24T23:33:23Z 2022-12-03T11:23:40Z "WP_List_Table::pagination() currently hardcodes the number of records display as ""1 item""/""XX items"". It would be nice if it used the singular and plural set in the constructor, defaulting to item/items if none are set." RoscoHead dev-feedback
Defects Awaiting Review 54720 WP_List_Table Inside Metabox With Bulk Actions Not Working on Submit Posts, Post Types normal defect (bug) new 2022-01-03T11:40:53Z 2022-01-03T11:40:53Z "I'm trying to display a WP_List_table inside a metabox. The metabox is for questions which are from assessment_question custom post type.The metabox is being displayed on an other custom post type 'cs_questionnaire'. The table columns display some data taken from questions. Also I am using bulk actions to link questions to a questionnaire.
What's happening is that it all looks fine until I click the Publish/Update button on the custom post type edit screen. If the WP_List_Table has bulk actions it will redirect back to the /wp-admin/edit.php page, if I remove the bulk actions then it Works fine. And in both cases, the nonce stays the same and no extra nonce is created.
I've whole code below. I have already overridden the display_tablenav function by commenting the nonce generating code. It stops working when I provide bulk actions else it works fine with the following code.
{{{#!php
data
/** Class constructor */
public function __construct() {
parent::__construct(
array(
'singular' => __( 'Question', 'conditional-shortcode' ), // singular name of the listed records
'plural' => __( 'Questions', 'conditional-shortcode' ), // plural name of the listed records
'ajax' => false, // does this table support ajax?
)
);
}
/**
* Function to filter data based on order , order_by & searched items
*
* @param string $orderby
* @param string $order
* @param string $search_term
* @return array $users_array()
*/
public function list_table_data_fun( $orderby = '', $order = '', $search_term = '' ) {
$args = array();
$questions_array = array();
$questions = '';
$flag = false;
if ( ! empty( $search_term ) ) {
$args = array(
'fields' => 'ids',
'orderby' => $orderby,
'order' => $order,
'search' => intval( sanitize_text_field( $_REQUEST['s'] ) ),
'post_type' => 'assessment_question',
'posts_per_page' => -1,
);
} else {
if ( $order == 'asc' && $orderby == 'id' ) {
$args = array(
'orderby' => 'ID',
'order' => 'ASC',
'fields' => 'ids',
'post_type' => 'assessment_question',
'posts_per_page' => -1,
);
} elseif ( $order == 'desc' && $orderby == 'id' ) {
$args = array(
'orderby' => 'ID',
'order' => 'DESC',
'fields' => 'ids',
'post_type' => 'assessment_question',
'posts_per_page' => -1,
);
} elseif ( $order == 'desc' && $orderby == 'title' ) {
$args = array(
'orderby' => 'name',
'order' => 'DESC',
'fields' => 'ids',
'post_type' => 'assessment_question',
'posts_per_page' => -1,
);
} elseif ( $order == 'asc' && $orderby == 'title' ) {
$args = array(
'orderby' => 'name',
'order' => 'ASC',
'fields' => 'ids',
'post_type' => 'assessment_question',
'posts_per_page' => -1,
);
} else {
$args = array(
'orderby' => 'ID',
'order' => 'DESC',
'fields' => 'ids',
'post_type' => 'assessment_question',
'posts_per_page' => -1,
);
$flag = true;
}
}
$questions = get_transient( 'pd_questions' );
if ( $flag == false ) {
$questions = get_posts( $args );
} elseif ( $flag == true && ! $questions ) {
$questions = get_posts( $args );
set_transient( 'pd_questions', $questions, 1 * DAY_IN_SECONDS );
}
if ( count( $questions ) > 0 ) {
foreach ( $questions as $question_id ) {
$question = get_post_meta( $question_id ?? 0, CONDITIONAL_SHORTCODE_ASSESSMENT_QUESTION_META, true )['question'] ?? 'NA';
$questions_array[] = array(
'id' => $question_id,
'title' => '' . get_the_title( $question_id ) . ' ',
'question' => $question,
);
}
}
return $questions_array;
}
// prepare_items
public function prepare_items() {
$orderby = sanitize_text_field( isset( $_GET['orderby'] ) ? trim( $_GET['orderby'] ) : '' );
$order = sanitize_text_field( isset( $_GET['order'] ) ? trim( $_GET['order'] ) : '' );
$search_term = sanitize_text_field( isset( $_POST['s'] ) ? trim( $_POST['s'] ) : '' );
if ( $search_term == '' ) {
$search_term = sanitize_text_field( isset( $_GET['s'] ) ? trim( $_GET['s'] ) : '' );
}
$datas = $this->list_table_data_fun( $orderby, $order, $search_term );
$per_page = 30;
$current_page = $this->get_pagenum();
$total_items = count( $datas );
$this->set_pagination_args(
array(
'total_items' => $total_items,
'per_page' => $per_page,
)
);
$this->items = array_slice( $datas, ( ( $current_page - 1 ) * $per_page ), $per_page );
$columns = $this->get_columns();
$hidden = $this->get_hidden_columns();
$sortable = $this->get_sortable_columns();
$this->_column_headers = array( $columns, $hidden, $sortable );
$this->process_bulk_action();
}
public function get_bulk_actions() {
return array(
'add_questions' => __( 'Add Questions', 'conditional-shortcode' ),
'remove_questions' => __( 'Remove Questions', 'conditional-shortcode' ),
);
}
// get_columns
public function get_columns() {
$columns = array(
'cb' => ' ',
'id' => __( 'ID', 'conditional-shortcode' ),
'title' => __( 'Title', 'conditional-shortcode' ),
'question' => __( 'Questions', 'conditional-shortcode' ),
'action' => __( 'Action', 'conditional-shortcode' ),
);
return $columns;
}
public function get_hidden_columns() {
return array( '' );
}
public function get_sortable_columns() {
return array(
'title' => array( 'title', true ),
'id' => array( 'id', true ),
);
}
/**
* Generate the table navigation above or below the table.
*
* @since 3.1.0
* @access protected
*
* @param string $which
*/
protected function display_tablenav( $which ) {
// REMOVED NONCE -- INTERFERING WITH SAVING POSTS ON METABOXES
// Add better detection if this class is used on meta box or not.
/*
if ( 'top' == $which ) {
wp_nonce_field( 'bulk-' . $this->_args['plural'] );
}
*/
?>
"">
bulk_actions( $which ); ?>
extra_tablenav( $which );
$this->pagination( $which );
?>
Add Question';
default:
return 'no value';
}
}
public function column_title( $item ) {
$post_id = get_the_ID();
$action = array(
'edit' => sprintf( 'Add Question ', $post_id, 'edit', 'add_question', $item['id'], $post_id ),
);
return sprintf( '%1$s %2$s', $item['title'], $this->row_actions( $action ) );
}
function column_cb( $item ) {
return sprintf(
' ',
$item['id']
);
}
function no_items() {
esc_html_e( 'No Questions Found.', 'conditional-shortcode' );
}
public function process_bulk_action() {
// security check!
if ( isset( $_POST['_wpnonce'] ) && ! empty( $_POST['_wpnonce'] ) ) {
$nonce = filter_input( INPUT_POST, '_wpnonce', FILTER_SANITIZE_STRING );
$action = 'bulk-' . $this->_args['plural'];
if ( ! wp_verify_nonce( $nonce, $action ) ) {
wp_die( 'Nope! Security check failed!' );
}
}
$action = $this->current_action();
switch ( $action ) {
case 'delete_questions':
wp_die( 'Delete something' );
break;
case 'add_questions':
wp_die( 'Save something' );
break;
default:
// do nothing or something else
return;
break;
}
wp_redirect( esc_url( add_query_arg() ) );
exit;
return;
}
}
/**
* Shows the List table for all questions.
*
* @return void
*/
function conditional_shortcode_questions_list_table_layout() {
$table = new Class_Conditional_Shortcode_Questions_Listing();
printf( '
%s ', __( '', 'conditional-shortcode' ) );
echo '';
echo '';
}
conditional_shortcode_questions_list_table_layout();
}}}
I was able to resolve this issue by changing the value of name attribute of bulk actions select field. Like from name to names. What I think the issue could be is when here the name=""action"" for this select and it has some value xyz on the other side WordPress save post looks for action to be equal to edit.
Can we provide a way of changing this name attributes value either by providing a filter or by changing it. But I think changing name attribute would require a lot of other code changes so its better to provide a filter for custom use. Or add a comment on top so someone else using WP LIST Table in a metabox must override this function with custom value to name attribute.
For clarity I changed
This echo '\n"";
To this echo '\n"";
Thanks!
" muhammadfaizanhaidar 5.8.2 dev-feedback
Defects Awaiting Review 57136 wp_list_pluck's key argument not working correctly when its zero General normal defect (bug) new 2022-11-17T16:36:32Z 2024-02-23T02:49:01Z "This is better explained with an example:
{{{
wp> var_dump( wp_list_pluck( [ [ 'key1', 'val1' ], [ 'key2', 'val2' ] ], 1, 0 ));
array(2) {
[0]=>
string(4) ""val1""
[1]=>
string(4) ""val2""
}
}}}
See the missing key?
If we try with array_column it works correctly:
{{{
wp> var_dump( array_column( [ [ 'key1', 'val1' ], [ 'key2', 'val2' ] ], 1, 0 ));
array(2) {
[""key1""]=>
string(4) ""val1""
[""key2""]=>
string(4) ""val2""
}
}}}" dgwatkins 4.7 has-patch
Defects Awaiting Review 41714 "wp_list_pages() - horrible performance due to eventual ""SELECT *""" Posts, Post Types normal defect (bug) new 2017-08-23T16:15:00Z 2023-07-06T14:29:05Z "I'm investigating awful performance (MySQL slow queries logged constantly) a site which uses a plugin to display a page list.
The plugin calls wp_list_pages(). wp_list_pages() in turn calls get_posts(). And get_posts() ends up making the slow query:
{{{
SELECT * FROM wp_posts WHERE (post_type = ‘page’ AND post_status = ‘publish’) ORDER BY wp_posts.post_date ASC;
}}}
So, all the post_content fields (along with everything else) are being requested, just for the purposes of constructing a page list. (The site has ~ 1200 pages - and the above call returns 34MB from the MySQL server).
It looks like either get_posts() needs some more flexibility so that it has an option to return only specified fields." DavidAnderson 4.9 dev-feedback
Defects Awaiting Review 43025 wp_list_filter should filter all iterable objects General normal defect (bug) new 2018-01-04T23:09:38Z 2018-02-11T17:49:28Z "#16499 introduced an issue which requires that data sent to `wp_list_filter` is an array. What it really means is the data sent to `wp_list_filter` should be iterable _like_ an array. By permitting both arrays and objects that are Transverable we can allow for anything that decends from the `\ArrayObject` class.
While there is an `is_iterable` method we _could_ use, it's only availabile in PHP 7.1 so the attached is friendly to PHP v4.2 and above
" jarednova 4.9.1 needs-patch
Enhancements Awaiting Review 41760 wp_list_comments callback params Comments normal enhancement new 2017-08-30T18:44:15Z 2017-08-31T09:05:53Z "In `wp-includes/class-walker-comment.php`, methods `comment()` and `html5_comment()` have following order of @params: `$comment, $depth, $args`.
However, when you try to modify comment markup using `callback` argument for `wp_list_comments()`, order of params is `$comment, $args, $depth`.
Is it possible to make the same order of params?" milana_cap dev-feedback
Enhancements Awaiting Review 41776 wp_list_category array element 'exclude' better be called 'exclude_id' Taxonomy normal enhancement new 2017-09-01T14:30:12Z 2017-09-01T14:31:21Z "Could the default array element `exclude` of `wp_list_category` function be renamed as `exclude_id`?
I think only `exclude` is not that self explanatory and ""what to exclude"" could easily be a reasonable question for a developer to ask!
Instead `exclude_id` is easily understandable, even `exclude_ids` could be used as well because we can pass an array to it.
Please give it a thought.
Source file: wp-includes/category-template.php
Line no: 508" subrataemfluence 4.8.1
Reporter Feedback / Close 41867 wp_list_categories throws SQL error if list is empty Taxonomy normal defect (bug) new 2017-09-13T08:05:49Z 2019-02-21T03:13:59Z "If via the args, we exclude the only category available in the list, then the SQL query will end up wrongly formated (empty : IN() statement).
See full query here :
{{{
SELECT object_id, term_taxonomy_id FROM wp_term_relationships INNER JOIN wp_posts ON object_id = ID WHERE term_taxonomy_id IN () AND post_type IN
('post') AND post_status = 'publish';
}}}
Sample php code :
{{{#!php
'category',
'child_of' => $queried_object->category_parent,
'depth' => 1,
'exclude' => $queried_object->cat_ID,
'echo' => 0,
'hierarchical' => true,
'hide_empty' => false,
'show_count' => 1,
'title_li' => '');
echo wp_list_categories($args);
}}}
The solution would be to check if there are other categories to be displayed and if not, then just return the empty result." firebird75 4.8.1 reporter-feedback
Enhancements Awaiting Review 39787 wp_list_authors can be optimize Users normal enhancement new 2017-02-05T01:52:55Z 2024-01-26T07:47:14Z "May be i don't understand but look at this line
https://core.trac.wordpress.org/browser/tags/4.7/src/wp-includes/author-template.php#L392
{{{#!php
392 $author = get_userdata( $author_id );
}}}
Why we should call `get_userdata()`? At top we call `$authors = get_users( $query_args );` and can return display_name and user_nicename in next foreach section without `get_userdata()`.
And will be nice add filter by role. Because wp_list_authors means authors not subscribers or editors.
" alexufo 4.8 dev-feedback
Reporter Feedback / Close 57083 wp_list_authors and WP Search Users Query normal defect (bug) new 2022-11-11T22:47:31Z 2022-11-16T13:24:41Z "Apparently `wp_list_authors` is loading a deprecated WordPress class called WP Search Users, this class has now been replaced with WP Query Users but `wp_list_authors` keeps using WP Search Users.
However the case wp list authors is only accepting some parameters, neither through array or through post accepted more parameter, meaning that something like this worked:
{{{
wp_list_authors('orderby=name&order=DESC');
}}}
but something like this did not:
{{{
wp_list_authors('orderby=name&order=ASC');
}}}
or even
{{{
wp_list_authors('orderby=name&order=DESC&optioncount=1');
}}}
My original code wasn’t working because it was stated as follows:
{{{
$authors = str_replace( ', ', ' ', wp_list_authors([
'style' => 'none',
'optioncount' => 1,
'echo' => 0
]) );
echo $authors;
}}}" pabloeduardo 6.1 reporter-feedback
Enhancements Awaiting Review 24705 wp_link_pages() does not showing active current element Posts, Post Types major enhancement new 2013-07-07T22:19:44Z 2018-12-09T22:00:39Z "By full analogy of all wp functions, wp_link_pages must generate active class element too.
{{{
1
2
3
4
}}}
but should be
{{{
1
2
3
4
}}}
" Alexufo 2.2 dev-feedback
Enhancements Awaiting Review 51482 wp_kses_post should filter javascript content as well as the tags, but not the actual javascript itself. If you sanitize some content using wp_kses_post that contains world!"";
wp_kses_post($str);
Outputs:
hello myvar = 'foobar'; world!
Expected output:
hello world!" janmiddelkoop 5.5.1
Defects Awaiting Review 58921 wp_kses_allowed_html doesn't allow to add esi:include Formatting normal defect (bug) new 2023-07-27T10:19:28Z 2023-10-12T05:21:52Z "In my plugin I want to implement an [ESI exclusion](https://www.w3.org/TR/esi-lang/) for Litespeed using their filter like this:
{{{#!php
}}}
However, using the unescaped echo is bad practice and is not allowed by WooCommerce (my plugin is published on woocomerce.com, so I can't upload a version that's using `echo`).
So I tried using `wp_kses`.
Using the `wp_kses_allowed_html` filter, one could add custom tags to `wp_kses`. But it doesn’t work in this particular case because the ESI tag contains a colon `esi:include`.
I’m stuck here. I can’t change the [ESI specification](https://www.w3.org/TR/esi-lang/) which specifies the tag `esi:include`.
Litespeed (or any other technology that uses ESI) must consume the `esi:include` tag to work. That means we need to output the script somehow.
I think there should be a way to add custom tags like `esi:include`." alekv 3.5 has-patch
Defects Awaiting Review 56521 wp_kses wp_kses_hair fails to allow a valueless attribute when is follwed by / Security major defect (bug) new 2022-09-06T10:04:32Z 2022-09-06T10:14:34Z "I have created a static gutenberg block for managing forms.
The block generates ` ` html elements, for example:
{{{
}}}
But after saving the post, the `required` attribute is striped in the db:
{{{
}}}
So the visitors are sendig the form ignoring the validation.
It only happens when the attribute is the last one and is followerd by `/` without spaces:
{{{
=> OK
=> ERROR
=> OK
}}}
I put togheter a test case:
{{{#!php
// theme/functions.php
add_action( 'init', function () {
$tests = [
' ',
' ',
' ',
];
$allowed_html = [
'input' => [
'name' => true,
'required' => true,
],
];
header('Content-Type: text/plain; charset=UTF-8', true);
foreach ( $tests as $test ) {
$sanitized = wp_kses( $test, $allowed_html );
printf( ""_in => %s\nout => %s\n\n"", $test, $sanitized);
}
exit;
});
}}}
I have found where the error could be fixed:
{{{#!php
// wp-includes/kses.php:1320
if ( preg_match( '/^\s+/', $attr ) ) { // Valueless.
}}}
Replacing the regex `/^\s+/` with `/^(\s+|\/$)/` fixes the problem.
I'm hopping it can be fixed for the next release, until then I'm manually applying the patch again.
" luistar15 6.0.2 has-patch
Defects Awaiting Review 58377 wp_kses filters custom block name with consecutive hyphens Formatting normal defect (bug) new 2023-05-23T08:08:59Z 2023-05-23T08:08:59Z "== Description
I worked on a WordPress multisite and administrators cannot edit custom blocks containing consecutive hyphens, but only super administrators. This problem occurs after an administrator registers a page containing custom blocks.
I found that the reason was that WordPress filters HTML content (wp_kses) created by an administrator for security reasons. It prevents the use of multiple dashes in custom block name. Ex: ""custom-blocks/contact-form---input"" is renamed ""custom-blocks/contact-form-input"".
In my company, we use dashes (""---"") in block name to specify the relation between parent and children blocks. This is really helpful for us. Hence my question, **would it be possible to allow multiple dashes in the name of blocks?**
== Alternative solution
For the moment, we gave the administrators the capability ""unfiltered_html"". So they can edit the different blocks.
== Expected behavior
Allow multiple dashes in block names. Ex: ""custom-blocks/contact-form---input""
== Step-by-step reproduction instructions
- Create a custom block with a block name that includes consecutive hyphens. (e.g. custom-blocks/contact-form---input)
- Insert this block and save the post.
- Reload the edit screen.
- The block is no longer editable. ""Your site doesn't include support for the xxx""
- In this case, the block name displayed in the core/missing block is abbreviated to a single hyphen. (e.g. custom-blocks/contact-form---input)
The bug is reproducible on any site not necessarily multisite. In this case, you need to compare between an administrator and an author.
[[Image(https://user-images.githubusercontent.com/48805054/225573533-f8889624-a7a7-4e1d-a7d2-0f1ae28abc5c.jpg)]]
== Related GitHub issues
- [https://github.com/WordPress/gutenberg/issues/49127]
- [https://github.com/WordPress/gutenberg/issues/36339]" munezero999 6.1.1
Defects Awaiting Review 60347 wp_kses breaking text fragments links Security normal defect (bug) new 2024-01-25T17:20:18Z 2024-01-25T19:36:08Z "Hello.
It seems that wp_kses() (probably wp_kses_bad_protocol()) is breaking text fragments links (https://developer.mozilla.org/en-US/docs/Web/Text_fragments).
For example:
Link
This issue became more prominent as recently ACF started escaping HTML using the wp_kses() function (https://www.advancedcustomfields.com/blog/acf-6-2-5-security-release/).
I confirmed the issue with ACF's support.
" asafm7
Defects Awaiting Review 53109 wp_insert_user should return a WP_Error when passing a too long first_name parameter audrasjb Users normal defect (bug) reviewing 2021-04-29T09:01:21Z 2021-04-29T22:55:35Z "When I call the wp_insert_user function to which I pass too long first_name, I do not get an error, but I get a 0-integer. Although the documentation says, either wp_error or integer-ok.
P.S. I create user with this function .." superpuperlesha needs-patch
Enhancements Awaiting Review 39067 wp_insert_user custom validation Users normal enhancement new 2016-12-04T19:29:02Z 2019-03-15T01:43:12Z "Currently there are no hooks in wp_insert_user where plugin can hook to validate any custom validation and prevent to insert/update user.
If there can be added a hook before insert/update user to database, that will be very helpful for custom validation.
sample code can be following
{{{#!php
$custom_user_validate = apply_filters( 'custom_user_validate', false );
if ( is_wp_error( $custom_user_validate ) ) {
return $custom_user_validate;
}
}}}
" shamim51 has-patch
Enhancements Awaiting Review 22310 wp_insert_user bit ilogical with rich_editing Users normal enhancement new 2012-10-30T09:08:56Z 2018-05-12T18:51:54Z "when you do wp_insert_user with rich_editing = TRUE it actually set rich_editing to ""1"" what is then interpreted as FALSE. I know (after searching why it does not work for me), that for actually setting true you need to set rich_editing to empty value, but anyway i think it is not optimal" thomask 4.9.5 needs-patch
Defects Awaiting Review 40206 wp_insert_term() $slug_provided check fails Taxonomy normal defect (bug) new 2017-03-20T11:56:26Z 2023-05-22T17:40:32Z "Imagine 2 city terms with same name, whereas state is stored inside its term_meta.
""Washington, Connecticut""
""Washington, Georgia""
So you have 2 identical names, but technically different terms with appropriate content.
If one of this city is already saved with slug ""washington-2"", than you will not able to save the second without manually set slug value to ""washington"".
The problem is in wp_insert_term() func.
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/taxonomy.php#L2018
{{{#!php
slug === $slug || $slug_match ) {
// return new WP_Error
}
}
}}}
As result, $name_match->slug !== $slug && ! $slug_match, but $slug_provided weren't provided, so it return WP_Error, instead of save new term ""Washington"" with slug ""washington"".
I think the last 2 of 3 checks is enough and '''! $slug_provided''' shouldn't exits here.
" esemlabel 4.7.3 has-patch
Defects Awaiting Review 47307 wp_insert_post: status 'future' is saved although 'publish' selected Posts, Post Types normal defect (bug) new 2019-05-17T16:55:15Z 2019-05-17T16:55:15Z "If I change the title of the page using the customizer, the changes are not saved because the changeset post is saved with status 'future' although 'publish' selected.
I debugged the issue and found the following fragment of code of wp_insert_post is causing the issue:
{{{#!php
mysql2date( 'U', $now, false ) ) {
$post_status = 'future';
}
}}}
This piece of code has no sense, because when the status is set as ""publish"", we don't want to change artificially to ""future"" because the publish date is now.
It seems an issue with some versions of PHP/MYSQL, since is working on my local host (Windows) but not on the production server (PHP7.0, Ubuntu).
I debugged the components of the comparison:
{{{
$now => 2019-05-17 16:32:59
$post_date_gmt => 2019-05-17 18:32:59
mysql2date( 'U', $post_date_gmt, false ) => 1558110779
mysql2date( 'U', $now, false ) => 1558103579
}}}
The date/time configuration of the server is:
{{{
root@srvde1 ~ # date
Fri May 17 18:33:24 CEST 2019
}}}
There are other affected users over the years, searching on the Internet ""customizer does not save changes"".
" daniol 5.2 has-patch
Defects Awaiting Review 44595 wp_insert_post() inserts wrong GUID (adds http:// prefix) General normal defect (bug) new 2018-07-17T14:07:48Z 2018-07-17T19:36:41Z "I manually set a GUID to e.g. `abc123` before calling `wp_insert_post()` and it was inserted as `http://abc123` to the database.
Expected: `abc123`" Looimaster dev-feedback
Defects Awaiting Review 56555 wp_insert_post does not save the post_date for pending posts General normal defect (bug) new 2022-09-12T08:56:34Z 2022-09-12T08:56:34Z "If we set a date when inserting a post with the status of pending/draft, WordPress does not display that date when editing the post
{{{#!php
'test title' ,
'post_content' => 'test content',
'post_status' => 'pending',
'post_date' => '2022-09-01 10:38:00',
'post_date_gmt' => '2022-09-01 08:38:00'
);
// Insert the post into the database
$id = wp_insert_post( $my_post );
}}}
Expected when editing the post to see the set date
[[Image(https://i.imgur.com/8DSgjCq.png)]]
current behavior: the date does not display, instead it shows ""Immediately""
[[Image(https://i.imgur.com/bGZwCSB.png)]]" sweetheatmn 6.0.2
Defects Awaiting Review 54605 WP_Image_Editor_Imagick::resize is not behaving according to spec Media major defect (bug) new 2021-12-09T14:17:46Z 2021-12-14T00:32:23Z "According to docs, you should be able to pass int|null as either $max_w or $max_h
{{{#!php
WP_Image_Editor_Imagick::resize( int|null $max_w, int|null $max_h, bool $crop = false )
}}}
Inside the function, $max_w and $max_h are directly passed to image_resize_dimensions
{{{#!php
image_resize_dimensions( int $orig_w, int $orig_h, int $dest_w, int $dest_h, bool|array $crop = false )
}}}
This function does not accept int|null for either $dest_w or $dest_h and will return false, which causes WP_Image_Editor_Imagick::resize to return a WP_Error.
For example:
{{{#!php
$editor->resize(1000,null);
}}}
will return a WP_Error while according to the documentation it should resize based on $max_w alone." chillhoptom 3.5
Enhancements Awaiting Review 39330 WP_Image_Editor_Imagick: get pdf from url Media normal enhancement new 2016-12-19T13:59:58Z 2024-01-16T13:00:28Z It is not possible to use the class, if an url is passed as filepath. With this little patch it is possible (I know it's not perfect. Maybe someone can make it better) wordpressrene 4.8
Enhancements Awaiting Review 52766 WP_Image_Editor_Imagick checks for version number but ImageMagick in several cases reports it wrong Media minor enhancement new 2021-03-10T18:10:22Z 2021-03-11T15:16:47Z "ImageMagick obviously isn't very consistent in reporting version number to PHP.
See:
https://www.php.net/manual/de/imagick.getversion.php (last comment)
https://github.com/dompdf/dompdf/issues/1296
I myself came across it on a windows server with a very new PLEC DLL version, but as far as my research went it concerns more cases.
WP_Image_Editor_Imagick::test checks vor a version number. This test fails if Imagick reports a usless version (@PACKAGE_VERSION@ ) in my case.
I commented out the version test in the class-wp-image-editor-imagick.php and everything works just fine. The check is for a very old version and checking for a version number instead of features (or in addition) seems not the best way anyhow. Especially so with Imagemagick and ist track record...
I'm not an expert on servers but it seems to me that there might be a way to improve the class to make features like PDF thumbnails available on more systems that can support it.
" idad5
Defects Awaiting Review 55872 wp_image_add_srcset_and_sizes trys to parse images from external pages, fails with error Media normal defect (bug) reopened 2022-05-30T08:08:17Z 2023-02-16T19:31:44Z "If a user embeds image content from another domain by copy pasting and includes a tag like
{{{
}}}
it seems like wordpress trys to parse the file as it were hosted in its own instance. This won't work of course, because it cannot access the file in the filesystem. It then fails with the following warning:
{{{
PHP Warning: Undefined array key ""file"" in /wp-includes/media.php on line 1676""
}}}
" pampfelimetten 6.0
Reporter Feedback / Close 47453 WP_Http_Parser warning on plugins page Upgrade/Install normal defect (bug) new 2019-06-01T07:41:31Z 2019-06-04T15:42:02Z "Warning: call_user_func() expects parameter 1 to be a valid callback, class 'WP_Http_Parser' not found.
Happens when update_plugins transient is deleted.
Possible fix:
{{{#!php
// On line 519 (before call_user_func call)
if (class_exists($class)) {
}}}
" indeveler 5.0.3 reporter-feedback
Defects Awaiting Review 40784 WP_HTTP_IXR_Client constructor needs to check that $server is valid HTTP API normal defect (bug) new 2017-05-17T12:11:28Z 2017-08-04T22:03:31Z "ErrorException is thrown: {{{Undefined index: host}}} and {{{Undefined index: scheme }}}
When WP_HTTP_IXR_Client is instantiated in {{{pingback()}}}, {{{$path}}} is checked, but {{{$server}}} may still be invalid or false, which sends an invalid URL to {{{parse_url()}}}.
Instantiation:
{{{ $client = new WP_HTTP_IXR_Client($pingback_server_url); }}}
Excerpt from class:
{{{#!php
scheme = $bits['scheme'];
$this->server = $bits['host'];
...
}}}
In the code that instantiates {{{WP_HTTP_IXR_Client}}}, it is clear that {{{discover_pingback_server_uri}}} could return false, which then gets passed as a constructor parameter.
Relevant code block:
{{{
$pingback_server_url = discover_pingback_server_uri( $pagelinkedto );
if ( $pingback_server_url ) {
@ set_time_limit( 60 );
// Now, the RPC call
$pagelinkedfrom = get_permalink( $post );
// using a timeout of 3 seconds should be enough to cover slow servers
$client = new WP_HTTP_IXR_Client($pingback_server_url);
$client->timeout = 3;
}}}
Possible resolution:
{{{filter_var($server, FILTER_VALIDATE_URL) }}} should be used to test the URL prior to {{{parse_url($server)}}}" chrispecoraro 4.7.4 has-patch
Reporter Feedback / Close 39653 WP_Http_Cookie changes HTTP API normal enhancement new 2017-01-20T14:56:16Z 2017-01-20T15:30:30Z "1. The WordPress convention is to use underscores instead of camelCase for function and method change
2. add new param to return array in get_attributes method
3. change parse_url to wp_parse_url" sebastian.pisula reporter-feedback
Defects Awaiting Review 49155 WP_HOME constant will force-redirect static front page but not posts on front page Rewrite Rules normal defect (bug) new 2020-01-09T03:42:32Z 2020-01-09T03:42:32Z "When a static front page is set and I have an HTTPS URL configured with the `WP_HOME` constant (such as `https://example.org`) and I try to navigate to `http://example.org`, I'll be redirected to `https://example.org`.
When the front page is set to show latest posts and I do the same thing, WP will respond successfully to `http://example.org` with no redirect.
I imagine this isn't specific to http/https. If my server is configured to respond to other URLs with the WP app, I ''think'' it would respond to anything.
This behavior seems like it ought to be consistent. The code in `wp-includes/canonical.php` around line 192 is responsible, and perhaps another case should be added?" eclev91 5.3.2
Enhancements Awaiting Review 38481 wp_handle_upload_prefilter not used before deriving attachment title Upload normal enhancement new 2016-10-25T08:30:18Z 2019-03-26T21:28:44Z "I created a module that modifies upload behavior. I use the wp_handle_upload_prefilter to alter the $_FILES data - specifically the 'name' property of the uploaded file.
This works well for changing the name of the file being stored in the file system, but the title of the attachment post still accesses the $_FILES['async-upload']['name'] on line 281 of media.php.
To be able to override the title, I had to hook into the 'sanitize_title' filter on line 293 of media.php - and doing that is, in my book, a hack.
This sanitize_title filter should specify a context." frodeborli 4.6.1 dev-feedback
Defects Awaiting Review 51773 wp_guess_url() calls strpos() incorrectly if $_SERVER['SCRIPT_FILENAME'] is empty General normal defect (bug) new 2020-11-13T15:59:06Z 2020-11-13T22:11:08Z "This can happen, for example, if using PHPUnit's `@runInSeparateProcess`.
The message produced is
{{{
PHP Warning: strpos(): Empty needle in /var/www/html/wp-includes/functions.php on line 5435
}}}
In the aforementioned PHPUnit case, that warning causes tests to fail." bjorsch 3.7
Enhancements Awaiting Review 57303 "wp_get_posts() for post_type=""any"" + post__in creates not optimized database query" Posts, Post Types normal enhancement new 2022-12-09T20:42:21Z 2022-12-09T20:42:21Z "Hi all.
I have a case where the database query is not very optimal and (probably) needs to be improved.
Case: I have a list of post ids that belong to several different post types. Now I need to get the WP_Post objects for this list of posts. So I do the following:
{{{#!php
'any',
'post__in' => [10,20,30,40,50]
]);
}}}
This code works well, however I have a lot of different post types (15+) on my site and as a result the database query looks like this:
{{{
SELECT wp_posts.*
FROM wp_posts
WHERE 1=1
AND ((wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)) OR (wp_posts.post_type = ? AND (wp_posts.post_status = ?
OR wp_posts.post_status = ?)))
WHERE wp_posts.ID IN (?)
GROUP BY wp_posts.ID
ORDER BY FIELD(wp_posts.ID,?,?)
}}}
As you can see, it checks post_type + post_status for every public post type on my site. But the wp_get_posts() attributes explicitly declare a list of ids and that the post type can simply be ignored in this case (because the post_type is set to ""any"").
The relevant query should be like this (because it covers all requirements):
{{{
SELECT wp_posts.*
FROM wp_posts
WHERE 1=1
AND (wp_posts.post_status = ?)
WHERE wp_posts.ID IN (?)
GROUP BY wp_posts.ID
ORDER BY FIELD(wp_posts.ID,?,?)
}}}
I checked class-wp-query.php and didn't find a solution without making changes to the WordPress code. There may already be a workaround implemented - it would be nice to know it. But this can be easily implemented by adding something like post_type=""all"" (similar to ""any""). The implementation of the idea has been added to the patch file (attached).
Thanks in advance!" madeinua 6.2 has-patch
Defects Awaiting Review, reported against no version 39926 wp_get_object_terms should return WP_Error on wrong fields argument or use a sane default Taxonomy normal defect (bug) new 2017-02-21T13:40:52Z 2017-04-14T09:44:53Z "wp_get_object_terms( $object_ids, $taxonomies, $args ) accepts object_ids, taxonomies and as last option extra arguments as an array. One of the extra arguments in the $args array is the fields option.
I used the field value 'term_id' (erroneously) assuming this would return the term_ids. However this did not work. wp_get_object_terms returned an empty array and in my error log I noticed this SQL error message:
{{{
WordPress database error You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'FROM wp_terms AS t INNER JOIN wp_term_taxonomy AS tt ON t.term_id = tt.term_id ' at line 1 for query SELECT FROM wp_terms AS t INNER JOIN wp_term_taxonomy AS tt ON t.term_id = tt.term_id INNER JOIN wp_term_relationships AS tr ON tr.term_taxonomy_id = tt.term_taxonomy_id WHERE tt.taxonomy IN ('product') AND tr.object_id IN (449, 427) ORDER BY t.name ASC
}}}
After consulting the source of the wp_get_object_terms I noticed that 'term_id' is not a valid fields value. However I would have expected wp_get_object_terms() to return a WP_Error object instead of creating erroneous SQL code.
The following are valid field option values:
* all - Default : all matching term's objects will be returned
* ids : term's ids will be returned
* names : term's names will be returned
* slugs : term's slugs will be returned
* all_with_object_id : all matching term's objects will be returned
* tt_ids : term's taxonomy's ids will be returned
[https://codex.wordpress.org/Function_Reference/wp_get_object_terms See wp_get_object_terms() docs on the Codex]
=== Proposed solution
Due to [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L581 this switch statement] invalid or an empty fields value will result in an empty SELECT SQL query in this [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L650 codeblock]
My proposal is to add a default clause to the [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-term-query.php#L581 switch statement] which defaults to using the 'all' case value.
This seems to adhere to the functionality as well as the spirit of the rest of the WP_Term_Query class code. As far as I know it should be backwards compatible as well. " BjornW dev-feedback
Reporter Feedback / Close 55841 wp_get_nav_menu_items doesn't work properly Menus normal defect (bug) new 2022-05-26T09:45:23Z 2022-05-27T21:47:56Z "Function ""wp_get_nav_menu_items"" doesn't work correctly, when you try to retrieve a list of terms for a specific menu using slug returns all pages available.
" andreamarrano 6.0 reporter-feedback
Defects Awaiting Review 57813 wp_get_missing_image_subsizes() can give error if image_meta exists, but not height/width Media normal defect (bug) new 2023-02-26T21:47:16Z 2023-10-28T15:24:29Z "I have an SVG file attached as image. The function throws an error:
{{{
if ( ! empty( $imagesize ) ) {
$full_width = $imagesize[0];
$full_height = $imagesize[1];
} else {
$full_width = (int) $image_meta['width'];
$full_height = (int) $image_meta['height'];
}
}}}
on the else case. The below patch will resolve.
This is with 6.1.1
{{{
--- /app/wp-admin/includes/image.php.orig 2023-02-26 21:42:57.687046116 +0000
+++ /app/wp-admin/includes/image.php 2023-02-26 21:40:41.349180739 +0000
@@ -89,11 +89,11 @@
$registered_sizes = wp_get_registered_image_subsizes();
$image_meta = wp_get_attachment_metadata( $attachment_id );
// Meta error?
- if ( empty( $image_meta ) ) {
+ if ( empty( $image_meta ) || !array_key_exists('width', $image_meta) || !array_key_exists('height', $image_meta) ) {
return $registered_sizes;
}
// Use the originally uploaded image dimensions as full_width and full_height.
if ( ! empty( $image_meta['original_image'] ) ) {
}}}
" donbowman 6.1.1 has-patch
Defects Awaiting Review 51421 wp_get_missing_image_subsizes returns thumbnail sizes for animated GIFs Media normal defect (bug) new 2020-09-30T14:27:32Z 2020-10-01T14:36:20Z "While thumbnails are not created for animated GIFs to avoid the problem of users picking a thumbnail size to insert into their content and unexpectedly getting a static image instead of an animated GIF, they are generated for static GIFs.
The `wp_get_missing_image_subsizes` function however recognizes animated GIFs as an image format that can have subsizes generated, and so returns a list of missing thumbnail sizes that will never be created.
This causes problems for various plugins when checking whether all required thumbnails exist before commencing processing the GIF etc." ianmjones 5.5.1 needs-patch
Defects Awaiting Review 53121 wp_get_image_mime() - something weird going on Media minor defect (bug) new 2021-04-30T17:29:42Z 2021-05-01T01:58:35Z "Okay, eh... help... so this is a weird one to write up.
In the context of #53009, @hellofromTonya and me are looking at all calls to `markTestSkipped()` in the test suite.
One of the ones I was looking at is this test in `tests/phpunit/tests/functions.php`:
{{{#!php
markTestSkipped( 'The exif PHP extension is not loaded.' );
}
$this->assertSame( $expected, wp_get_image_mime( $file ) );
}
}}}
for the [https://developer.wordpress.org/reference/functions/wp_get_image_mime/ `wp_get_image_mime()`] function.
Now, there are two questions I have:
1. Why is `is_callable()` used for `exif_imagetype` and `function_exists()` for `getimagesize` ? This is the same in the actual function as well as the test, but strikes me as odd. Why not use `function_exists()` (or `is_callable()`) for both ?
2. I've been trying to verify the conditions by running the test with the Exif and GD extensions in various states - both enabled, GD disabled - Exif enabled, GD enabled - Exif disabled, both disabled - and I can only seem to make the test hit the skip condition with Exif disabled. Tested on both PHP 5.6 as well as PHP 7.4.
I've checked the PHP docs and the [https://www.php.net/manual/en/function.getimagesize.php `getimagesize()`] function is listed as part of the GD extension and the manual doesn't say anything explicitly about it being available independently of the extension, so the condition ''seems'' justified, but the fact that I can't seem to get the test to fail is making me want to dig deeper.
Related to #11946 and #40017. The original function was introduced in [39831], the tests in [40397].
Pinging @joemcgill - would you happen to be able to give me some insight into what's happening here ?" jrf 4.8
Reporter Feedback / Close 50264 wp_get_image_editor()->multi_resize() occasionally fails Media normal defect (bug) new 2020-05-27T12:26:21Z 2022-03-16T18:56:30Z "I'm using wp_get_image_editor to create different sizes of same image, in 99.9% it works fine, but sometimes happens this:
[[Image(http://files.dangerd.org/pub/!PUBLIC//wpbug2.png)]]
All images are generated with smallest size in array, any ideas?
{{{#!php
resize( 1920, 1282, false );
$image->set_quality(65);
$image->save( $path );
$sizes = array(
array('width'=>640,'height'=>480,'crop'=>false),
array('width'=>640,'height'=>480,'crop'=>true),
array('width'=>150,'height'=>150,'crop'=>true),
);
$mult = $image->multi_resize( $sizes );
}}}
" dangerd512 5.4.1 reporter-feedback
Defects Awaiting Review 44174 wp_get_http_headers does not return status code or follow redirects HTTP API normal defect (bug) new 2018-05-21T13:13:02Z 2018-05-21T13:13:02Z "wp_get_http_headers performs an HTTP HEAD request and returns a simple success or failure code. This function is listed as part of the ""HTTP API"" on https://codex.wordpress.org/Function_Reference.
If the target resource issues a redirect, it is not followed, nor is the specific redirect code returned. It is possible to check for the Location header & follow the redirect manually. But wp_get_http_headers should, at least optionally, process redirects. It should also return the HTTP status code and message. One way to do this would be the Apache model - provide a Status pseudo-header in the response (e.g. 'Status' => '200 OK')
If a WordPress resource returns a 404 code, the result is 'success' with an HTML page suitable for humans - HEAD, of course, simply says content-type: text/html. This is indistinguishable from 200 for the page.
The underlying wp_safe_remote_head API seems to return the status, but it's not returned from wp_get_http_headers. Note that wp_safe_remote_head is not listed on the function reference page, so I assume is not intended for public use.
(If context matters, I'm using it to implement a shortcode in a plugin.)
I'm leaving this as a ""bug"" since failure to provide status prevents a caller from detecting errors and correctly processing a response." tlhackque 4.9.6
Defects Awaiting Review 44972 wp_get_current_user() misbehavior Users normal defect (bug) new 2018-09-20T16:30:06Z 2018-09-23T14:54:22Z "You might say that the problem is coming from plugins, but wanted to mention this:
Sometimes, I've found that some plugins use:
`$smth = get_bloginfo('language'...);`
1) directly in plugin php file (i mean out of the hook, just directly as a new line),
2) or sometimes that code is used in `class` `__construct` method (not different than first one - you know, constructor is executed directly too).
to reproduce the problem, just place that line in any plugin/functions.php, then enter WP dashboard, and you get:
`Sorry, you are not allowed to access this page.`
yes, just using that code in XYZ plugin (without any further action, just that code), causes you to be blocked out from wp.
I've researched and the chain goes like -> get_bloginfo()->get_user_locale() ->wp_get_current_user()----> `wp_set_current_user( $user_id );` <---- this one makes the issue i think.
so, i dont know, but i think get_bloginfo function (or get_current user function) which may be **EVEN** fired incorrectly, shouldnt cause that problem." tazotodua
Reporter Feedback / Close 49841 wp_get_attachment_url does not return a url Media normal defect (bug) new 2020-04-07T17:29:44Z 2020-06-02T16:49:34Z "wp_get_attachment_url returns the base url to the uploads directory suffix with the file path.
The file path is not always a valid url. 'fun image.png' is a valid file name. It's url path is 'fun%20image.png'
I suggest adding the below straight after line 5859 in wp-includes/post.php
{{{
// Convert the file path into a valid URL path
$file = implode('/', array_map('rawurlencode', explode(DIRECTORY_SEPARATOR, $file)));
}}}
" hughie.molloy 5.4 reporter-feedback
Defects Awaiting Review 32117 wp_get_attachment_metadata sizes array file misses path if using year/month organizing Media normal defect (bug) new 2015-04-24T15:58:51Z 2017-08-14T13:15:29Z "wp_get_attachment_metadata returns array like this:
{{{
[""metadata""]=>
array(5) {
[""width""]=>
int(3072)
[""height""]=>
int(2304)
[""file""]=>
string(25) ""2015/03/GC702D01_high.jpg""
[""sizes""]=>
array(4) {
[""thumbnail""]=>
array(4) {
[""file""]=>
string(25) ""GC702D01_high-200x150.jpg""
[""width""]=>
int(200)
[""height""]=>
int(150)
[""mime-type""]=>
string(10) ""image/jpeg""
}
}}}
as you can see, ""file"" in the first level of the array contains year and month (as i do have turned on organizing in year/month structure for uploads), but ""file"" in the second level for (e.g. in this case) the thumbnail size is only the file name, without the path.
This is at least confusing, make it difficult to get the URL of the file - each size need to be then requested separately by wp_get_attachment_image_src function.
IMO optimal solution would be to use full path in both `$metadata['file']` and `$metadata['sizes'][$size]['file']` so the same name would have the same structure. But i do not know if it wouldn't have some compatibility issues.
Less optimal imo would be to add there also the path - it can be there only once in the top level, as all sizes are currently always in the same folder, but i think this could lock us from possible changes / plugin modifications etc. E.g. I think that it would be great, if it would be possible (and even default) to have size name, as a folder, so that we would have thumbnails in uploads/thumbnail, medium size in uploads/medium ... - this would highly reduce the number of images in one folder in default settings and would reduce the problems with displaying them on most systems. And also if we would want to delete some defined size, we could simply delete one folder and save space.
So the second optimal would be to show the path in `sizes[$size]` subarray, e.g.
{{{
[""metadata""]=>
array(5) {
[""sizes""]=>
array(4) {
[""thumbnail""]=>
array(4) {
[""file""]=>
string(25) ""GC702D01_high-200x150.jpg""
[""path""]=>
string(25) ""2015/03/""
}
}}}" thomask 4.2 needs-patch
Defects Awaiting Review 59239 wp_generate_uuid4 collisions General normal defect (bug) new 2023-08-29T12:19:00Z 2023-08-29T12:19:00Z It seems like `wp_generate_uuid4()` is prone to creating UUID collisions, since it internally uses `mt_rand`, which uses a 32-bit seed. When this seed repeats, it will generate the same UUID twice. Maybe it should be updated to use `wp_rand` instead which uses `random_int` so it's backed by a real CSPRNG? joppuyo
Defects Awaiting Review 58647 wp_generate_attachment_metadata generates scaled images Media major defect (bug) new 2023-06-27T21:34:17Z 2023-06-27T21:34:17Z "When using wp_generate_attachment_metadata() it seems to ignore the filter to turn off ""big_image_size_threshold"".
add_filter( 'big_image_size_threshold', '__return_false' );
$generateThumbs = wp_generate_attachment_metadata( $attachmentId, $file );
This results in a scaled version of the media being created and _wp_attached_file meta being replaced with the scaled versions path.
" picard102 6.2.2
Defects Awaiting Review 53187 wp_filter_content_tags added too early Media normal defect (bug) new 2021-05-11T19:15:40Z 2021-07-26T16:31:46Z "Currently wp_filter_content_tags filter is added to the_content filters with default priority, this means that if the iframe is outputted by shortcode it will not get the lazy loading attribute.
I think that it should be added after do_shortcode has run with priority of 12." maciejmackowiak 5.5 needs-patch
Enhancements Awaiting Review 55469 WP_Filesystem_SSH2::chmod() should use ssh2_sftp_chmod() Filesystem API normal enhancement new 2022-03-27T17:10:57Z 2022-03-27T17:13:32Z "`WP_Filesystem_SSH2::chmod()` currently uses `::run_command( sprintf( 'chmod %o %s', $mode, escapeshellarg( $file ) ), true )` (which calls [https://www.php.net/manual/en/function.ssh2-exec.php ssh2_exec()]). It has essentially been this way since `WP_Filesystem_SS2` was introduced in [8812].
However, some sftp servers do not allow `ssh2_exec()` to be run, generating PHP warnings such as:
> PHP Warning: ssh2_exec(): Unable to request command execution on remote host
and on those severs all calls to `WP_Filesystem_SSH2::chmod()` basically become noops.
Luckily, starting with version [https://pecl.php.net/package/ssh2/0.12 0.12], the ssh2 extension introduced [https://www.php.net/manual/en/function.ssh2-sftp-chmod.php ssh2_sftp_chmod()], and `WP_Filesystem_SSH2::chmod()` should be changed to use it." pbiron has-patch
Defects Awaiting Review 52235 wp_extract_urls doesn't match localhost General normal defect (bug) new 2021-01-06T11:22:43Z 2021-03-05T11:44:37Z "The wp_extract_urls function does not match URLs with localhost as the domain:
{{{#!php
hi"");
// Doesn't match.
wp_extract_urls(""hi "");
}}}
I think this function should definitely match localhost because this is often used in testing environments. But if this is intended behaviour, then the documentation makes no mention that this function only matches a subset of allowed URLs." seanleavey 5.6 has-patch
Defects Awaiting Review 56887 wp_exif_date2ts throws notice on slash formatted date Date/Time normal defect (bug) new 2022-10-22T11:15:51Z 2022-10-22T11:15:51Z "When an image has an exif date in the format ...
> YYYY/MM/DD HH:MM:SS
... rather than ...
> YYYY:MM:DD HH:MM:SS
... which is happening more and more I have noticed, the following PHP notices are thrown ...
> PHP Notice: Undefined offset: 1 in /var/www/tourist.org.uk/html/wp-admin/includes/image.php on line 710
> PHP Notice: Undefined offset: 2 in /var/www/tourist.org.uk/html/wp-admin/includes/image.php on line 710
I think there are a lot of assumptions being made in wp_exif_date2ts() and I believe that a preg_match check like ...
{{{#!php
\d){4}[:|\/](?>\d){2}[:|\/](?>\d){2} (?>\d){2}:(?>\d){2}:(?>\d){2}$/', $str)) {
// Process and return exif date
} else {
return false;
}
}}}
... should be done instead.
This is related to ticket [ticket:48204]
" domainsupport 5.2.3
Defects Awaiting Review 41008 WP_Error wrote instead of category name in wp_options table, category_base field Permalinks normal defect (bug) new 2017-06-12T12:31:13Z 2020-09-08T21:18:17Z "I just installed WordPress 4.8, yet I'm not sure it's a bug specific of this version or not.
The issue is documented in the following post:
http://www.ryadel.com/en/catchable-fatal-error-object-of-class-wp_error-could-not-be-converted-to-string-wordpress-fix/
Long story short, it seems that sometimes (when some errors occurs, in my scenario was a I/O error) the category_base value of the wp_options table gets filled with a WP_Error json object instead of a category name. This raises an exception in the rewrite.php script (line 326) when the function tries to use that value against a regex, expecting a string.
Sadly enough, it doesn't seem easy to reproduce.
" Neilgaiman 4.8
Reporter Feedback / Close 57267 wp_enqueue_style is not working under shortcode Shortcodes normal defect (bug) new 2022-12-03T07:41:09Z 2022-12-15T13:08:25Z "we have tested in older version wp_enqueue_style('some-id'); is working fine on 5.7.8
but it's not working on 6.1.1
even its not working on ""wp_head"", ""wp_footer""" hasanrang05 6.1.1 reporter-feedback
Defects Awaiting Review 58075 wp_enqueue_scripts action not firing at the right time with block themes Script Loader major defect (bug) new 2023-04-04T05:01:44Z 2023-05-26T09:44:21Z "How to reproduce:
Use this piece of code somewhere in the (child) theme or a plugin
{{{#!php
array(
'aria-describedby' => 'description'
)
));
echo 'Some description
';
}}}
" Shelob9
Reporter Feedback / Close 54921 wp_dropdown_users_args Filter not working in WordPress 5.9 audrasjb Users major defect (bug) reviewing 2022-01-26T13:02:32Z 2022-02-25T21:15:24Z "I have the following code that works great on WP 5.8.3, but it is not working on WP 5.9.
I had to rollback to WP 5.8.3.
It is just showing the administartor role users, but not the custom role 'company_owner'. In version 5.8.3 works great.
{{{#!php
null,
'role' => array('Subscriber', 'Participant'),
'role__in => array('Editor', 'Contributor'),
'role__not_in => null
);
}}}
When calling `wp_dropdown_users` i don't see any dropdown list.
While, according to above users and their respective roles the list should bring up the following users:
{{{
aniket (matches exactly with 'role': Subscriber, Participant)
cjx2009 (matches 'role__in': Editor)
warrior (matches 'role__in': Contributor)
}}}
Even if I do not use a combination like above and just use `role => array('Subscriber', 'Participant')` nothing appears (I already have `'hide_if_only_one_author' => null,`).
Furthermore, if I set `role => null` and use `role__in => array('Contributor', 'Moderator')`, again there is nothing when I am expecting user `warrior` will come up in dropdown list! But if I only use 'Contributor' the dropdown appears with `warrior`." subrataemfluence 4.7.5
Enhancements Awaiting Review 24972 wp_dropdown_roles() multiple pre-selected options Users normal enhancement new 2013-08-06T18:24:31Z 2018-07-30T16:49:27Z "Hi,
I would like to suggest a patch to wp_dropdown_roles() to enable multiple pre-selected options.
Below you'll find the diff and the full featured function.
I'm not sure whether Trac is the right place to put this. If not, please let me know how to procede
{{{
diff -r e185f8cbbec5 wp-admin/includes/template.php
--- a/wp-admin/includes/template.php Tue Aug 06 11:50:50 2013 +0100
+++ b/wp-admin/includes/template.php Tue Aug 06 19:11:37 2013 +0100
@@ -751,9 +751,19 @@
/**
* Print out html elements for role selectors
*
+ *
+ * // call with a single pre-selected option
+ * wp_dropdown_roles( 'editor' ):
+ *
+ * // call with multiple pre-selected options
+ * wp_dropdown_roles( array( 'editor', 'administrator' ) ):
+ *
+ *
* @since 2.1.0
*
- * @param string $selected slug for the role that should be already selected
+ * @param string|array $selected list of role slugs that should be already
+ * selected
+ * @return string list of HTML elements with user roles
*/
function wp_dropdown_roles( $selected = false ) {
$p = '';
@@ -761,10 +771,14 @@
$editable_roles = get_editable_roles();
+ // For backwards compatibility
+ if ( is_string($selected) )
+ $selected = array( $selected );
+
foreach ( $editable_roles as $role => $details ) {
$name = translate_user_role($details['name'] );
- if ( $selected == $role ) // preselect specified role
- $p = ""\n\t $name "";
+ if ( is_array($selected) AND in_array($role,$selected) ) // preselect specified role
+ $p .= ""\n\t$name "";
else
$r .= ""\n\t$name "";
}
}}}
{{{
/**
* Print out html elements for role selectors
*
*
* // call with a single pre-selected option
* wp_dropdown_roles( 'editor' ):
*
* // call with multiple pre-selected options
* wp_dropdown_roles( array( 'editor', 'administrator' ) ):
*
*
* @since 2.1.0
*
* @param string|array $selected list of role slugs that should be already
* selected
* @return string list of HTML elements with user roles
*/
function wp_dropdown_roles( $selected = false ) {
$p = '';
$r = '';
$editable_roles = get_editable_roles();
// For backwards compatibility
if ( is_string($selected) )
$selected = array( $selected );
foreach ( $editable_roles as $role => $details ) {
$name = translate_user_role($details['name'] );
if ( is_array($selected) AND in_array($role,$selected) ) // preselect specified role
$p .= ""\n\t $name "";
else
$r .= ""\n\t$name "";
}
echo $p . $r;
}
}}}" PauloASilva 3.6 has-patch
Defects Awaiting Review 43995 wp_dropdown_categories(array( 'pad_counts' => true ) ) doesn't correctly pad counts on post_types with custom stati Taxonomy normal defect (bug) new 2018-05-07T17:53:33Z 2019-01-17T00:57:01Z "Suppose I have the following situation:
* a custom post type (e.g., `member`)
* post type `member` has custom post stati (e.g., `subscribed` and `unsubscribed`)
* **ALL** posts of post type `member` have one of these custom stati (i.e., **NONE** have post_status `publish`).
* a hierarchical taxonomy (e.g., `membership-status`) is registered on post type `member`
* taxonomy `membership-status` looks like the following:
* Membership
* Current
* Expired
and that the term `Current` has been assigned to 10 posts, `Expired` has been assigned to 5 posts and that `Membership` has been assigned to **0** posts.
If I then call
{{{
#!php
$args = array(
'taxonomy' => 'membership-status',
'show_counts' => true,
'pad_counts' => true,
...
);
wp_dropdown_categories( $args );
}}}
I expect to get a dropdown that looks like:
* Membership (15)
* Current (10)
* Expired (5)
Instead, I get the following:
* Membership (0)
* Current (10)
* Expired (5)
which is, obviously, not correctly padding the count for `Membership`.
Related: #11847, #13176" pbiron
Defects Awaiting Review 51855 wp_dropdown_categories allows multiple classes General normal defect (bug) new 2020-11-23T20:50:26Z 2020-11-27T16:54:03Z "The function wp_dropdown_categories() provides the argument for class in line with many other functions however it uses:
{{{#!php
$class = esc_attr( $parsed_args['class'] );
}}}
Rather then then:
{{{#!php
sanitize_html_class( $class )
}}}
This means its not using the much more restrictive santization and is allowing multiple classes.
" tnash 2.8
Enhancements Awaiting Review 38618 wp_description() and description-tag General normal feature request new 2016-11-02T10:00:21Z 2019-04-05T11:03:42Z "The `wp_title()` function is used by the `title-tag` theme feature to output specific page titles.
Ref https://developer.wordpress.org/reference/functions/wp_title/
What are your thoughts on having something like this for the meta description?" henry.wright dev-feedback
Defects Awaiting Review 43672 wp_delete_post() function ignores `$force_delete` parameter for custom post types Posts, Post Types normal defect (bug) new 2018-04-02T05:23:01Z 2023-07-05T15:55:14Z "The `wp_delete_post()` function has a second optional parameter called `$force_delete` (default false) that decides whether to send the post to trash or delete it permanently.
But when the function is invoked with a post id that belongs to a custom post type, this parameter is ignored and the post is always deleted permanently and never sent to trash.
Here is the relevant code inside that function that does this.
{{{
if ( ! $force_delete && ( 'post' === $post->post_type || 'page' === $post->post_type ) && 'trash' !== get_post_status( $postid ) && EMPTY_TRASH_DAYS ) {
return wp_trash_post( $postid );
}
}}}
I think the post types check in the above condition should not be made, but I am not sure why it is there and what are the implications of it.
Steps to replicate this issue.
- Create a post in a custom post type and note the post id.
- Make the call to the function. Assuming 42 is the post id, the call will be `wp_delete_post( 42, false)`
- Since the `$force_delete` parameter is set to `false`, the expectation is that the post should be sent to trash
- But the post will be permanently deleted
If it is agreed that it is a bug, then I can submit a patch to remove the post type check.
" sudar dev-feedback
Defects Awaiting Review 47868 wp_delete_attachment returning successfully, deleting all DB data, but NOT deleting files, and NOT returning false Media normal defect (bug) new 2019-08-13T12:03:06Z 2019-08-20T04:16:29Z "from
https://wordpress.stackexchange.com/questions/344976/wp-delete-attachment-returning-successfully-deleting-all-db-data-but-not-delet?noredirect=1#comment505976_344976
I digged into wp_delete_attachment here https://core.trac.wordpress.org/browser/tags/5.2.1/src/wp-includes/post.php#L5450 , it calls wp_delete_attachment_files
wp_delete_attachment_files returns false on failure, but this is ignored! in wp_delete_attachment. Now I'm not gonna go on a rant how bad that 'design' is. My question is, how can I make sure that the files DO get deleted?
I'm calling
{{{
$attachments = get_attached_media('', $post->ID);
foreach ($attachments as $attachment) {
wp_delete_attachment($attachment->ID, true);
wp_delete_attachment never returns falsy.
}}}
How can I figure out and fix wp_delete_attachment ?
in my case it seems that some post_meta might be damaged, as the file location sometimes can be lost for some reason. This should return false or better throw and error" Jossnaz dev-feedback
Defects Awaiting Review 36437 wp_delete_attachment causes warning Media normal defect (bug) new 2016-04-07T06:24:34Z 2017-07-27T16:26:17Z wp_delete_attachment assumes that attachments uses category and post_tag taxonomies. This causes a warning in wp_delete_object_term_relationships when post type attachment is not using category or post_tag taxonomies. thorbrink 2.0 needs-unit-tests
Defects Awaiting Review 51230 WP_DEBUG is flagged when using the development environment type Site Health normal defect (bug) new 2020-09-03T12:43:59Z 2020-09-03T18:21:29Z "This was a request from the comments of the New `wp_get_environment_type() function in WordPress 5.5 post from @robertreiser:
> Setting the environment to development also sets WP_DEBUG, which makes sense and I had WP_DEBUG enabled anyway on my development site.
>
> But the site health tool still shows an error regarding the use of WP_DEBUG:
>
> Your site is set to display errors to site visitors
>
> In case if setting the environment to development, this should no longer be shown as an error in the site health tool.
" desrosj 5.5
Defects Awaiting Review 47652 wp_dashboard_right_now() emits debug notices on unregistered core post types Posts, Post Types normal defect (bug) new 2019-07-04T20:31:23Z 2019-07-05T02:26:47Z "When you unregister a core 'post' or 'page' post type (I know... I know...) if they have posts in the database, the dashboard ""Right Now"" widget will output a debug notice for each unregistered type:
{{{
Undefined property: stdClass::$publish; wp-admin/includes/dashboard.php:270
}}}
This is because the code inside of `wp_dashboard_right_now()` always expects a `WP_Post_Status` object as the return type of each `wp_count_posts()` key, however a `stdClass` return type is also possible when no registered type or status is currently registered at the time the widget is rendered.
----
Unregistering ""built in"" post types is normally considered to ""void the warranty"" and the `unregister_post_type()` function explicitly throws an error when you try, but the patch I'm about to attach is a small and bit of code hardening that prevents filling debug logs for those of us that frequently work with out-of-warranty installation types." johnjamesjacoby
Defects Awaiting Review 46596 WP_Customize_Date_Time_Control class - date format ignores day of the month suffix (S) Customize normal defect (bug) new 2019-03-21T22:57:07Z 2019-03-22T18:32:31Z "When adding a date time control to the customizer using the WP_Customize_Date_Time_Control class with the add_control() method, the character for the day of the month suffix (S) is not replaced/stripped when formatting the date and gets displayed in the customizer.
See attached image.
Like other date formatting characters, the suffix should either be replaced with the get_option( 'date_format' ) value or be removed completely." F.Ilona 4.7 has-patch
Defects Awaiting Review 42064 wp_crop_image() does not work when fopen() is disabled Build/Test Tools normal defect (bug) new 2017-10-02T19:10:07Z 2021-08-11T21:01:03Z "While running the WordPress PHP Unit testing framework, a single test for wp_crop_image() failed consistently. After @danielbachhuber debugged the test, he found that wp_crop_image() was failing because it depended on _load_image_to_edit_path, which he said is dependent on fopen(). WordPress is supposed to function when fopen() is disabled. wp_crop_image's dependency on fopen is incorrect.
To reproduce the issue:
Disable allow_url_fopen in PHP
Setup the PHPUnit Test Runner (https://github.com/WordPress/phpunit-test-runner)
Run the PHPUnit Test Runner.
The test runner should report the following failed test:
Tests_Image_Functions::test_wp_crop_image_url Failed asserting that WP_Error Object (...) is not an instance of class ""WP_Error"". /../../../phpunit-test-runner/wp-test-runner/tests/phpunit/tests/image/functions.php:317
The WP_Error object reports the following:
Fobject(WP_Error)#9993 (2) {
[""errors""]=>
array(1) {
[""invalid_image""]=>
array(1) {
[0]=>
string(21) ""File is not an image.""
}
}
[""error_data""]=>
array(1) {
[""invalid_image""]=>
string(60) ""https://asdftestblog1.files.wordpress.com/2008/04/canola.jpg""
}
}
The image is a valid image otherwise, such as when viewed through the browser. The test fails on PHP 5.6, PHP 7.0, and PHP 7.1 when fopen is disabled." jadonn 4.9
Defects Awaiting Review 55635 "wp_convert_hr_to_bytes() report correct byte sizes for php.ini ""shorthand"" values" Upload normal defect (bug) new 2022-04-27T21:43:16Z 2022-09-14T23:16:00Z "Resolves #17725
When `wp_convert_hr_to_bytes()` was introduced in [4388] it provided a simplified mechanism to parse the values returned by functions like `ini_get()` which represent byte sizes. The over-simplified approach has led to issues in that function reporting the wrong byte sizes for various php.ini directives, leading to confusing problems such as uploading files that are rejected improperly or accepted improperly.
In this patch we're porting the parser from PHP's own source (which has remained stable for decades and probably can't change without major breakage) in order to more accurately reflect the values it uses when it reads those configurations.
Unfortunately PHP doesn't offer a mechanism to read its own internal value for these fields and a 100% port is extremely cumbersome (at best) due to the different ways that PHP and C handle signed integer overflow. These differences should only appear when supplying discouraged/invalid values to the system anyway, and PHP warns that in these situations things are likely to break anyway.
Over the years this function has been modified a couple of times in ways that this patch reverts:
- [38013] introduced a `PHP_INT_MAX` limit in a way that coerces hexadecimal and octal integer representations to decimal.
- [35325] replaced the hard-coded byte size with overwritable constants but if there were any occasion for someone to change those constants in `wp-config.php` then we would actually want to preserve the hard-coded values in `wp_convert_hr_to_bytes()` since that function refers to code inside of PHP, not inside of WordPress.
- The original code from [4388] looks for the presence of the suffixes //anywhere// within the value string and prioritizes `g` over `m` over `k` whereas PHP only looks at the last character in the input string (this is something that [https://core.trac.wordpress.org/attachment/ticket/17725/17725.3.diff 17725.3.diff] got right). This can cause unexpected parses, such as with `14gmk` when WordPress interprets it as 14GiB but PHP interprets it as 14KiB.
Further we do acknowledge the mismatch between PHP's definition of ""gigabyte""/""megabyte""/""kilobyte"" being factors of 1024 apart from each other and the standard of being 1000. WordPress follows PHP's convention so this is simply noted in the function and preserved.
This patch introduces new behaviors which might seem unexpected or wrong. It's important to consider that this function exists because PHP doesn't expose the values it parses from the php.ini directives. Therefore it's job in WordPress can be considered to do as best as it can to represent what's really happening inside of PHP; this may not match our intuition about what PHP should be doing. To that end the over-simplified code for the past 16 years has misreported many plausible-looking values like `100MB` (which PHP interprets as 100 bytes but WordPress thinks is 100 MiB).
**Testing**
In order to fully verify the updated code we have to understand PHP's interpretation of the php.ini directive values. One way to do this is to set a value, `upload_max_size` for instance, in any number of the possible configurable places and then make repeated uploads to see if it's rightfully accepted or rejected. This is cumbersome.
An alternative approach is to compile PHP locally with added instrumentation; this is the approach taken in preparing this PR. The following patch will report three values every time a ""Long"" value is parsed from a php.ini directive: the shorthand value being parsed, the bound `long` value before applying the magnitude suffix, and the possibly-overflowed value derived from applying the possible `g`, `m`, and `k` suffixes.
{{{#!diff
diff --git a/Zend/zend_operators.c b/Zend/zend_operators.c
index 8a0cc813..362cef76 100644
--- a/Zend/zend_operators.c
+++ b/Zend/zend_operators.c
@@ -164,6 +164,9 @@ ZEND_API zend_long ZEND_FASTCALL zend_atol(const char *str, size_t str_len) /* {
break;
}
}
+
+ printf(""zend_atol( \""%s\"" ) = %lld : %lld\n"", str, ZEND_STRTOL(str, NULL, 0), retval);
+
return (zend_long) retval;
}
/* }}} */
}}}
For example, a sampling of values run through PHP produces this output.
{{{#!bash
zend_atol( ""0"" ) = 0 : 0
zend_atol( ""0g"" ) = 0 : 0
zend_atol( ""1g"" ) = 1 : 1073741824
zend_atol( ""3G"" ) = 3 : 3221225472
zend_atol( ""3mg"" ) = 3 : 3221225472
zend_atol( ""3km"" ) = 3 : 3145728
zend_atol( ""boat"" ) = 0 : 0
zend_atol( ""-14k"" ) = -14 : -14336
zend_atol( ""-14chairsg"" ) = -14 : -15032385536
zend_atol( ""9223372036854775807"" ) = 9223372036854775807 : 9223372036854775807
zend_atol( ""9223372036854775807g"" ) = 9223372036854775807 : -1073741824
zend_atol( ""9223372036854775808"" ) = 9223372036854775807 : 9223372036854775807
zend_atol( ""0xt"" ) = 0 : 0
zend_atol( ""0x5teak_and_egg"" ) = 5 : 5368709120
}}}" dmsnell dev-feedback
Enhancements Awaiting Review 50538 WP_Comments_List_Table should not show views that have a count of 0 pbiron Comments normal enhancement assigned 2020-07-02T17:14:28Z 2021-03-12T11:00:37Z "Other core list tables that have a get_views() method do not output a view if the count for that view is 0, e.g., `WP_Posts_List_Table` doesn't output ""Pending (0)"" if there are no posts with $post_status === 'pending').
However, `WP_Comments_List_Table` does output ""Pending (0)"" if there are no pending comments.
For consistency's sake, I think `WP_Comments_List_Table` should skip views with count of 0.
Related: #47495" pbiron dev-feedback
Defects Awaiting Review 59440 WP_Comments_List_Table bulk actions do not account for user permissions. Comments normal defect (bug) new 2023-09-25T10:01:22Z 2023-09-25T10:01:22Z "Unlike other list tables, the comment list table's get_bulk_actions()
does not check the current user's permissions which leads to a confusing UX if a user can for example, edit comments, but not delete them (due to custom permissions).
{{{#!php
1,
] );
$comment = get_comment( $comment_id );
// will fail because $comment->user_id is a string
$this->assertSame( $comment->user_id, 1 );
}
}
}}}
The constructor of WP_Comment just applies the data to the variables, without setting/fixing the types (as e.g. WP_User does for the ID)." cneumann has-patch
Enhancements Awaiting Review 29717 wp_check_invalid_utf8 - pcre tricks and failsafes, +mb_convert_encoding, iconv fix, performance Formatting normal enhancement new 2014-09-20T17:18:13Z 2019-05-18T07:49:17Z "Used in core in these 4 functions.
* esc_attr()
* esc_js()
* esc_html()
* sanitize_text_field()
It's the first function to execute for all 4, and especially for sanitize_text_field it gets called quite a bit and is pretty important.
It's purpose is to check a string for invalid utf. It utilizes preg_match with the '/u' modifier to parse both the pattern and subject for utf. PCRE automatically checks both the pattern and subject for invalid utf, upon which it will exit with an error code/constant.
The changes here: Normally pcre is compiled with utf support. It can also be compiled to disallow utf support, and it can be compiled without utf support. If utf is compiled and enabled the '/u' modifier for preg_match is available which turns on the automatic utf validation.
For older dists or those with utf support turned off at compile, there is a trick to enable the same functionality as the '/u' provides.
http://www.pcre.org/pcre.txt
In order process UTF-8 strings, you must build PCRE to include UTF-8
support in the code, and, in addition, you must call pcre_compile()
with the PCRE_UTF8 option flag, or the pattern must start with the
sequence (*UTF8). When either of these is the case, both the pattern
and any subject strings that are matched against it are treated as
UTF-8 strings instead of strings of 1-byte characters.
So the first change to this function was to allow a fallback to that pattern option trick in case '/u' wasnt supported.
1. `@preg_match( '//u', '' ) !== false`
2. `@preg_match( '/(*UTF8)/', '' ) !== false`
3. Fallback to a regex that doesn't require UTF support, instead of using pcre utf validation it searches for it
I also wanted it to have better performance, especially due to its use in those 4 core functions I use often. I benchmarked it pretty thoroughly to try and gain more speed. This patch is about 10-20% faster.
Many gains were from refactoring the logic and control structures, chaining within if statements using bools, and utilizing the static variables to the fullest. This is especially crucial since this function gets called repeatedly. I also gained some cycles by replacing an in_array() check with a `stripos`.
One of the bigger gains came from replacing the `strlen( $string ) == 0` that ran on every run with. Since the $string variable was already casted to a string, that should always work and keep things a little cheaper.
{{{
$string = (string) $string;
// if string length is 0 (faster than strlen) return empty
if ( ! isset( $string[0] ) )
return '';
}}}
The final change was to the 2nd parameters $strip, which if true is supposed to strip the invalid utf out of the string and return the valid. In core nowhere is that parameter being used (yet), which explains the deprecated looking iconv. Also added a fallback to use mb_convert_encoding in case iconv is missing.
{{{
// try to use iconv if exists
if ( function_exists( 'iconv' ) )
return @iconv( 'utf-8', 'utf-8//ignore', $string );
// otherwise try to use mb_convert_encoding, setting the substitue_character to none to mimic strip
if ( function_exists( 'mb_convert_encoding' ) ) {
@ini_set( 'mbstring.substitute_character', 'none' );
return @mb_convert_encoding( $string, 'utf-8', 'utf-8' );
}
}}}
Here are some of the test strings I used, I also used the utf-8-test file at http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt. I did testing on 4.0 using php 5.6, 5.4, 5.3, and 5.4. I verified the output and the strip feature as well. For all tests I had php error_reporting set to the max:
{{{
ini_set( 'error_reporting', 2147483647 );
}}}
{{{
$valid_utf = array(
""\xc3\xb1"", // 'Valid 2 Octet Sequence'
""\xe2\x82\xa1"", // 'Valid 3 Octet Sequence' =>
""\xf0\x90\x8c\xbc"", // 'Valid 4 Octet Sequence' =>
""\xf8\xa1\xa1\xa1\xa1"", //'Valid 5 Octet Sequence (but not Unicode!)' =>
""\xfc\xa1\xa1\xa1\xa1\xa1"", //'Valid 6 Octet Sequence (but not Unicode!)' =>
""Iñtërnâtiônàlizætiøn\xf0\x90\x8c\xbcIñtërnâtiônàlizætiøn"", // valid four octet id
'Iñtërnâtiônàlizætiøn', // valid UTF-8 string
""\xc3\xb1"", // valid two octet id
""Iñtërnâtiônàlizætiøn\xe2\x82\xa1Iñtërnâtiônàlizætiøn"", // valid three octet id
);
$invalid_utf = array(
""\xc3\x28"", //'Invalid 2 Octet Sequence' =>
""\xa0\xa1"", //'Invalid Sequence Identifier' =>
""\xe2\x28\xa1"", //'Invalid 3 Octet Sequence (in 2nd Octet)' =>
""\xe2\x82\x28"", //'Invalid 3 Octet Sequence (in 3rd Octet)' =>
""\xf0\x28\x8c\xbc"", //'Invalid 4 Octet Sequence (in 2nd Octet)' =>
""\xf0\x90\x28\xbc"", // 'Invalid 4 Octet Sequence (in 3rd Octet)' =>
""\xf0\x28\x8c\x28"", //'Invalid 4 Octet Sequence (in 4th Octet)' =>
chr(0xE3) . chr(0x80) . chr(0x22), // Invalid malformed because 0x22 is not a valid second trailing byte following the leading byte 0xE3. http://www.unicode.org/reports/tr36/
chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Invalid UTF-8, overlong 5 byte encoding.
chr(0xD0) . chr(0x01), // High code-point without trailing characters.
chr(0xC0) . chr(0x80), // Overlong encoding of code point 0
chr(0xF8) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 5 byte encoding
chr(0xFC) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80) . chr(0x80), // Overlong encoding of 6 byte encoding
chr(0xD0) . chr(0x01), // High code-point without trailing characters
""Iñtërnâtiôn\xe9àlizætiøn"", // invalid UTF-8 string
""Iñtërnâtiônàlizætiøn\xfc\xa1\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid six octet sequence
""Iñtërnâtiônàlizætiøn\xf0\x28\x8c\xbcIñtërnâtiônàlizætiøn"", // invalid four octet sequence
""Iñtërnâtiônàlizætiøn \xc3\x28 Iñtërnâtiônàlizætiøn"", // invalid two octet sequence
""this is an invalid char '\xe9' here"", // invalid ASCII string
""Iñtërnâtiônàlizætiøn\xa0\xa1Iñtërnâtiônàlizætiøn"", // invalid id between two and three
""Iñtërnâtiônàlizætiøn\xf8\xa1\xa1\xa1\xa1Iñtërnâtiônàlizætiøn"", // invalid five octet sequence
""Iñtërnâtiônàlizætiøn\xe2\x82\x28Iñtërnâtiônàlizætiøn"", // invalid three octet sequence third
""Iñtërnâtiônàlizætiøn\xe2\x28\xa1Iñtërnâtiônàlizætiøn"", // invalid three octet sequence second
);
}}}
----
Notes and more info:
{{{
In order process UTF-8 strings, you must build PCRE to include UTF-8
support in the code, and, in addition, you must call pcre_compile()
with the PCRE_UTF8 option flag, or the pattern must start with the
sequence (*UTF8). When either of these is the case, both the pattern
and any subject strings that are matched against it are treated as
UTF-8 strings instead of strings of 1-byte characters.
UTF-8 was devised in September 1992 by Ken Thompson, guided by design
criteria specified by Rob Pike, with the objective of defining a UCS
transformation format usable in the Plan9 operating system in a non-
disruptive manner.
Char. number range | UTF-8 octet sequence
(hexadecimal) | (binary)
--------------------+---------------------------------------------
0000 0000-0000 007F | 0xxxxxxx
0000 0080-0000 07FF | 110xxxxx 10xxxxxx
0000 0800-0000 FFFF | 1110xxxx 10xxxxxx 10xxxxxx
0001 0000-0010 FFFF | 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
A UTF-8 string is a sequence of octets representing a sequence of UCS
characters. An octet sequence is valid UTF-8 only if it matches the
following syntax, which is derived from the rules for encoding UTF-8
and is expressed in the ABNF of [RFC2234].
UTF8-octets = *( UTF8-char )
UTF8-char = UTF8-1 / UTF8-2 / UTF8-3 / UTF8-4
UTF8-1 = %x00-7F
UTF8-2 = %xC2-DF UTF8-tail
UTF8-3 = %xE0 %xA0-BF UTF8-tail / %xE1-EC 2( UTF8-tail ) /
%xED %x80-9F UTF8-tail / %xEE-EF 2( UTF8-tail )
UTF8-4 = %xF0 %x90-BF 2( UTF8-tail ) / %xF1-F3 3( UTF8-tail ) /
%xF4 %x80-8F 2( UTF8-tail )
UTF8-tail = %x80-BF
}}}
* http://www.pcre.org/pcre.txt
* http://us1.php.net/manual/en/pcre.constants.php
* http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8
* http://en.wikipedia.org/wiki/Unicode
* http://unicode.org/faq/utf_bom.html
* http://www.unicode.org/versions/Unicode6.1.0/ch03.pdf
* http://www.pcre.org/pcre.txt
* http://tools.ietf.org/rfc/rfc3629.txt
* http://www.unicode.org/faq/utf_bom.html
* http://www.unicode.org/versions/Unicode5.2.0/ch03.pdf
* http://www.unicode.org/reports/tr36/
* http://tools.ietf.org/rfc/rfc3629.txt
Related Tickets:
* https://core.trac.wordpress.org/ticket/11175
* https://core.trac.wordpress.org/ticket/28786
" askapache needs-unit-tests
Enhancements Awaiting Review 41895 wp_calculate_image_srcset filter: Improve the documentation for, or rename, this filter so it's clear it should work on an array. Media normal enhancement new 2017-09-16T18:29:18Z 2017-09-16T20:25:06Z "= The Problem =
Despite having the same name as the `wp_calculate_image_srcset()` function and being inside of that function the `wp_calculate_image_srcset` filter, [https://core.trac.wordpress.org/browser/tags/4.8.1/src/wp-includes/media.php#L1203 here in the current release], does not directly modify the output of the function as convention would dictate. This leads to confusion, so theme and plugin developers do things that lead to bugs.
The `wp_calculate_image_srcset` filter filters the `$sources` variable, which is an array of arrays, each containing information about one of the image sources that WP has decided to add to the srcset. However the `wp_calculate_image_srcset()` ''function'' returns either a string HTML [https://developer.mozilla.org/en-US/docs/Web/HTML/Element/img srcset attribute for use on an img tag] or false if there's only one source or some other failure.
Because the `wp_calculate_image_srcset()` ''function'' can return false, developers assume that `wp_calculate_image_srcset` filters can return false as well, thus converting the `$sources` array into a boolean `false`. This causes a problem when a second plugin or theme also tries to filter `wp_calculate_image_srcset` and tries to loop over the values in `$sources`, (`foreach( false)` causes a PHP warning).
= Real-World Examples=
This is happening in the real world: If you're hosted on WPEngine, and use Themeco's X or Pro theme, the PHP warning pops up in some of your pages, (especially in WPEngine's staging environment). This is because X and Pro use `wp_calculate_image_srcset` to change `$sources` to false, then WPEngine's Must-Use plugin tries to iterate over `$sources`.
When contacted about the problem, (with the suggestion they return an empty array), Themeco's response was ""In looking over WordPress' official documentation for that function/hook, I believe that boolean false should be the correct value to return"" with a link to the documentation for the ''function''.
When the issue was raised in the the [https://www.facebook.com/groups/advancedwp/ Advanced WP Facebook Group] a prominent member of the WP community [https://www.facebook.com/groups/advancedwp/permalink/1624922314236643/?comment_id=1625126477549560&reply_comment_id=1625763707485837¬if_t=group_comment_reply¬if_id=1505579798429304 appears to have made the same logical jump], that the filter filters the output of the function, and wouldn't listen to any further discussion.
= Possible suggestions to improve the situation =
1. If we're ok with setting `$sources` to false, the docblock for the `wp_calculate_image_srcset` filter should be changed to indicate that the `$sources` variable being passed to a filter may not be a variable.
2. If we're not ok with setting `$sources` to false, maybe we should add a `_doing_it_wrong()` if `$sources` type is changed from an array.
3. Whatever we do, we should document an expected return type in the docblock for the filter.
3. Since the filter doesn't actually filter the output of the function, the filter name could be changed to something like `wp_calculate_image_srcset_sources`. I know this is a breaking change, which may never happen because it's a breaking change, but it would be the best fix, if breaking changes can be dealt with." johnnyb 4.9
Defects Awaiting Review 50944 wp_calculate_image_srcset can unintentionally include unscaled original image Media normal defect (bug) new 2020-08-12T14:08:33Z 2020-08-24T21:33:22Z "In `wp-includes/media.php`, `wp_calculate_image_srcset` seems to add the original image to the srcset string if the width is smaller than `$max_srcset_image_width` and if the image isn't a GIF. This isn't desirable since the original image is uncompressed and I don't even think it's intentional.
This behavior seems to have been introduced in this patch: https://core.trac.wordpress.org/changeset/35561. From what I can tell, the if statement should read like this:
{{{#!php
if ( ! isset( $image_sizes['thumbnail']['mime-type'] ) || 'image/gif' === $image_sizes['thumbnail']['mime-type'] ) {
}}}
The current code will include the original image whenever the thumbnail IS NOT a GIF. This seems to be opposite to the desired behavior?
" fredrikll 4.4 dev-feedback
Defects Awaiting Review 44445 wp_cache_init() and WP_Object_Cache constructor has a memory leak Cache API normal defect (bug) new 2018-06-24T05:00:47Z 2019-05-03T17:45:12Z "When calling `wp_cache_init()` repeated in unit testing the WP_Object_Cache::__contruct() repeatedly registers '__destruct' as a shutdown function, and each time it does it leaks memory.
There is a @todo comment above the `register_shutdown_hook()` that says the following so I would assume that this is no longer needed and we could just delete the line with the register_shutdown_hook()?
''This should be moved to the PHP4 style constructor, PHP5 already calls __destruct()''
I will upload a patch to delete the list, and a different patch to only call `register_shutdown_hook()` once, depending on what is appropriate." MikeSchinkel 2.2 dev-feedback
Defects Awaiting Review 52582 wp_cache_* duplicate/redundant storage and insufficient clearing of cache Comments normal defect (bug) new 2021-02-21T14:32:09Z 2021-02-21T16:07:12Z "This is something I'm currently encountering, but have not been able to fully investigate myself (yet).
**Summarized backstory; **
Using Redis, sometimes maxes memory > needs flush. Started investigating whats taking up soo much memory (relatively simple sites).
~42,000/67,000 records stored are for `get_comment_child_ids` and `get_comments`.
(By far not that many comments on my sites)
Looking for a single specific comment ID it is repeated between 30-50 times, while in theory it should be just once (unless using it in different contexts? (->query_vars))
**Possible cause; **
For the methods `get_comments` and `fill_descendants` the `wp_cache_get_last_changed( 'comment' );` is used to create a cache key for the comments / childs.
https://core.trac.wordpress.org/browser/tags/5.6.1/src/wp-includes/class-wp-comment-query.php#L432
https://core.trac.wordpress.org/browser/tags/5.6.1/src/wp-includes/class-wp-comment-query.php#L998
When a new comment is inserted for example, there is a attempt to delete the comment cache by calling `clean_comment_cache()`, but it seems this is based on the comment ID, which is not the same as the key / doesn't target the childs.
The 'last_changed' is however changed at the same time in that function;
https://core.trac.wordpress.org/browser/tags/5.6.1/src/wp-includes/comment.php#L3195
Which I think makes it impossible for the prior cached data to be found because it uses that in the key.
This causes it to store the same data over and over (redundant), even when it hasn't changed for those comments, with new cache keys without clearing the old ones (duplicate).
Could be I'm completely off, but wanted to get another pair of eyes on it. If whats described is actually happening it looks pretty major for caching efficiency. " sormano dev-feedback
Reporter Feedback / Close 52945 wp_cache settings not recognized in site health / plugins Site Health normal defect (bug) new 2021-03-30T23:19:14Z 2021-03-31T00:09:12Z "maybe only a false positive message:
wp_cache is set to false (must set to true for wprocket).
and in plugins (drop in): advanced-cache.php inactive (needs wp_cache true in wp-settings.php)
I did manually downgrade to wp 5.6.2 (without changing anything) and the errors disappears." pwallner 5.7 reporter-feedback
Defects Awaiting Review 57797 WP_Block_Type_Registry::register issues incorrect error message when block.json folder doesn't exist General normal defect (bug) new 2023-02-23T16:19:42Z 2023-03-07T16:18:54Z "I called
{{{#!php
register( $block_type, $args );
}
}}}
I see ->register is still called even though the call to file_exists() fails
" Tonygirling 6.1.1 dev-feedback
Defects Awaiting Review 40595 wp_authenticate_username_password() should respect WP_Error object generated by higher priorities Login and Registration normal defect (bug) new 2017-04-28T13:46:54Z 2017-04-28T13:59:39Z "If I've read through #19714 but believe this issue should be reopened. This issue affects anyone who needs to alter the normal authentication process by hooking into the authenticate filter at a high priority. Functions in the process flow should respect a WP_Error object if that is what it is handed, including wp_authenticate_username_password().
'''Expected Behavior'''
function hooks ''authenticate'' filter, assigns priority 10. Function invalidates authentication attempt and returns a WP_Error object. Authentication should fail and error message displayed to user.
'''Current Behavior'''
Function hooks ''authenticate'' filter, assigns priority 10. Function invalidates authentication attempt and returns a WP_Error object. wp_authenticate_username_password() ignores WP_Error object, attempts authentication and returns its own error message, or goes ahead and authenticates the user.
Functions could assign a priority less than 20 (i.e. 30), but then when will be required to decipher error codes and/or the user object to then determine if authentication should continue, '''after''' an authentication attempt has already been processed by wp_authenticate_username_password(), even if no authentication should have been attempted. In additon, if wp_authenticate_username_password() is not going to respect WP_Errors from higher priorities, why not assign it a priority of 1 and make it the very first item in the authentication process?
" gilzow 4.7.4
Reporter Feedback / Close 31686 wp_authenticate_username_password() should check for a WP_Error object Security normal defect (bug) new 2015-03-18T16:29:08Z 2019-08-06T09:19:25Z "This is a follow-up to #19714 and #22516
These were closed, but IMHO, the bug as such is not resolved.
wp_authenticate_username_password() does only check whether $user is a WP_Error object when either password or username are empty:
{{{
75 if ( empty($username) || empty($password) ) {
76 if ( is_wp_error( $user ) )
77 return $user;
78 …
}}}
However, another plugin that hooks into authenticate might pass a WP_Error even if $username and $password were provided, but the specific authentication mechanism failed.
The current implementation completely ignores this.
The result is that users who exist locally can log in using a local, possibly older password, bypassing the plugins' additional authentication mechanisms completely.
I'd advocate to check for is_wp_error($user) much earlier in wp_authenticate_username_password(), so that the authentication process will fail as soon as one ""authenticate"" filter returns a WP_Error object." kwisatz 3.7 reporter-feedback
Defects Awaiting Review 46794 wp_authenticate_email_password fails due to incorrect evaluation of $user object Users normal defect (bug) new 2019-04-04T11:16:40Z 2019-04-05T14:00:12Z "While testing an authentication method that uses wp_authenticate where I was passing in a correct email address and password combination that was failing, I traced the code through to the wp_authenticate_email_password method in wp_includes/user.php in wp 5.1.1.
Line 251 executes wp_check_password with $password, $user->user_pass and $user->ID, however $user->user_pass does not exist in $user, rather it exists in $user->data->user_pass.
See attachments for Xdebug code and local variables.
" Csassaf 5.1 dev-feedback
Enhancements Awaiting Review 43263 wp_audio_shortcode() preload default: should it be metadata or none? Media normal enhancement new 2018-02-08T19:17:59Z 2018-02-08T19:45:50Z "Using this ticket to open a discussion about the `audio` tag’s `preload` attribute defaulting to
`none` in `wp_audio_shortcode()`.
`none` won’t display the audio’s total time in the player (until the user hits play). So the effect of this default is millions of sites’ players display total times of “00:00”. (You can specify preload as a shortcode attr, but most sites don’t. )
Setting the `preload` attribute to `metadata` does extract and display total time upon page-load. Also `metadata` is both the `wp_video_shortcode()` default and the HTML-spec suggested default (to browser makers):
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/audio#attr-preload
Bandwidth might be the valid concern, tho, as some browsers preload an excessive amount of metadata (I'm looking at you, Chrome) . See results of tests by @blobfolio:
https://wordpress.slack.com/archives/C02SX62S6/p1518116191000138
FYI, the default `'preload' => 'none'` is here:
https://core.trac.wordpress.org/browser/tags/4.9/src/wp-includes/media.php#L2223
FYI-2, you can change that with the `wp_audio_shortcode` filter (via regex on the HTML output):
https://gist.github.com/hearvox/098774e9887442d39ddc6e34bedb10b1" hearvox 3.6
Defects Awaiting Review 50048 wp_ajax_update_theme is broken when updating themes whose styles.css file is not located in the root Themes normal defect (bug) new 2020-05-01T16:37:59Z 2020-05-01T16:48:46Z "Cannot update themes using wp_ajax_update_theme when templates aren't located in the theme root folder.
Sample folder structure:
{{{
/wp-content/themes/my-theme/templates/style.css
/wp-content/themes/my-theme/templates/functions.php
/wp-content/themes/my-theme/templates/index.php
}}}
The template name is defined as ""my-theme/templates"", but ""wp_ajax_update_theme"" is striping the slash so it becomes ""my-themetemplates"". This is why it's unable to locate the theme and not starting the update process.
Reference: https://core.trac.wordpress.org/browser/tags/5.4/src/wp-admin/includes/ajax-actions.php#L4118
Is this the desired behavior?" anonymized_16042088 5.4
Defects Awaiting Review 57447 "wp_ajax_inline_save function does not check if post has ""public"" or ""show_ui"" enabled" Security normal defect (bug) new 2023-01-11T17:45:20Z 2023-01-11T17:45:20Z "The Security Team has already reviewed this report on the WordPress HackerOne Program, and I was requested to create the ticket here as well.
Both the `public` and `show_ui` aren't checked by the `wp_ajax_inline_save` function, which is a UI-intended function.
The documentation for both params explains that having them as ""false"" should prevent the UI management for the custom post type:
show_ui bool
Whether to generate and allow a UI for managing this post type in the admin.
Default is value of $public.
public (boolean) (optional)
Controls how the type is visible to authors (show_in_nav_menus, show_ui) and
readers (exclude_from_search, publicly_queryable).
For the ""public"" param, the docs also say that it hides the CPT from authors, which can be bypassed, as seen below in the proof-of-concept. Since the ""_inline_edit"" nonce value is valid for all inline edits, regardless of the post type, it's possible to get this nonce on any post listing page and exploit this function to access a CPT that was not intended to be accessible.
PoC:
{{{#!php
__( 'Example' ),
'description' => __( 'Example' ),
'labels' => $labels,
'supports' => array( 'title', 'editor' ),
'taxonomies' => array(),
'hierarchical' => false,
'public' => false, // <-- False
'show_ui' => false, // <-- False
'show_in_menu' => false,
'show_in_admin_bar' => false,
'show_in_nav_menus' => false,
'can_export' => false,
'has_archive' => false,
'exclude_from_search' => true,
'publicly_queryable' => false,
'rewrite' => false,
'show_in_rest' => false,
);
register_post_type( '...', $args );
}}}
What looks like a ""protected"" and ""hidden"" CPT can actually be accessed and edited by using this security issue on ""wp_ajax_inline_save"":
{{{
curl 'http://SITE_URL/wp-admin/admin-ajax.php' \
-H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' \
-H 'Cookie: COOKIES_HERE' \
-H 'Origin: SITE_URL' \
--data-raw 'post_title=Something&_inline_edit=NONCE_HERE&post_view=list&screen=edit-page&action=inline-save&post_type=POST_TYPE&post_ID=POST_ID&edit_date=true&post_status=all' \
--compressed
}}}
The ""show_ui"" parameter has been enforced in the core's past versions when accessing **some** places, but the ""wp_ajax_inline_save"" function was not affected:
4.4.0 The show_ui argument is now enforced on the post type listing screen and post editing screen.
3.0.0 The show_ui argument is now enforced on the new post screen.
" lucius0101
Defects Awaiting Review 55146 WP5.9 Customizer partially white-screens in Safari browser Customize normal defect (bug) new 2022-02-11T16:54:41Z 2022-02-11T17:07:42Z "Running (Mac) Safari 13.1.2, WordPress 5.9, on multiple sites.
When loading the Customizer, I get a partial white screen – no left-column menu items (although the frame is there) and no page preview. Screenshot attached, and console error messages as follow:
{{{
[Error] Failed to load resource: the server responded with a status of 404 (Not Found) (gutenberg.css, line 0)
[Error] TypeError: o.addEventListener is not a function. (In 'o.addEventListener(""change"",function(e){r=e.matches})', 'o.addEventListener' is undefined)
(anonymous function) (load-scripts.php:6:132)
Global Code (load-scripts.php:6:111258)
[Error] TypeError: undefined is not an object (evaluating 'c.Panel.extend')
(anonymous function) (customize-nav-menus.min.js:2:10976)
Global Code (customize-nav-menus.min.js:2:45601)
[Error] TypeError: undefined is not an object (evaluating 'wp.customize.Control.extend')
Global Code (slider-customizer.js:1:92)
[Error] TypeError: undefined is not an object (evaluating 'wp.customize.Control.extend')
Global Code (slider-control.js:1:86)
[Error] TypeError: undefined is not an object (evaluating 'api.Control.extend')
(anonymous function) (spacing-customizer.js:4)
Global Code (spacing-customizer.js:160)
[Error] TypeError: undefined is not an object (evaluating 'api.Control.extend')
(anonymous function) (backgrounds-customizer.js:2)
Global Code (backgrounds-customizer.js:31)
[Error] TypeError: undefined is not an object (evaluating 'api.Control.extend')
(anonymous function) (copyright-customizer.js:2)
Global Code (copyright-customizer.js:12)
[Error] TypeError: undefined is not an object (evaluating 'api.Section.extend')
(anonymous function) (upsell-control.js:2)
Global Code (upsell-control.js:12)
[Error] TypeError: undefined is not an object (evaluating 'wp.customize.Control.extend')
s (customizer.js:1:121358)
(anonymous function) (customizer.js:1:131873)
o (customizer.js:1:863)
t (customizer.js:1:729)
(anonymous function) (customizer.js:1:1826)
Global Code (customizer.js:1:1829)
[Error] Error: Minified React error #200; visit https://reactjs.org/docs/error-decoder.html?invariant=200 for the full message or use the non-minified dev environment for full errors and additional helpful warnings.
(anonymous function) (react-dom.min.js:243:307)
[Error] TypeError: The superclass is not an object.
Oe (customize-widgets.min.js:2:28659)
ke (customize-widgets.min.js:2:32932)
(anonymous function) (customize.php:3105)
[Error] TypeError: undefined is not a function (near '...wp.customize.section...')
(anonymous function) (load-scripts.php:2:31711)
}}}
Selected Element
{{{
…
}}}
:Benjamin" schmedia@… 5.9
Enhancements Awaiting Review 48054 wp.sanitize.stripTags should iterate instead of using recursion General minor enhancement new 2019-09-16T21:23:38Z 2020-10-08T21:27:54Z "The changes to wp-sanitize.js seemed wasteful and like it produced dead code in the final return.
https://github.com/WordPress/WordPress/commit/90d9bdc54c82229b3aa5a6e60d775f14b1f9a9dc#diff-9bedaa5d6abc6cb127b2f496bb2f7835
When I got into it to fix the dead code, I also felt a way about the recursion, because stack and memory exhaustion are two other potential issues. So this way should *at most* be one function call and only duplicate memory instead of being O(n*memory).
https://github.com/WordPress/WordPress/commit/d9b128f50546a65c9cf0944ee61237e35ff269c0
This is probably a drive-by commit and for that I apologize. I hope it's more useful than not, but your mileage may vary. Thank you for making WordPress." jrchamp 5.2.3 has-patch
Defects Awaiting Review 38052 wp-utility.js misses function argument null General major defect (bug) new 2016-09-14T09:26:29Z 2017-07-28T08:57:16Z "Since 4.6 the wp-utility is updated. The null parameter has been removed here:
{{{
compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options );
}}}
to
{{{
compiled = compiled || _.template( $( '#tmpl-' + id ).html(), options );
}}}
Which can give the following error:
{{{
wp-util.min.js:1 Uncaught TypeError: (intermediate value)(intermediate value) is not a function
}}}
This is fixed by adding that null value again like this:
{{{
compiled = compiled || _.template( $( '#tmpl-' + id ).html(), null, options );
}}}
Affects version 4.6 and 4.6.1" wiardvanrij 4.6 needs-unit-tests
Defects Awaiting Review 55848 wp-sitemap.xml fails to load with large number of URLs Sitemaps normal defect (bug) new 2022-05-26T18:30:36Z 2022-11-05T04:56:06Z "benim site de wp-sitemap.xml 50000 den fazla url var fantaziescort.com site haritasına ulaşamıyorum ayarlayamıyorum resim haritasında resimleri ekleyebiliyorum yada kapada biliyorum diyer gönderileri nereden ayarlayabilirim site 50000 den fazla url alıyormu bunun ayarlarını nereden yapabilirim başka url olduğunda site hata verirmi wp-sitemap.xml kontrol yapabilecek ne yapabilirim bana yardım edermisiniz
my site also has wp-sitemap.xml there are more than 50000 urls I can't access fantaziescort.com sitemap I can't set it I can add images in the image map or it's closed
I know, where can I set the posts? Does the site get more than 50000 urls, where can I set it up, will the site give an error when there is another url, what can I do to check wp-sitemap.xml, can you help me?" bakiyisite
Reporter Feedback / Close 51860 wp-sitemap includes empty post entries returned by filters Sitemaps normal enhancement new 2020-11-24T05:31:57Z 2023-03-16T15:46:29Z The ./wp-includes/sitemaps/providers/class-wp-sitemaps-posts.php class applies the 'wp_sitemaps_posts_show_on_front_entry' and 'wp_sitemaps_posts_entry' filter, which may enrich the $sitemap_entry, or return false, or return an empty array (as another way to exclude a post from the sitemap, for example). This is preferable if the post needs to be excluded based on some post meta, etc. Currently, the empty $sitemap_entry is added to the wp-sitemap.xml, which is incorrect. The empty $sitemap_entry should be skipped. jsmoriss 5.5 close
Defects Awaiting Review 46804 wp-phpunit calls _delete_all_posts() too early during bootstrap Build/Test Tools normal defect (bug) new 2019-04-04T23:55:17Z 2019-04-05T06:40:05Z "Bootstrap file looks like so
{{{#!php
Footer X > Any text widgets: cannot switch between Visual and Text (stays blocked on Visual)
* Menu > Main Menu > Add items: items are not clickable (and the first one is not folded).
Browser: Chrome 64.0" radual 4.9.4
Defects Awaiting Review 44991 wp-login.php postpass no redirect Posts, Post Types normal defect (bug) new 2018-09-25T14:52:12Z 2018-09-26T17:47:34Z "I'm running wordpress 4.9.8 on an Archlinux host. Whenever I try to password protect a post, the redirection after entering the correct password fails. Going back to the post using the browser history works, and the post is unlocked, but only a blank page is visible to the user after entering the password.
I suspect
{{{
wp_get_referer();
}}}
to be the root of the problem. I've added some debug output to the code:
{{{
$referer = wp_get_referer();
if ( $referer ) {
$secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) );
print ""True"";
} else {
$secure = false;
print ""False"";
}
}}}
and it prints ""False"" on that formerly blank white page after entering the password. Also adding
{{{
print $referer;
print $_SERVER['HTTP_REFERER'];
}}}
to the code prints nothing.
I've tested different up-to-date browsers: Firefox, Chromium on Linux, Firefox, Opera on Windows 8.1, Firefox Klar, Safari on iOS, to no avail. Only Internet Explorer on Windows 8.1 works as expected, the redirect occurs immediately.
Any ideas what could cause this problem, or how to further debug this?" lukelr 4.9.8 dev-feedback
Enhancements Awaiting Review 30274 "wp-login.php Logo Image Use ""img"" tag rather than CSS background" Login and Registration normal enhancement reopened 2014-11-06T14:49:32Z 2017-02-19T17:53:28Z "The fact that the logo image that displays on www.website.com/wp-login.php is a background image rather than an ""img src"" html tag often makes it problematic, because support for resizing CSS backgrounds is more complicated than using ""img src"" tags. For example, it seems like every time I use a plugin or try to alter the logo image on wp-login.php it in some way, it takes some combination of the perfect image size and css hacks to make it responsive.
Conversely, if it was an ""img"" tag, I could just apply ""width:100%; height:auto;"" or something like that.
So, in conclusion, I propose switching from a background image to an ""img src"" html tag.
[[Image(http://i.imgur.com/C5qwZtq.png)]]" themightymo 4.0
Defects Awaiting Review 44960 wp-login.php does not allow redirecting 'read' capability (Subscriber) to Dashboard instead of Profile upon login Login and Registration normal defect (bug) new 2018-09-18T15:34:01Z 2018-09-18T15:34:01Z "Re: https://github.com/WordPress/WordPress/blob/4.9.8/wp-login.php#L965
I understand checking if $redirect_to is empty, but why specifically intercept users without 'edit_posts' capability that do have 'read' capability?
Here's some code that I am using to override this: https://gist.github.com/cliffordp/35d74c3bceec9fbd10547b5d1ba988e5
I'm hoping this snippet will not be needed in the future.
Thank you." cliffpaulick
Enhancements Awaiting Review 57733 wp-includes/functions.php::do_enclose() should handle post content differently Media normal enhancement new 2023-02-16T12:21:59Z 2023-02-16T12:21:59Z "This method **removes enclosures** if {{{get_post()->post_content}}} doesn't contain the enclosure URL.
What if the post **will** contain the URL **after** it is being rendered with, say, a shortcodes? For example, I may use shortcodes to form the media URL in the post content as {{{media file }}} as the string that will be rendered (and then match) the URL found in enclosure. And by the way, on the enclosure I would also like to use shortcodes, but this is yet to be tested and not relevant to this bug report.
URL comparisons should happen with both post content and enclosure content transformed to their final forms, not its raw version.
Thank you in advance." avibrazil 6.1.1
Defects Awaiting Review 59055 WP-Exposher Admin page cannot be found General normal defect (bug) new 2023-08-10T16:42:33Z 2023-08-10T16:42:33Z "I've read the forums yesterday and it seems i'm not the only one that has been affected by the automatic update for 6.3
I have tried all repair tips from WordPress and other blogs and I still couldn't get the admin page for Exposher.org working. I am not really well-versed with Java and programming, so I would like to ask assistance from the WP support team.
I have added a post on forums, but I haven't had any replies from MODS or support. I have a very tight deadline with the pages and blogs that I have been working for the past few weeks and I hope this can be sorted out as soon as possible. " alexalpha88 6.3
Defects Awaiting Review 55490 wp-enqueue error generated by Appearance => Widgets Widgets normal defect (bug) new 2022-03-30T20:39:06Z 2022-03-30T20:39:06Z "Many complaints about this but I don't think issue has been resolved. Bringing up the admin screen for Appearance => Widgets generates this message:
PHP Notice: wp_enqueue_script() was called incorrectly. ""wp-editor"" script should not be enqueued together with the new widgets editor (wp-edit-widgets or wp-customize-widgets). Please see Debugging in WordPress for more information. (This message was added in version 5.8.0.) in /home/dh_kscwksp/lirworkshop.dreamhosters.com/wp-includes/functions.php on line 5768
AND I seem unable to turn off the display you see in the screenshot using WPDEBUGGER, no matter what I do to settings, deactivation, removal." ksmithcamp 5.9.2
Defects Awaiting Review 36239 wp-embed image size is using the smallest image or it sometimes uses the one for featured images Embeds normal defect (bug) new 2016-03-14T19:48:48Z 2020-09-25T19:44:53Z When using the wp-embed in my custom post types the image size is correct, a bit big, but it's not blurry. In regular posts, the image size is the thumbnail size created for the media library thumbnail (not the one in the media settings) because that happens to be the smallest one. I noticed that for posts, whatever is the smallest image is being used, whether set in the functions file or by WordPress. carasmo 4.4.2 dev-feedback
Defects Awaiting Review 56490 wp-cron.php using count() on null Cron API normal defect (bug) new 2022-09-01T16:47:36Z 2022-09-04T12:35:06Z "WE're using PHP 8.0 and the latest version of WordPress (6.0.2), we tried with all plugins disabled and the default theme enabled and we're having this fatal error happening every minute:
{{{
PHP Fatal error: Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in wp-includes/class-wp-hook.php:292
}}}
Here's the stack trace:
{{{
#2 wp-cron.php(138): do_action_ref_array('wp_privacy_dele...', NULL)"",""Thu Sep 01 2022 18:37:06 GMT+0200 (Eastern European Standard Time)""
#1 plugin.php(524): WP_Hook->do_action(NULL)"",""Thu Sep 01 2022 18:37:06 GMT+0200 (Eastern European Standard Time)""
#0 /nas/content/live/bbgsstaging/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters('', NULL)"",""Thu Sep 01 2022 18:37:06 GMT+0200 (Eastern European Standard Time)""
}}}
It looks like the default WordPress core hook ""wp_privacy_delete_old_export_files"" is causing this error. We excluded this hook but then ""wp_version_check"" caused the same fatal error.
This issue also happens when on PHP 7.4, but on 7.4 it's just a warning, but it's also occurring. We're happy to provide additional information or access to our staging site if needed." Bishoy.A 6.0.2
Reporter Feedback / Close 32306 wp-cron throws 500 errors for SSL enabled sites Cron API critical defect (bug) reopened 2015-05-08T07:49:05Z 2017-11-14T14:01:53Z "I have several WP installs that are throwing 500 error codes when calling wp-cron.php after a pageview. The error is not consistent - it will sometimes return 200, and sometimes 500. All the installs I see this on use SSL with properly signed certs with SNI in use on the server under Apache. Instances on the same server where do not use SSL have not shown this issue at all.
I have managed to reproduce this on a clean WP install running twentyfifteen with no plugins installed so it doesn't appear to be plugin related.
Oddly, I don't get any PHP warnings when it happens (though I've tested that if I force a php script in the same pool to throw an error, it does get captured) - I do get the following recorded in the Apache Virtualhost error log (redacted):
[Fri May 08 08:29:34.479946 2015] [core:error] [pid 13870:tid 140644332824320] [client xxxx:xxxx:x:xx:xxxx:xx:x:x:57492] AH00524: Handler for fastcgi-script returned invalid result code 32
Apache access log (redacted):
xxxx:xxxx:x:xx:xxxx:xx:x:x - - [08/May/2015:08:29:26 +0100] ""POST /wp-cron.php?doing_wp_cron=1431070166.8151741027832031250000 HTTP/1.0"" 500 4066 ""-"" ""WordPress/4.2.2; https://www.domain.com""
System config is as follows:
* Fully patched Debian Jessie running on amd64 arch with kernel 3.16.0
* Webserver: Apache/2.4.10 (Debian), mod_fastcgi/mod_fastcgi-SNAP-0910052141, mod_fcgid/2.3.9, mod_python/3.3.1, Python/2.7.9, OpenSSL/1.0.1k
* MySQL 5.5.43-0+deb7u1
* PHP 5.6.7+dfsg-1 running under PHP-FPM (seen with and without opcache in place)
* Wordpress 4.2.2 fresh install (also seen on 4.2.1) with all plugins removed.
The server listens both on IPv4 and IPv6 - I've tried forcing wp-cron to use IPv4 by setting the hostname in /etc/hosts but that makes no difference.
Refer also to :
https://wordpress.org/support/topic/wp-cron-throwing-500-errors-on-ssl-sites?replies=9" coatesg 4.2.1 reporter-feedback
Enhancements Awaiting Review 48285 wp-config-sample.php should default to `utf8mb4` instead of `utf8` character set Database minor enhancement assigned 2019-10-11T03:50:07Z 2022-09-27T22:57:02Z "MySQL's `utf8` character encoding is not a correct implementation of the standard and doesn't work with 4-byte characters, which includes many emoji. `utf8mb4` is the corrected implementation.
See https://medium.com/@adamhooper/in-mysql-never-use-utf8-use-utf8mb4-11761243e434 or just google ""mysql utf8 vs utf8mb4""
It would seem wise for `wp-config-sample.php` to default then to `utf8mb4` instead of `utf8` so that new installations have the improved character set." bchecketts 5.3 has-patch
Enhancements Awaiting Review 55607 wp-config overrides of WP_HOME and WP_SITEURL are forgotten when installing MultiSite. Networks and Sites normal enhancement new 2022-04-22T18:37:42Z 2022-12-03T20:03:10Z "The chain of events I encountered when playing with WordPress on my home server.
1. Installed WP successfully.
2. I changed the two URL settings to the wrong value by accident.
3. Tried logging back into the admin panel, but I kept being redirected to the wrong place, the one I had mis-typed.
4. Google'd for a fix that would avoid my having to reinstall from scratch and found you can override these two settings in wp-config. I added the correct values for WP_HOME and WP_SITEURL.
5. Finding access to my website restored, I forgot about the two settings editable on the setting panel.
6. I switched on Multi-Site by setting WP_ALLOW_MULTISITE in wp-config.
7. I followed the Network-Setup panel, opting for subfolders. (The sample code to paste into wp-config had the correct name for DOMAIN_CURRENT_SITE.)
8. I followed the instructions to update both wp-config and .htaccess.
9. I went to the login page and saw the page layout was all messed up. Investigating, I found the CSS etc links were all to the mistyped URL I had typed back in step 2.
Note, after restoring the htaccess and wp-config (but keeping my WP_HOME and WP_SITEURL changes) I found I could not update the wrong settings in the DB, as both text boxes were greyed out.
WP multi-site appears to have some reference one of the two URL settings in the database. This should defer to the replacement settings in wp-config." billpg 3.0 dev-feedback
Reporter Feedback / Close 43183 wp-comments-post.php endpoint support for OPTIONS Comments normal enhancement new 2018-01-30T17:13:04Z 2019-07-01T12:24:37Z "Under some circumstance we may need cross-posting from one domain to another (without the wp-json API).
At least lets preflight requests flow normally
https://github.com/WordPress/WordPress/pull/338
" drzraf reporter-feedback
Defects Awaiting Review 44429 WP-CLI incompatibility with wp_redirect( https://... ) General major defect (bug) new 2018-06-21T20:43:31Z 2018-07-24T12:28:57Z "Hello,
My wordpress wouldn't update and I see errors below,
I also trying to update my site URL to include www to it but I can't change it due update failure.
{{{
Warning: The system could not load some of this WordPress installation’s data. Certain sections of this interface may not function correctly.
(XID nw85up) The system failed to run the wp-cli batch commands with the following issues: Warning: Some code is trying to do a URL redirect.
Backtrace:
#0 WP_CLI\Utils\wp_redirect_handler(https://)
#1 call_user_func_array(WP_CLI\Utils\wp_redirect_handler, Array ([0] => https://)) called at [/home/rsed43dqsw/public_html/wp-includes/class-wp-hook.php:288]
#2 WP_Hook->apply_filters(https://, Array ([0] => https://,[1] => 301)) called at [/home/rsed43dqsw/public_html/wp-includes/plugin.php:203]
#3 apply_filters(wp_redirect, https://, 301) called at [/home/rsed43dqsw/public_html/wp-includes/pluggable.php:1196]
#4 wp_redirect(https://, 301) called at [/home/rsed43dqsw/public_html/wp-content/plugins/force-https-littlebizzy/core/redirect.php:91]
#5 FHTTPS_Core_Redirect->redirect() called at [/home/rsed43dqsw/public_html/wp-content/plugins/force-https-littlebizzy/core/redirect.php:68]
#6 FHTTPS_Core_Redirect->start()
#7 call_user_func_array(Array ([0] => FHTTPS_Core_Redirect Object (),[1] => start), Array ([0] => )) called at [/home/rsed43dqsw/public_html/wp-includes/class-wp-hook.php:286]
#8 WP_Hook->apply_filters(, Array ([0] => )) called at [/home/rsed43dqsw/public_html/wp-includes/class-wp-hook.php:310]
#9 WP_Hook->do_action(Array ([0] => )) called at [/home/rsed43dqsw/public_html/wp-includes/plugin.php:453]
#10 do_action(plugins_loaded) called at [/home/rsed43dqsw/public_html/wp-settings.php:327]
#11 require(/home/rsed43dqsw/public_html/wp-settings.php) called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/WP_CLI/Runner.php:1174]
#12 WP_CLI\Runner->load_wordpress() called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/WP_CLI/Runner.php:1100]
#13 WP_CLI\Runner->start() called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/WP_CLI/Bootstrap/LaunchRunner.php:23]
#14 WP_CLI\Bootstrap\LaunchRunner->process(WP_CLI\Bootstrap\BootstrapState Object ([] => Array ())) called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/bootstrap.php:75]
#15 WP_CLI\bootstrap() called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/wp-cli.php:23]
#16 include(phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/wp-cli.php) called at [phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/boot-phar.php:8]
#17 include(phar:///usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar/php/boot-phar.php) called at [/usr/local/cpanel/3rdparty/share/wp-cli/wp-cli.phar:4]" ecahost7 dev-feedback
Reporter Feedback / Close 57812 wp-block-image caption Editor minor defect (bug) new 2023-02-26T20:53:14Z 2023-03-06T07:29:23Z "In wp-block-image block caption at the front end shows " iouweb 6.1.1 reporter-feedback
Defects Awaiting Review 56218 wp-block-columns no margins or padding in WordPress 6 Editor normal defect (bug) new 2022-07-14T11:23:25Z 2022-08-04T15:26:17Z "This issue has been recreated in 4 different themes, Twenty Twenty-Two, Astra, & 2 Genesis themes. Also, with all plugins disabled, and all caches cleared.
I've been using the `div class=""wp-block-columns""` markup via the code editor on over 300 articles on my WordPress site. I originally copied all of the markup directly from the WordPress block editor, so it was totally valid markup.
Everything worked fine through several WordPress updates, until WordPress 6. Now, when using WordPress 6, this markup no longer styles the block columns, and all columns merge into one block and lose their margins and padding.
If I look at the current WordPress 6 block editor columns markup, it has changed, and now has the markup enclosed in several “remarks” – e.g.
{{{
}}}
So this shows that WordPress 6 has changed how it deals with `wp-block-columns` markup, but has not ensured backward compatibility with the previous markup. This essentially breaks my website, so I am unable to update to WordPress 6.
" XyZed 6.0
Defects Awaiting Review 43149 WP-API JS Client not triggering change event when using setMeta/setMetas helpers REST API normal defect (bug) new 2018-01-23T16:49:55Z 2020-10-25T04:19:42Z "As briefly [https://wordpress.slack.com/archives/C5UNMSU4R/p1516717879000467 mentioned] on Slack earlier today the `model.setMeta()` helper method introduce in #41055 has a couple of weaknesses.
1/ The `meta` attribute is undefined when creating a new model, which makes sense, but causes `setMetas()` to silently fail at set new meta values; using `setMeta()` causes an error.
{{{#!javascript
var post = new wp.api.models.Post( { id : 1234 } );
post.setMetas( { foo : 'bar' } ); // post.attributes.meta remains undefined
post.setMeta( 'foo', 'bar' ); // TypeError: metas is undefined
}}}
2/ When the `meta` attribute is properly defined, some changes in meta values fail to trigger a change event. Provided that the above issue does not show:
{{{#!javascript
var post = new wp.api.models.Post( { id : 1234 } );
post.on( 'change:meta', console.log );
post.set( 'meta', { foo : 'bar' } ); // trigger change event
post.setMetas( { foo : 'BAR' } ); // Does not trigger change event
post.setMeta( 'foo', 'BAR' ); // Does not trigger change event
}}}
Values are correctly updated; the `change` event is just not triggered as it should.
The only way I found to make this work is to clone the `meta` attribute in `setMeta()`/`setMetas()`. As of now these methods simply retrieve the `meta` attribute using `get()` and then `_.extend()` to add/update properties, which doesn't seem enough to make Backbone consider it a change." caercam 4.9
Defects Awaiting Review 10631 "wp-admin/users.php does not show pages under ""posts"" column" Users normal defect (bug) reopened 2009-08-16T18:51:20Z 2022-05-13T22:07:25Z "For some reason, the SQL query in '''wp-includes/user.php''' that gets the count of a user's posts excludes pages, so '''/wp-admin/users.php''' will not show an accurate picture of a user's contributions. This makes no sense at all: 1. posts and pages are first-class content types in WordPress and 2. they are both stored in the same table.
Proposed solution: remove
{{{
AND post_type = 'post'
}}}
from '''function get_usernumposts''' in '''wp-includes/user.php'''.
This defect could result in incorrect interpretation of user activity, so marked as major severity." novasource 2.8.4 dev-feedback
Defects Awaiting Review 51721 wp-admin/js/post.(min.)js does not successfully validate post dates within years 0000—0100 Editor normal defect (bug) new 2020-11-06T15:29:43Z 2020-11-10T17:42:02Z "When adding or editing a post, `wp-admin/js/post.(min.)js` does not correctly set the year on a JavaScript `Date` object when validating the post date.
== To reproduce:
1. Add or edit a post
2. In the ''Publish'' meta box, click ''Edit'' next to the publish date.
3. Enter a validate date, with the year in the range 0—100.
4. See that the date input is highlighted red and marked invalid.
== In depth
This happens because in JavaScript, when passing a two-digit year to the `Date` constructor, it thinks that it is for the 1900 century. Even passing a string such as `0050` seems to be type-casted to a number. [http://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date#Two_digit_years_map_to_1900_%E2%80%93_1999 See more on MDN]." wongjn 2.9
Defects Awaiting Review 59272 wp-admin search/column order not working when running not on port 80 Administration normal defect (bug) new 2023-09-02T12:49:40Z 2023-09-02T12:49:40Z "Hey,
we are currently running WP 6.3.1 internally on a different port ( localhost:8182 ).
WordPress itself works without problems.
Only when you on the wp-admin page search for a keyword in a CPT or change the order, the port gets deleted from the URL.
I found following part of the core source where the problem happens:
https://github.com/WordPress/WordPress/blob/master/wp-admin/includes/class-wp-list-table.php#L1381
Would be nice to respect the site url from the settings or not delte the port when used." canic 6.3.1 needs-patch
Defects Awaiting Review 59773 WP-Admin post editor JS createPreloadingMiddleware has PHP WP_Query deliver Drafts while in editor they are not Editor normal defect (bug) new 2023-10-31T11:17:33Z 2023-10-31T11:17:33Z "The WP-Admin post editor in its (Gutenberg) content has a (custom Genesis) block whose PHP template uses WP_Query to query other posts.
In this content, **WP_Query does not** deliver draft posts.
In the head section of the HTML document what the post editor is however, is a WP JS
{{{
wp.apiFetch.use( wp.apiFetch.createPreloadingMiddleware( { ... } ) )
}}}
and the argument has a property
{{{
""\/wp\/v2\/pages\/12?context=edit""
}}}
(post types post id is 12) which has a sub-property ""rendered"" whose value gets filled by PHP from the same template as the post editor content does and in the context of this head JS PHP, the **WP_Query does** deliver drafts.
This inconsistency lead to us discover an error where a WP PHP function return value was not checked for an error which did occur with a draft but not a ""real"" post.
However I bring this to your attention. You perhaps might want to 1. use one and only one and the same PHP call and 2. in that call set the context according to your documentation whether drafts are considered or not." vialars 6.3.2
Defects Awaiting Review 58270 wp-admin left menu icon not showing in safari 16.1 Menus minor defect (bug) new 2023-05-08T19:39:10Z 2023-05-08T20:08:08Z wp-admin left menu icon not showing in safari 16.1, showing a empty square indeed. uniquegrouplimited 6.2
Enhancements Awaiting Review 49582 wp-admin CSS audit Administration normal enhancement new 2020-03-05T01:14:16Z 2021-12-16T17:26:57Z "This is an umbrella ticket for an audit of the CSS in wp-admin, as discussed in the #core-css chat: [https://make.wordpress.org/core/2020/03/03/css-chat-summary-27th-february/].
The audit should cover the following aspects, for which separate tickets may be created if they don't exist already:
* Identifying where specificity can be reduced;
* Identifying dead code;
* Identifying code specific to browsers no longer supported (existing ticket: #46015);
There is a ticket for auditing the toolbar CSS: #46003.
There is also a ticket for auditing all occurrences of `!important`: #26350, and another one tackling just the `!important`s in `common.css`: #47569." isabel_brison
Enhancements Awaiting Review 49488 WP-ADMIN > Add New Post Tags section - Issue Taxonomy normal feature request new 2020-02-21T17:25:34Z 2020-02-21T17:30:12Z "**Suggestion : WP-ADMIN > Add New Post Page > Right Hand side ""Tags"" Section**
On Tags section we can add new tag by just typing text and after press enter key. ""We should remove this feature"" Because of this feature, many times accidentally add unwanted tags and it would be submitted to google by auto sitemap submit plugin.
i aware that, This issue are fetching all of wordpress users who use wordpress TAGS.
So please consider this issue on next update.
" gadhiyaravi 5.3.2
Enhancements Awaiting Review 51817 WP-Admin - Optimize main wpquery with 'fields' => 'ids' causes notice Administration normal enhancement new 2020-11-18T15:21:57Z 2021-04-08T07:01:43Z "Hi all
I have a post_type (Woocommerce product) with a lot of data in the post contents. So, in wp-admin, WP requires a lot of memory to list them (sometimes I got an OUT-OF-MEMORY)
So, I tried to make a lighter query adding via hooks the query params
'fields' => 'ids'
It works! The query is more fast and WP does not require so many memory
but I got some annoying notices
In method _display_rows in WP_Posts_List_Table you have
{{{
foreach ( $posts as $a_post ) {
$post_ids[] = $a_post->ID;
}
}}}
The method supposes that $posts will be an array of WP_Post object .
In my case it is an array of integer
Can you handle this scenario?
" eumene 5.5.3 has-patch
Enhancements Awaiting Review 58433 WP version in Etag header in load-styles.php file General normal enhancement new 2023-05-31T11:16:13Z 2023-06-19T00:44:33Z "Hi
I know there are plenty of plugins to hide WP version. You also decided to hide WP version from readme.html some time ago. When the user uses all possible methods to hide WP version, current version still can be checked by load-styles.php and load-scripts.php files. It is visible in eTag header.
I know, this is not a big issue but I think is worth considering to use here some hash or checksum.
Regards
Dawid " dav4 has-patch
Defects Awaiting Review 58715 WP Themes: Improve various globals documentation. Bundled Theme normal defect (bug) new 2023-07-05T13:04:58Z 2024-01-22T06:56:12Z "I have reviewed the code and found some of the files need to be improved comment code. Please check the below files.
File Name:
- wp-content/themes/twentysixteen/functions.php
- wp-content/themes/twentytwelve/functions.php
- wp-content/themes/twentytwenty/functions.php" upadalavipul has-patch
Defects Awaiting Review 41224 "WP strips query vars if post contains ""wp-admin""" Query normal defect (bug) new 2017-07-03T00:09:50Z 2017-07-03T10:48:55Z "I'm running up against this rather obscure issue in the WP Query parser.
If a post name contains ""wp-admin"", the query vars are emptied which results in loading the front page instead of the post.
Repro steps:
- Use built-in PHP web server to start a WP site.
- Create a post or CPT called ""test-wp-admin""
- View the post, you will be redirected to the frontpage.
Here is the relevant code from class-wp.php
{{{
if ( isset($perma_query_vars) && strpos($_SERVER['PHP_SELF'], 'wp-admin/') !== false )
unset( $perma_query_vars );
}}}
https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp.php#L276
If you inspect $_SERVER['PHP_SELF'], the resulting value is ""/index.php/test-wp-admin/"" which triggers the conditional.
It is not immediately clear to me why this is being done at all." khromov 4.9 has-patch
Enhancements Awaiting Review 60407 WP Starter Page is a source for HACKERS Build/Test Tools critical feature request new 2024-01-31T21:40:44Z 2024-01-31T21:40:44Z "I am convinced that the WP starter page, with the BOLG option is the source for all and any hacker to hack a site. Prove me wrong: Example, I have had my website online for 20 years, I have used several different website dev. Apps. I have never been hacked.
After setting up WP on my sites; 3 to be exact, I soon started to get spam emails from the comment section of the blog.
I am not a website programmer, btw, I had no idea where these comments. were being submit, I looked at the pages on my dashboard and there was nothing there. I kept looking, granted not a lot because it didn't concern me. But the SPAM was annoying and often inappropriate. Eventually when my site(s) were hacked and shut down, I found the hidden blog page, and deleted it. Because my sites were shut down this was a challenge. I still continued to get SPAM even after shutting down the blog comment page. My other 2 sites were still getting comments. It took a bit of sleuthing to find this hidden blog page on each site, You cant edit it either, WP has embedded the comment section. Eventually I deleted them all, but I still had 3 hacked sites. recently I deleted one of the site and reinstalled WP. And guess what, even though I though I deleted the WP Blog page, I started to immediately get SPAM and the site was hacked. OK point being SHUT DOWN THE AUTOMATICALLY AND HIDDEN BLOG PAGE, SHUT DOWN THE COMMENTS UNLESS YOUR POINT IS FOR US TO GET HACKED!!! I AM CONVINCED THIS IS A SERIOUS PROBLEM THAT YOU HAVE TO FIX. Your welcome to drop me an email, that hopefully isnt spam, to let me know you are fixing this gateway for hackers. Thanks Jimmy" dpmatlosz 6.4.3 dev-feedback
Defects Awaiting Review 40352 WP REST API, Comments Not Triggering 'comment_post' Comments normal defect (bug) new 2017-04-04T06:50:37Z 2019-11-26T14:44:32Z "Hello,
I’ve noticed that when comments are created using the WP API that notification emails are not sent out to the author of the post or moderators. (When testing, If I add the comment via the admin interface, it works as expected).
On debugging, I noticed that the filter ‘comment_post’ is not being called when inserted via the API. For now, I used the following workaround:
{{{#!php
function mytheme_comment_inserted($comment_id, $comment_object) {
wp_notify_postauthor( $comment_id );
}
add_action('wp_insert_comment','mytheme_comment_inserted');
}}}
I already posted on the support forum here: https://wordpress.org/support/topic/wp-api-comments-not-sending-notifications/#post-8987973 and it was suggested this could be intentional behaviour but that this also could, in fact, be reported as a bug?
Thanks!
Chris" stickypixel 4.7 dev-feedback
Reporter Feedback / Close 54240 WP REST API Users Endpoint Search REST API normal defect (bug) new 2021-10-11T03:31:11Z 2021-10-14T11:16:28Z "The WP REST API Users endpoint doesn't support plus addresses when searching using the search parameter - /wp-json/wp/v2/users/?search=example+label@example.com
Plus addressing is a handy Google Workspace and Office 365 feature that I'm noticing adoption of more and more." damianem 5.8.1 reporter-feedback
Enhancements Awaiting Review 40142 WP Remote Remaining Methods HTTP API normal enhancement new 2017-03-13T16:46:43Z 2023-04-19T19:43:33Z "While we have `wp_remote_post()` and `wp_remote_get` I would like to see helper functions for the remaining HTTP Methods. These can be very useful working with third-party APIs, and as the Rest API becomes more important.
'''Requested Functions:'''
`wp_remote_delete()`
`wp_remote_put()`
`wp_remote_trace()`
`wp_remote_get_head()`
`wp_remote_get_options()`
`wp_remote_connect()`
Further Reading:
https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html" bhubbard 2.7 needs-unit-tests
Defects Awaiting Review 41546 WP Query order by meta_clause not working correctly for decimal values Query normal defect (bug) new 2017-08-03T13:06:36Z 2017-08-05T07:13:01Z "Short description: When using the WP 4.2 improvements for meta queries (as described here: https://make.wordpress.org/core/2015/03/30/query-improvements-in-wp-4-2-orderby-and-meta_query/) and trying to order the query by a decimal custom field, wordpress orders as if these fields are all integer and incorrectly handles all decimal values such as 1.5, 1.6 and 1.7 (all of these are seen as 1).
In detail:
{{{
WP_QUERY_ARGS Array
(
[ignore_sticky_posts] => 1
[post_status] => publish
[offset] => 0
[post_type] => Array
(
[0] => post
)
[orderby] => Array
(
[cf_clause_1] => DESC
[ID] => ASC
)
[meta_query] => Array
(
[cf_clause_1] => Array
(
[key] => my_decimal_custom_field
[type] => DECIMAL
[compare] => EXISTS
)
)
[posts_per_page] => 10
[nopaging] =>
)
}}}
5 Test posts:
Post 1 - my_decimal_custom_field = 1
Post 2 - my_decimal_custom_field = 2
Post 3 - my_decimal_custom_field = 2.2
Post 4 - my_decimal_custom_field = 2.6
Post 5 - my_decimal_custom_field = 3
Using the query above results in the order:
1,3,4,2,5
When it should be 1,2,3,4,5.
Trying out different order types as described in the WP Codex does not help." LordSpackolatius 4.2
Defects Awaiting Review 46281 WP Query breaks if there are term_ids in tax_query are more than 192 General normal defect (bug) new 2019-02-19T16:30:06Z 2019-02-19T19:46:26Z "Hello.
I have faced a very wired issue. I am using a WP_Query to get custom posts (more specific 'product') with a tax query of around 193 term_ids as array as NOT IN. The wired problem is that WordPress adds odd term_ids in the $query->request... It works great until I have 192 term_ids, but if I add more, the query gets wired and blocks everything.
I am attaching the args and the query on a txt file.
Check that I dont filter term_category 239 but you will see it in request" Seldimi 5.0.3
Enhancements Awaiting Review 55938 WP prefix on installation - instructions to be indicated Database minor enhancement new 2022-06-07T12:48:50Z 2022-06-07T14:37:01Z "Following a bad experience, changing the database prefix from ""wp_"" to ""SAI"" for security.
I found out that this is giving Woocommerce a problem with creating tables in the database.
This problem is solved, but I create this ticket to give the idea during the next Update, to indicate how to change the prefix.
I had put SAI instead of wp_ forgetting the _ and capitalizing, hence the problem I had encountered." valentindu62
Reporter Feedback / Close 22837 "WP Needs to Set ""Sender"" and ""Reply-To"" or DKIM/DMARC will not work using wp-mail (via PHPMailer)" Mail major defect (bug) new 2012-12-09T17:23:48Z 2023-11-28T19:33:30Z "I notice that for DKIM to function (while using DMARC) correctly for outgoing mail the PHPMailer object needs to make sure the Sender and Reply-To fields match the ""From"" field otherwise the ""Return-Path"" header uses the server it is sending from causing a mismatch. When this happens DKIM fails authentication on the receiver side because it is not added to outgoing mail.
I tried adding the reply-to and sender header manually to wp_mail() but it did not work. One had to do the following:
Right now i have to manually modify the /wp-includes/pluggable.php file in the wp_mail() function to include:
{{{
if (strlen($phpmailer->Sender)==0)
{
$phpmailer->Sender = $phpmailer->From;
$phpmailer->AddReplyTo($phpmailer->From);
}
}}}
This resolves the problem and DKIM works again.
" kellogg9 3.4.2 close
Defects Awaiting Review 54006 Wp Multisite Get, Add, Update and Delete Site Meta Issue. Options, Meta APIs normal defect (bug) new 2021-08-25T16:26:30Z 2021-08-27T14:21:30Z "Just working on some code to help with WP Multisite integration...
I have noticed that the `add_site_meta` function is currently not working.
I had a look through the functions in wp-includes/ms-site.php and found that the first parameter in the 'add_metadata' function called by add_site_meta (line 1012) is 'blog'.
I figured since you changed the blogmeta table to sitemeta that something might be amiss. If the metadata is added thus:
add_metadata( 'site', 1, 'test_site_feta', 'cheese', false );
All appears to work okay, however this does not;
add_metadata( 'blog', 1, 'test_site_feta', 'cheese', false );
Think its a bug...until I had a closer look I had to use MySQL queries to add the site meta.
" leeml 5.8 dev-feedback
Defects Awaiting Review 41952 WP import: Bug with import gziped file from web Import normal defect (bug) new 2017-09-22T04:54:24Z 2017-09-22T04:54:24Z "When i import svg image with gzip compression, then i give error ""Remote file is incorrect size""
In [https://plugins.trac.wordpress.org/browser/wordpress-importer/trunk/wordpress-importer.php#L1007 wordpress-importer.php:1007] your check file size.
If file is gziped, when filesize on disc != content-length in headers" arybnikov 4.8.2
Reporter Feedback / Close 44802 WP Generate Tag cloud not generating Link (href) tag value and Role tag value. Taxonomy major defect (bug) new 2018-08-15T12:48:32Z 2021-05-03T23:06:43Z "See demo: https://www.atsspec.com/blog/.
The tags are generated using wp_generate_tag_cloud function but are not clickable and has ""role"" tag associated with each hyperlink." tpkahlon 4.9.8 reporter-feedback
Defects Awaiting Review 54876 WP fails to recognize and use Imagick PHP 8 module on OpenLiteSpeed / Litespeed Web Server Media normal defect (bug) new 2022-01-21T16:23:13Z 2022-02-03T15:39:00Z "Hi, I've made a ticket with the LiteSpeed people but they insist that their version of PHP (LSPHP) is a like-for-like copy of the PHP binaries, only hosted in their own repos. So it seems this error may be on the WordPress side.
I'll first refer you to this support thread to show I'm not the only one with this problem: https://wordpress.org/support/topic/imagick-module-recognized-but-not-used/
In short, WordPress does not recognize the Imagick module in LSPHP 8, so it will not use it and defaults to WP_Image_Editor_GD as its image editor. It has no problems detecting and using it in an Apache environment where I used PHP 8 from the CentOS repos. It also has no problem using the LSPHP 7.4 version either.
Here's a breakdown of the results:
**Apache 2.4.37 with PHP 8.0.14**
Custom Image Processing with WP_Image_Editor_Imagick = **Success**
ImageMagick version number = 1692
ImageMagick version string = ImageMagick 6.9.12-34 Q16 x86_64 2021-12-22
Imagick version = 3.7.0
**OpenLiteSpeed 1.7.14 with LSPHP 7.4.26**
Custom Image Processing with WP_Image_Editor_Imagick = **Success**
ImageMagick version number = 1690
ImageMagick version string = ImageMagick 6.9.10-86 Q16 x86_64 2020-01-13
Imagick version = 3.4.4
**OpenLiteSpeed 1.7.14 with LSPHP 8.0.12**
Custom Image Processing with WP_Image_Editor_Imagick = **Error** (see notes*)
ImageMagick version number = 1690
ImageMagick version string = ImageMagick 6.9.10-86 Q16 x86_64 2020-01-13
Imagick version = **@PACKAGE_VERSION@**
***Notes:** Active editor is listed as WP_Image_Editor_GD. WordPress fails to recognize and use the Imagick extension. Custom image processing fails as it tries to run Imagick methods through the GD class.
All environments are running on Rocky Linux release 8.5.
" luboslives 5.8.3
Defects Awaiting Review 52781 WP Export/Import tool Import normal defect (bug) new 2021-03-11T16:04:49Z 2021-03-11T19:24:04Z "One of the biggest challenges on WordPress is to export/import content with images. I'm trying to export posts from a website and import to another one but no images are being uploaded even if I check ""import attachments etc"". I've tried several plugins but none of them can really get the work done properly." ayrancd
Reporter Feedback / Close 49117 WP default themes' translations keep being installed when updating WordPress Upgrade/Install trivial defect (bug) new 2020-01-02T14:05:43Z 2023-05-29T12:31:23Z "This happens every website I maintain, and it has been happening ever since I got in the field of web design with wordpress. I'm reporting it because I couldn't find any refference to the issue on the net.
To keep the clutter to a minimum, I regularly add following lines to config.php:
{{{
define( 'CORE_UPGRADE_SKIP_NEW_BUNDLED', true );
define( 'WP_DEFAULT_THEME', 'whatever-the-theme-is' );
}}}
WP default themes' (3 twentywhatever themes) translations keep being installed in wp-content/languages/themes when updatig wordpress, no matter what WP version it is updating to, or what the default theme is.
Not a big issue, but still a bug and a nuisance." 3dwebvision 5.3.2 reporter-feedback
Defects Awaiting Review 55556 WP cron daily issue Cron API normal defect (bug) new 2022-04-11T08:36:02Z 2022-04-11T08:36:02Z "In wordpress, a day is defined as having 24 hours:
wp-includes/default-constants.php: define( 'DAY_IN_SECONDS', 24 * HOUR_IN_SECONDS );
but that doesn’t take summer/winter time into account of course.
While it is being stated above the definition that these values are approximate and are provided for convenience, the DAY_IN_SECONDS is being used in the “daily” cron definition. This means - in case of DST - if you plan something to happen daily at midnight (say membership status recalc, half of the year it will happen one hour later/earlier (depending on the day you planned it initially).
So, in order to be sure something happens daily “as soon as the new day starts”, you need to plan it at 01:00 at the earliest to be sure it is always on the same day (in case of DST).
Since the fixed wp schedules are in fact “fixed”, why not have them calculate “daily” as the DateTime function “+1 day”? The same goes for weekly, monthly, yearly. The basic schedules could even be thrown away and WP could e.g. translate 'daily' to '+1 day' on the fly.
I know WP cron doesn’t run exactly the moment you want it (unless you use system cron), but if running something “daily” at around midnight and it causes it to be ran at 23:00 instead, you might be giving people an extra free day entrance (again for memberships).
Moreover, getting rid of ""schedules"" and moving cron to its own database table would be even better (planning a recurring action should not require the need for a schedule definition via a filter, but use ""last executed time"" + the recurrence definition in datetime notation as a cron-definition). But this last remark is a whole other discussion, so not for this issue (but I would be willing to invest time in this to help develop it)." liedekef
Defects Awaiting Review 51716 WP Cron - looses entries Cron API normal defect (bug) new 2020-11-05T20:42:26Z 2020-11-24T11:47:00Z "Hello, I've been working with an external API for submitting orders from Woocommerce. To ensure the system is responsive I've been calling the scheduled events to save the orders to the API shortly after the order is submitted.
I have noted that if items are saved at the same time. One of the events will not be saved.
This appears to be caused by the cron task being build around a single database record (object), and in many cases would be completely fine, but is not reliable when being used in any great capacity.
I understand my use-case isn't potentially what this was designed for, but there is room for improvement with the scheduled events to ensure reliability.
I'm not 100% sure if I'm correct here, but it also appears that these tasks are also run when subsequent web requests are made, is there any current normalized interface for setting this up to run via an OS cron task or similar. To ensure other visitors requests aren't slowed down by checks (small) and events being activated (potentially slow).
" Nate1 has-patch
Defects Awaiting Review 50472 "wp core download --skip-content doesn't create empty ""plugins"" dir" Upgrade/Install normal defect (bug) new 2020-06-25T11:58:31Z 2020-09-16T15:39:22Z "
(Migrated from https://github.com/wp-cli/wp-cli/issues/5410)
According to docs, wp core download --skip-content doesn't install default plugins.
However, it doesn't also creates the wp-content/plugins/ sub-directory itself.
The Problem: Some wordpress parts assume it exists, and fail when trying to deploy plugins or themes.
For example:
- Install wordpress importer will always fail in this situation, without a reason, and without an error log entry.
- It's impossible to install new plugins or themese from via UI.
Please create /plugins/ & /themes/ directories even if they're empty, when deploying any core format
" asafgreen 5.5
Defects Awaiting Review 55206 wp core api memory leaks Database normal defect (bug) assigned 2022-02-20T05:37:43Z 2022-04-29T04:44:55Z "I've experienced the following two memory leaks in WP core. One involves $wpdb when `SAVEQUERIES` is defined truthy, and the other involves `$wp_object_cache` growing as a consequence of calling core api functions that themselves save to the object cache. Both have happened for me in cases where I'm doing large batch processing involving thousands or tens of thousands of posts. I've had memory usage exceed 512MB and cause crashes.
I'm including unit tests here showing each memory leak and also the fix that I've used to prevent the memory leak and keep my batch jobs running.
{{{#!php
queries particularly has a tendency to blow up.
*/
class WP_Memory_Leak_Tests extends WP_UnitTestCase {
/**
* This tests a condition which exposes a memory leak in the WPDB class.
* If 'SAVEQUERIES' is defined as truthy, then the $wpdb->queries property
* can grow indefinitely.
*/
public function test_WPDB_Memory_Leak() {
// Once a constant is defined, it can't be undefined, it's often defined in dev or staging environments.
define( 'SAVEQUERIES', true );
// I'll just start my cron job to read the import file I've got. It's
// got a decent number of records.
$number_of_records = 1000;
global $wpdb;
$memory = memory_get_usage( true );
$peak = memory_get_peak_usage( true );
foreach ( [ 'first', 'second' ] as $pass ) {
// first pass through, we'll apply a fix for this memory leak.
// second pass through, we'll bypass the fix and the tests will fail.
for ( $i = 1; $i <= $number_of_records; $i ++ ) {
if ( 'first' === $pass ) {
$wpdb->queries = [];
}
// for this test, we'll do direct calls to $wpdb
$wpdb->query( $wpdb->prepare( ""SELECT * FROM $wpdb->posts WHERE ID = %d"", $i ) );
}
$this->assertEquals( $memory, memory_get_usage( true ), ""$pass pass"" );
$this->assertEquals( $peak, memory_get_peak_usage( true ), ""$pass pass"" );
}
}
/**
* This tests a condition which exposes a memory leak in wp cache API. If
* a large batch job attempts to do a lot of something that ends up caching
* things ( like, for example, get_post or wp_insert_post ), then unless
* the cache is flushed regularly, the memory usage grows indefinitely.
*/
public function test_WP_Cache_Memory_Leak() {
// I'll just start my cron job to read the import file I've got. It's
// got a decent number of records.
$number_of_records = 1000;
global $wpdb;
$memory = memory_get_usage( true );
$peak = memory_get_peak_usage( true );
foreach ( [ 'first', 'second' ] as $pass ) {
// first pass through, we'll apply a fix for this memory leak.
// second pass through, we'll bypass the fix and the tests will fail.
for ( $i = 1; $i <= $number_of_records; $i ++ ) {
if ( 'first' === $pass ) {
wp_cache_flush();
}
// Because our last test defined 'SAVEQUERIES', we need to
// always apply this fix, otherwise that memory leak manifests.
// With us doing a core API function `wp_insert_post`, the number
// of queries is quite large and memory __really__ grows.
$wpdb->queries = [];
// let's say we're inserting posts, maybe from an excel file.
// this caches some things, so $wp_object_cache grows.
wp_insert_post([
'post_type' => 'post',
'post_title' => ""post $i"",
'post_content' => ""pass $pass""
]);
}
$this->assertEquals( $memory, memory_get_usage( true ), ""$pass pass"" );
$this->assertEquals( $peak, memory_get_peak_usage( true ), ""$pass pass"" );
}
}
}
}}}
" sllimrovert dev-feedback
Defects Awaiting Review 59826 WP breaks in PHP 8.0 when passing multiple terms of same hiearchichal taxonomy to the query via GET params. Query normal defect (bug) new 2023-11-07T14:17:35Z 2024-01-23T21:03:20Z "Using WC product_cat as an example here:
/shop?product_cat%5B%5D=bralettes&product_cat%5B%5D=slips
This breaks the matrix. In class-wp-query.php we find (LN 1178 - 1180):
if ( ! empty( $t->rewrite['hierarchical'] ) ) {
$q[ $t->query_var ] = wp_basename( $q[ $t->query_var ] );
}
Because ""$q[ $t->query_var ]"" is an array holding both terms, not just a string.
My patch: The if query should be changed to avoid running wp_basename on arrays:
if ( ! empty( $t->rewrite['hierarchical'] ) && ! is_array( $q[ $t->query_var ] ) ) {
$q[ $t->query_var ] = wp_basename( $q[ $t->query_var ] );
}
All the best, LXT" lxt 6.3.3 has-patch
Reporter Feedback / Close 55870 WP App Passwords Should be URL Decoded Application Passwords normal defect (bug) new 2022-05-29T04:05:15Z 2022-05-30T04:52:34Z "Using OAuth 2 based. authentication IETF recommends for [https://datatracker.ietf.org/doc/html/rfc6749#section-2.3.1 client id/secrets] URL [https://datatracker.ietf.org/doc/html/rfc6749#appendix-B encoded] forms.
Which means, by using some node OpenID clients, we always get `Authorization: Basic urlSafeEncodedBase64String('user:pass')`.
This fails to authenticate as [https://github.com/WordPress/wordpress-develop/blob/0a6c37ceb0a86bebf0b287ac12d200e67bbf948f/src/wp-includes/user.php#L474 WordPress doesn't decode] the `user` and `pass` which could also be clientId and clientSecret in OAuth2.
This could be solved by using `urldecode( string $str )`.
BEFORE
{{{#!php
Styles > Additional CSS panel.
Luckily I had done a backup just before the update." petervandoorn 6.3
Reporter Feedback / Close 57109 WP 6.1.1 > PHP 8.0/8.1/8.2 Dev Note is missing General major defect (bug) assigned 2022-11-14T21:27:38Z 2023-03-02T20:28:58Z "see https://make.wordpress.org/core/handbook/references/php-compatibility-and-wordpress-versions/
Just add a post in the core make dev blog to clarify what PHP version WP 6.1 is compatible with, and link it to the handbook page.
Because PHP 7.4 is reaching EOL by 28 Nov 2022, some could get in a hurry in a few days... to find if WP runs ok against PHP 8.0/8.1/8.2
i ping desrosj because the 6.1.1 release date is very soon :-)" mdxfr 6.1 close
Defects Awaiting Review 57366 WP 6.1 - Performance Regression Cache API normal defect (bug) new 2022-12-21T12:45:49Z 2023-04-20T13:25:04Z "Hi team,
I am experiencing some significant performance regression when I upgrade from 6.0 to 6.1 (and 6.1.1). Page load time roughly triples across the site.
I do not have a profiler running but using Query Monitor I can see a significant increases in object cache hits (14k to 110k). I understand this is partially expected due to the caching improvements.
I am running a fairly large (170k posts) site with Woocommerce and a number of plugins.
I am happy to provide more detailed analysis but not sure what is the best profiling tool or method to understand where the regression is coming from. If you can provide some guidance I will try to collect more data.
Thanks,
Jason" galapogos01 6.1.1 dev-feedback
Defects Awaiting Review 54981 WP 5.9 Gallery Block Issues Editor normal defect (bug) new 2022-01-28T20:22:13Z 2022-01-31T09:38:46Z "I have an image gallery in all of my posts with images set to not cropped, thumbnail size, 3 or 4 columns.
If I look at an old post (anything before the WP 5.9 upgrade this week), the gallery images look fine. If I go into that old post and update it (without changing anything in the gallery), the gallery images change to stretched in safari and full-size, singe column (instead of thumbnail, 3 or 4 columns) in chrome and firefox.
Also, newly created posts are having the same issue since WP 5.9 upgrade.
Issue is present while using either GeneratePress or Twenty Twenty-Two themes.
I have tried deleting gallery and re-adding, same issue." hmnvtn 5.9
Defects Awaiting Review 45683 WP 5.0.1 Throwing Warning on site when running PHP 7.1 Bootstrap/Load normal defect (bug) new 2018-12-17T21:41:04Z 2018-12-18T00:31:08Z "Visible warning appears when running 5.0.1 on PHP 7.1
""Warning: array_merge(): Argument #2 is not an array in /[redacted]/wp-includes/load.php on line 63"" error appeared on front end after autoupdate to 5.0.1.
Error persistent on both themes twenty nineteen and twenty seventeen (although hidden behind the main image) with every plugin deactivated, and 5.0.1 freshly reinstalled. When I changed PHP version to 7.2 the error went away. Back to 7.1.25 it reappeared. " Wendy__D 5.0.1
Defects Awaiting Review 40863 WP 4.7.5 XMLRPC new method for parsing arguments omits menu_order XML-RPC normal defect (bug) reopened 2017-05-25T15:35:22Z 2017-08-04T16:43:29Z "In WP 4.7.5, in wp-includes/class-wp-xmlrpc-server.php, on line 1327, this line:
{{{
$post_data = wp_parse_args( $content_struct, $defaults );
}}}
was changed to:
{{{
$post_data = wp_parse_args( array_intersect_key( $content_struct, $defaults ), $defaults );
}}}
Unfortunately, the new intersection strips out any arguments from $content_struct that don't exist in $defaults.
So you can no longer edit a post and change the ""menu_order"" field, because it doesn't exist in the $defaults declared just before this line.
Please provide either an updated list of acceptable defaults (e.g. including menu fields), or allow for additional fields to pass through to wp_parse_args.
Tested with latest version of WP, and confirmed that swapping the changed line above enables/disables the ability to change menu_order in posts.
" bjminihan 4.7.5
Enhancements Awaiting Review 60523 working_directory enhancement Upgrade/Install normal enhancement new 2024-02-13T11:59:06Z 2024-02-26T20:16:51Z "Because the ""source"" parameters can be filtered we have to been sure, that the ""working_directory"" has a trailing slash before we check files in it - when it's valid" ipswise trunk has-patch
Defects Awaiting Review, reported against no version 35517 Work around PHP7 php-ssh2 breakage Filesystem API normal defect (bug) new 2016-01-18T20:46:22Z 2023-06-27T06:41:29Z "There is an updated php-ssh2 package available for PHP7, but it currently breaks the WordPress updater functionality for `class-wp-filesystem-ssh2.php`. The root cause seems to be that it has not correctly implemented the PHP stream wrappers for the `stat()` call, and any dependent functions such as `is_file()`, `is_dir()`, `file_exists()`, etc.
However, the `ssh2_sftp_stat()` function does work, and we can deduce the other information from it.
I've filed a bug against the php-ssh2 extension (https://bugs.php.net/bug.php?id=71376), but I wondered if using `ssh2_sftp_stat()` might be better, in general, than depending on the PHP stream wrapper functionality.
" dougal dev-feedback
Defects Awaiting Review 59088 WordPress6.3 has a cookie General normal defect (bug) new 2023-08-13T02:21:56Z 2023-08-14T00:54:29Z Wordpress6.3 has a cookie in homepage, but in previous WordPress version no any cookie in homepage, please check it in chrome. Can you please check it? Many thanks thejimjim 6.3
Defects Awaiting Review 27896 wordpress-importer's lack of understanding of XML Namespaces causing compatibility issues Import normal defect (bug) new 2014-04-18T15:02:18Z 2017-06-13T21:27:26Z "This plugin doesn't understand namespaces when parsing XML.
Correct me if I'm wrong but I think the following XML documents are equivalent:
{{{
1.2
}}}
{{{
1.2
}}}
{{{
1.2
}}}
{{{
1.2
}}}
Importing the first document leads to the next step with the ""Download and import file attachments"" checkbox and the ""Submit"" button. The other documents produce ""This does not appear to be a WXR file, missing/invalid WXR version number"".
This bug makes it difficult to write tools which generate WXR files (for instance when migrating content from an existing site into a WordPress installation)." tomdxw 3.9 has-patch
Enhancements Awaiting Review 41907 WordPress-Importer Assign all entries to one 'local' user Import normal enhancement new 2017-09-18T10:52:09Z 2018-07-23T17:05:46Z "I've only recently started using the Import tool so I don't know if this is something that was purposely done this way or mentioned before but here goes.
I had to import some data while working on the HelpHub dev environment and it actually has quite a long list of users so I had to re-assign everyone to my admin to go forth.
That being said and with my poor knowledge of the importer ( i don't know if something exists already ) I didn't find any buttons to being able to assign all Authors into an existing one for starters and then change some fields if needed respectively as well.
So I'd like to propose this as an enhancement as some websites might need to Import with many users and probably there are many people out there who are not comfortable on changing things through their database.
This .gif is a simple mockup of what I thought could be done. As you'll see it's just an extra select box and a little jQuery but it saves a lot of time if the authors are way too many to simply point+click on each of them. This patch was something simple so I can ease my repetitive imports it was not meant to be 100% clean and safe etc." xkon ui/ux
Defects Awaiting Review 49730 WordPress-generated RSS feeds replace unicode symbols with images. Emoji normal defect (bug) new 2020-03-30T20:46:03Z 2021-02-04T14:22:14Z Which rather misses the point of having them as part of Unicode. This causes trouble for feed readers because the images have to be handled specially in order for them to format with the text, e.g. https://github.com/Ranchero-Software/NetNewsWire/issues/1958 jralls
Defects Awaiting Review 40716 WordPress's magic quotes emulation doesn't slash keys like PHP's built-in magic quotes General normal defect (bug) new 2017-05-10T14:56:49Z 2017-06-06T06:48:41Z "PHP's built-in magic quotes feature [https://secure.php.net/manual/en/security.magicquotes.disabling.php#69024 not only slashed values, but also keys]. However, although WordPress emulates the magic quotes feature even when it is disabled/unavailable, it has apparently never slashed keys of the GPC arrays, only the values.
As a consequence of this, I was just dealing with a bug in a plugin that a user was experiencing on PHP 5.2, but I had never witnessed on newer versions of PHP (5.6, 7.0), which did not have magic quotes enabled.
The plugin POSTs data via Ajax that includes both keys and values containing backslashes. This data will be double-slashed by the magic quotes feature. So in the Ajax handler, this data is passed through `wp_unslash()`, and so the original, single-slashed values can then be utilized. However, `wp_unslash()` does not unslash the keys. When PHP's magic quotes are disabled, this is not a problem, because WordPress's magic quotes do not slash keys. But on older versions of PHP where magic quotes are enabled by default, PHP will slash both the keys and values, and `wp_unslash()` will not unslash the keys.
Data flow:
{{{
# WordPress's magic quotes emulation:
POST => Data containing slashes in keys and values posted.
add_magic_quotes() => Slashes in values are escaped.
wp_unslash() => Escaping slashes in values removed.
result: data is unchanged.
---
# PHP's magic quotes:
POST => Data containing slashes in keys and values posted.
magic_quotes_gpc => Slashes in values *and keys* escaped.
wp_unslash() => Escaping slashes in values removed.
result: values unchanged, keys still double-slashed.
}}}
In other words, there is an inconsistency in how data is slashes on different PHP configurations, despite WordPress's efforts to standardize it. The values are consistent in the way that they are slashed, but keys are not." jdgrimes 0.71
Reporter Feedback / Close 42995 WordPress XML-RPC editComment return error 500 changing date_created_gmt XML-RPC normal defect (bug) new 2017-12-28T19:01:25Z 2019-06-20T14:10:09Z "Grettings,
This:
// Do some timestamp voodoo
if (!empty($content_struct['date_created_gmt'])) {
// We know this is supposed to be GMT, so we're going to slap that Z on there by force
$dateCreated = rtrim($content_struct['date_created_gmt']->getIso(), 'Z') . 'Z';
$comment_date = get_date_from_gmt(iso8601_to_datetime($dateCreated));
$comment_date_gmt = iso8601_to_datetime($dateCreated, 'GMT');
}
[Thu Dec 28 15:52:34.123148 2017] [php7:notice] [pid 5507] [client 127.0.0.1:39464] PHP Fatal error: Uncaught Error: Call to a member function getIso() on string in wp-includes/class-wp-xmlrpc-server.php:3533
" fpilee 4.9.1 reporter-feedback
Defects Awaiting Review 50964 WordPress view/preview links + post editor don't get along with SPA frontend REST API major defect (bug) new 2020-08-12T21:25:29Z 2021-04-20T05:56:43Z "Hi,
I've built a separated frontend (SPA) using WordPress as headless CMS. I managed to allow writers to view/preview posts on the frontend by setting the ''home_url'' accordingly.
I also used the ''preview_post_link'' filter to rewrite the preview URL and adding a generated nonce I then pass to the API to fetch the post content. Here is the function :
{{{#!php
post_type . '&id=' . $post->ID . '&nonce=' . $nonce;
}
}}}
Everything worked just fine until I met the new post editor (must be version 5.3 or 5.4 - working with the REST API).
I now have 2 issues :
1. **Saving a post** (or cusotm post). It seems the ''home_url'' needs to be the same as the site_url (wordpress) overwise it fails to update any post (it makes multiple REST API calls to the ''home_url''). Settings the same URL works but now we can't view a post on the frontend using view links.
2. **Previewing a post** (or custom post). In the new block editor, the ''preview_post_link'' filter doesn't seem to be called. URL aren't changed so I can't preview my post on the frontend.
I couldn't find anything about similar issues. Could you please help me ?
Cheers,
Fabrice" fdouchant 5.3
Defects Awaiting Review 36557 WordPress Version 4.5 Upgrade Failure Upgrade/Install normal defect (bug) reopened 2016-04-17T04:27:36Z 2017-07-05T20:12:57Z "Upgrade to Version 4.5 failing in one of my site.
The wp-admin/update-core.php?action=do-core-upgrade page comes blank with normal admin menu and sidebar.
Upon further investigation I found those in source
{{{
}}}
And at the end of the page
{{{
Are you sure you want to do this?
Please try again.
}}}
I cleaned cache, re-logined, still same. Any plugin updates works perfectly, not just the core.
Server NGINX 1.9.10, PHP 7.0.5, from WordPress 4.4.2
" Asif2BD 4.5
Reporter Feedback / Close 50490 WordPress URL guessing cannot be stopped Permalinks normal defect (bug) new 2020-06-27T17:03:02Z 2020-06-30T13:55:52Z "Hello. https://wordpress.org/support/topic/how-can-i-remove-redirect/
example:
https://www.ozgurbilgi.net/etiketler/aysegul-tecimer (There is no such link in the site.)
to https://www.ozgurbilgi.net/aysegul-tecimer-ustsuz-danscilar
**
I tried this**
{{{
function remove_redirect_guess_404_permalink( $redirect_url ) {
if ( is_404() && !isset($_GET['p']) )
return false;
return $redirect_url;
}
add_filter( 'redirect_canonical', 'remove_redirect_guess_404_permalink' );
}}}
**I tried this**
{{{
DELETE FROM
wp_postmeta
WHERE
meta_key
= '_wp_old_slug'
}}}
**my htaccess**
{{{
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
}}}
**I tried this**
{{{
remove_action('template_redirect', 'wp_old_slug_redirect');
remove_filter('template_redirect', 'redirect_canonical');
remove_action( 'post_updated', 'wp_check_for_changed_slugs',
}}}
I searched for it in the database but I couldn’t find it. I do not understand how it redirect.. I tried all this but these did not solve the problem. How can I stop this redirect? thanks
others examples
https://www.ozgurbilgi.net/etiketler/aysun-kayaci to ------> https://www.ozgurbilgi.net/aysun-kayaci-fatih-optu
https://www.ozgurbilgi.net/etiketler/seo to -----> https://www.ozgurbilgi.net/icerik-pazarlamasinda-basarisiz-olmanizin-onemli-nedenleri
**I can stop guessing for the normal link but if it gets the prefix (etiketler like this) , the guessing cannot be stopped.**" devrekli 5.4.2 reporter-feedback
Reporter Feedback / Close 45730 WordPress upgraded 5.0.1 after password field is not working on add/edit user form Users normal defect (bug) new 2018-12-21T07:34:28Z 2019-01-02T04:41:28Z "Hello,
WordPress upgraded 5.0.1 after password field is not working on add/edit user form.
Please help me.
Thanks in advanced.
Regards,
Pooja Joshi." poojabeeline 5.0.1 reporter-feedback
Enhancements Awaiting Review 48435 WordPress update: updating by transferring partial packages Upgrade/Install normal enhancement new 2019-10-26T10:09:57Z 2019-11-16T14:50:09Z "This is a request or enhancement, more than a bug. It is inspired by looking at https://wordpress.org/download/counter/ and the mostly unknown impact of the internet ([https://www.theguardian.com/environment/2015/sep/25/server-data-centre-emissions-air-travel-web-google-facebook-greenhouse-gas]) on our environment.
Disclaimer: I am not technical enough to be able to judge the impact of this request or the possibility of implementing it. Nevertheless...
So, WordPress' size is increasing with every release. Its size determines how much electricity is needed to transfer the zip file from server to server. Since the internet is still largely running on non-renewable energy, each WP install and update has an impact on the environment. It would be great to reduce this impact.co2
I think that there is a lot of thinking about what gets into WP core, but it is always interesting to reconsider things or at least keep the impact of adding another library in mind.
However, I wonder whether it could be possible to update WP without having to transfer the whole package. If this is already the case: great, please close this ticket! Thanks and I am sorry. We're doing fine. ;-)
If not, could we consider to implement something like updating WP by sending only the parts that are necessary (modified)? This would not only decrease the impact of each update on the environment, but also make updates much quicker.
I realise that this means adding additional complexity. There should be packages available for different cases. For example, an update from 4.9 to 5.3 would be a different package than from 5.2 to 5.3. Also for minor updates. We could start incrementally, like minor updates?
If I am not mistaken, this is how operating system updates happen for Apple OS and Windows.
Oh, WP 5.2 has been downloaded about 1000 times **while writing this ticket**. ''That is roughly about 16 kg of CO2 emitted and equals to driving more than 120 km (75 miles) by car (130 g CO2/km (https://ec.europa.eu/clima/policies/transport/vehicles/cars_en))." LittleBigThing
Defects Awaiting Review 42381 Wordpress update does not check if database structure/scheme on existing site is equal to how it would be on a new install Database normal defect (bug) new 2017-10-30T18:19:44Z 2017-11-11T18:19:31Z "'''Description of bug'''
When trying to add a category I receive the error:
WordPress database error: [Duplicate entry ‘test’ for key ‘slug’] INSERT INTO wp_terms (name, slug, term_group) VALUES (‘Test’, ‘test’, 0)
'''What seems to be the cause of the problem?'''
My install does not allow a category (test) with the same slug as an existing tag (test). WordPress should allow this.
On further investigation: in wp_terms table, the field slug has a UNIQUE constraint. This was changed in WordPress 4.1 [https://core.trac.wordpress.org/ticket/22023/ three years ago].
Duplicates are now prevented in WordPress code instead of in the database, but it seems like my site has skipped one or more database core updates.
'''In short'''
My install is up to date. But my database core structure/scheme is not up to date. wp_repair, wp_optimize etc. do not flag this.
Also setting WP_ALLOW_REPAIR in wp-config.php does not flag this as an issue.
I was able to fix this but potentially my database still has other undetected differences.
Questions
- Should WordPress check on update if a existing database structure/scheme matches how it should be if it were new install?
- Should WordPress offer (after backup disclaimer etc.) offer to repair/update the database structure to the latest version?
I submit this as a bug and not as a feature since I feel WP_ALLOW_REPAIR should detect if a WordPress table is setup correctly." mike_vl 4.8.2 dev-feedback
Defects Awaiting Review 51759 WordPress the_tags() before not working at the loop Taxonomy normal defect (bug) new 2020-11-12T09:17:32Z 2020-11-12T12:28:26Z "I am using WP 5.5.3
The code is
****
On a single post I get what I supposed to get
**My tags: tag1, tag2 etc...**
But on the loop I get the before string plus the default wordpress title
**My tags: Tags: tag1, tag2 etc...**" dagmanolis 5.5.2
Reporter Feedback / Close 47452 WordPress taking time to login and throwing time-out error on upgrading Upgrade/Install critical defect (bug) new 2019-06-01T07:08:56Z 2022-11-15T18:21:31Z "**Description**: When new updates are available, I upgraded to the new version but after the upgrade successful, I still see the upgrade version and after that WordPress started working very slow. Any operation performed on the platform will take more time to load and sometimes it comes up with ""connection time out"" error too.
**Steps to reproduce**
1. Check for update
2. update your WordPress version from your site to version 5.2.1
3. Route to the dashboard, where you will see update button to version 5.2.1
4. Perform any operation like (user info, plugin page, widget page) it takes time to load and sometimes it throws ""connection time out"".
**System Info:**
System: Windows, Linux
Browser: Chrome 74.0.3729.131 (Official Build) (64-bit)
" kevintran094 5.2.1 dev-feedback
Enhancements Awaiting Review 35248 "WordPress should remove domain trailing dot (as/like it removes ""www."")" Canonical normal enhancement reopened 2015-12-29T00:35:21Z 2020-01-31T16:22:59Z "I think, WordPress should redirect from address with trailing dot of domain to version without the dot, like it redirects from address with ""www."".
I have read about which version is correct and seems version without dot is allowed according to RFCs, and it is very widely used, and even almost nobody know that trailing dot can be used.
(
https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol ""The first definition of HTTP/1.1, the version of HTTP in common use, occurred in RFC 2068 in 1997, although this was obsoleted by RFC 2616 in 1999""
->
https://tools.ietf.org/html/rfc2616#section-14.23 ""The Host field value MUST represent the naming authority of the origin server or gateway given by the original URL.""
->
https://tools.ietf.org/html/rfc2616#section-3.2.1 ""For definitive information on URL syntax and semantics, see ""Uniform Resource Identifiers (URI): Generic Syntax and Semantics,"" RFC 2396 ...""
->
http://tools.ietf.org/html/rfc2396#section-3.2.2 ""The rightmost domain label of a fully qualified domain name will never start with a digit, thus syntactically distinguishing domain names from IPv4 addresses, and may be followed by a single ""."" if it is necessary to distinguish between the complete domain name and any local domain.""
)" qdinar 4.4
Enhancements Awaiting Review 59282 WordPress should register custom error and exception handlers Bootstrap/Load normal feature request new 2023-09-04T20:06:18Z 2023-09-05T12:51:50Z "WordPress relies on PHP's `display_errors` setting for error reporting. One unfortunate result of that is that errors containing HTML may be served to the browser unescaped.
[https://github.com/WordPress/WordPress-Coding-Standards/ WordPress/WordPress-Coding-Standards] tries to help avoid this by having a sniff (WordPress.Security.EscapeOutput) that, among other things, asks that strings passed to `trigger_error()` and `throw new SomeClass()` be escaped. This is not a very good solution for a few reasons:
* It doesn't do anything about errors or exceptions thrown by PHP itself.
* It doesn't do anything about errors or exceptions thrown by libraries that might be bundled into themes or plugins or any custom code blog authors might inject.
* It means that text-based log files, non-HTML emails, CLI output, and the like will contain HTML entities.
Instead we should follow the principle that values should be escaped close to the point of output, when we know what kind of escaping will be needed. Which, in the context of PHP, means using `set_error_handler()` and `set_exception_handler()` to handle the outputting.
While #43712 is similar to this issue, the reasons and solution space are different. That ticket wants enhanced handling of errors for better user experience. This ticket is satisfied with the existing UX, it just wants error output fixed properly instead of trying to make every generated error be ""safe"" in order to avoid the potential bugs.
See also https://github.com/WordPress/WordPress-Coding-Standards/issues/2374#issuecomment-1703370109 where @jrf suggested I file this ticket.
" bjorsch 6.4 has-patch
Enhancements Awaiting Review 40915 wordpress should issue a warning if no graphic library is installed Media normal enhancement new 2017-06-03T14:58:23Z 2017-06-10T07:07:59Z "Hi people! I've installed wordpress on my site, and I had no library for image manipulation installed. Iin that case, I got no thumbnails.
Due to css of my site, I was not initially aware of my site, cause the layout was right.
So, I think that a warning on admin to the ones that don't have GD or imagick installed could be a good thing. I know that this is a strange corner case :)" waltercruz 4.7.5
Enhancements Awaiting Review 56120 "WordPress should add a space character on every possible ""wrap point"" in a post title when building ""html title"", ""og:title"" and so on" Formatting normal enhancement new 2022-07-01T05:13:27Z 2022-07-05T05:23:50Z "In WordPress it is possible to use html tags inside posts title. This is very nice: for example, it allows to use italics, and to make posts titles wrap where one wants. When the latter is the case, though, the titles get displayed good in the post, but not in the browser's window title (that usually the browser builds after the `
Foobar ` html entity), and not in the link previews that one can get by linking a post into a social network post (that usually have their title based on the `
` entity).
For example, a post title like `First line
second line
third line` will result in a `
First linesecond linethird line ` entity and in a `
` entity, that will result in ugly and difficult to read browser window and link previews titles.
This could be avoided by changing WordPress code so that it added a space character on every possible ""wrap point"" (`
`, ``, `
` and so on) in a post title when building ""html titles"", ""og:title""s and the likes." pezcurrel dev-feedback
Defects Awaiting Review 58693 wordpress posts custom-meta box issue Options, Meta APIs normal defect (bug) new 2023-07-01T11:37:35Z 2023-07-02T06:30:37Z "Hello to the WordPress development team!
im a wordpress plugin developer and I developed a Custom-Plugin for my customer (www.delbarbash.com) and I found a critical issue with post/products meta_box
when i disable custom_meta (checkbox) form the screen-options (top-page) and reload the admin posts page or products page But again, the field was taken by PHP rendered (I saw this from view-page-source)
Issue: and when i update some product meta value from database or by ajax or somewhere else and then update the post the post will send the old meta_keys and meta_values to the wpdb and it seems to be a bug or malfunction Of course I disabled entirely the meta_box with the aid of remove_meta_box function (in my plugin)
My suggestion: to get rid of this weird issue I suggest a new system that when a user disable this meta_box (or all other boxes) from screen option an JS Confirmation take effect and ask the user (if you dont have un-saved values on this page, we will reload the page again) After page reload the page must-not render that box with PHP again! (instead of hidden that box with just CSS)
Thanks a lot!
Thank you for considering and checking my request and believe that this can be a big problem!" mdesignfa 6.2.2 has-patch
Defects Awaiting Review 58125 WordPress post-name permalink is not compatible with Nginx server, working fine with Apache. Permalinks normal defect (bug) new 2023-04-13T10:33:44Z 2023-05-04T14:36:56Z "While I am setting up WordPress in my local environment, after setting up my WordPress I clicked on the sample page link from my home it redirected me to the sample page, and then I changed the permalink to the post-name nav link is not working properly and giving a 404 error.
I have provided an image link here.
[[Image(https://ibb.co/k84qkBV)]]" lovesoni1999 6.2 needs-patch
Defects Awaiting Review 58161 WordPress post editor pagination uses inconsistent URL variable to rest of site Administration normal defect (bug) new 2023-04-20T01:32:20Z 2023-05-02T19:35:24Z "`/wp-admin/edit.php`
uses functions in `class-wp-list-table.php`
Which uses
`$current_url = set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );`
While all other pages use
`WP_SITE_URL`
Thus, when in the post editor, the ""Next page"" goes to (in my case) `https://127.0.0.1:8090/wp-admin/edit.php?paged=2`, instead of to `/wp-admin/edit.php?paged=2` like the rest of `wp_admin`" roballshouse 6.2 has-patch
Defects Awaiting Review 47565 WordPress permalinks flip in hebrew Permalinks normal defect (bug) new 2019-06-19T20:13:06Z 2022-07-07T00:07:33Z "I have a WordPress website in hebrew. My problem is when have a parent page and a child page, the child page url permalink is backward(the child page slug is after the parent page slug). I want first the parent slug then the child. When click Edit it shows it right, but when click ok it's not. The problem is only with this language, when it is english it is ok - Parent slug/Child slug.
Here is Child slug/Parent slug
[[Image(1.jpg)]]
If i click Edit:
Parent slug/Child slug
[[Image(2.jpg)]]" alexstan92 4.9.8 has-patch
Defects Awaiting Review 56842 WordPress performance drop due to introduce Gutenberg Build/Test Tools major defect (bug) new 2022-10-18T09:49:54Z 2022-10-19T04:52:19Z "Using Siege benchmark tool to stress WordPress with transaction per second as KPI
After upgrading WordPress from v5.9.3 to v6.0, we found that the performance dropped.
After experiment on ` git cherry -v 5.9-branch 6.0-branch |cat -n > ~/commits_on_6.0_branch.txt` totally 707 commits, root cause addressed due to [https://github.com/WordPress/wordpress-develop/commit/bab610091d59f6dd21c7db84ba3e1ca0bab6a211 this commit].
||= NO =||= Commit ID =||= Commit Message =||= Transaction/sec =||
|| 1 || 5fc6f2a || Trunk is now 6.0-alpha. Built from [https://develop.svn.wordpress.org/trunk@52448 52448] || 217.25 ||
|| 354 || 7b96116 || Twenty Twenty: Fix aria-expanded handling in search toggle. || 209.71 ||
|| 443 || 476e731 || Users: Improve wording of the ""New Admin Email Address"" email. || 212.07 ||
|| 454 || bc0f186 || Administration: Clarify some sentences after [53131]. || 207.59 ||
|| 455 || ab8a964 || Editor: Update WordPress packages based based on Gutenberg v13.0 RC3 || 186.43 ||
|| 456 || bb723f9 || Widgets: Avoid 27 duplicate translations in Media Widgets constructor. || 182.69 ||
|| 457 || 4dd4aec || Administration: Add unit test for term supplementary notice. || 185.76 ||
|| 459 || 1d29cb6 || Media: Enable edits to custom image sizes. || 184.88 ||
|| 465 || e1a2ae3 || Post WordPress 6.0 Beta 1 version bump. Built from [https://develop.svn.wordpress.org/trunk@53167 53167] || 184.04 ||
|| 487 || 407e802 || Docs: Use third-person singular verbs for function descriptions in `author-template.php`... || 188.67 ||
|| 531 || 943e956 || Feeds: Use latest comment date for the `Last-Modified` header of comments feed. || 182.66 ||
|| 707 || a9c0050 || Post WordPress 6.0.2 version bump. || 181.87 ||
" dylan2intel 6.0 has-patch
Enhancements Awaiting Review 40149 WordPress password strength checking is improved, but the hint now doesn't help Users normal enhancement new 2017-03-14T00:37:07Z 2017-09-27T01:34:33Z "WordPress 4.7 has vastly improved password strength checking.
This is great.
However, the password hint function wp_get_password_hint() provides information that's essentially contradicting the approach that the password checker uses.
Mind that the check tool now used (built by someone at Dropbox) takes into account that (for instance) random word phrases are easy to remember as well as difficult to crack, while using upper/lowercase and letter->digit substitution are easy to crack while being more of a hassle to remember.
Ref also the famous XKCD cartoon on this topic: https://xkcd.com/936/
What does the WP Core default string read?
{{{
'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! "" ? $ % ^ & ).'
}}}
Yes we can override this using the 'password_hint' filter, however I think it'd be great to provide a better base text for default installs.
Proposed new text:
{{{
'Hint: longer is stronger (at least 12 characters), and consider using a sequence of random words (ideally non-English).'
}}}
" arjenlentz 4.7.3 has-patch
Defects Awaiting Review 56523 WordPress page error General normal defect (bug) new 2022-09-06T21:59:23Z 2022-09-06T21:59:23Z "Hi
Please review the following WordPress URL in which header is misplaced. please fix it.
https://codex.wordpress.org/Theme_Unit_Test
" hasan4it
Enhancements Awaiting Review 39795 WordPress objects are only accessible via global variables General normal enhancement new 2017-02-06T13:47:17Z 2017-02-06T16:29:03Z "Hello.
Here's the context:
I'm trying to write some high quality plugins that go through some code analysis tools before any new release is made available to the public. That means that the code that is being analysed is on a repository of its own.
When running the plugin code through such tools (sensio labs insights for example), some errors are marked as major issues: ""Global variable or function should never be used"" and that is related to the access of some WordPress objects like $blog_id, $wpdb and $wp_filesystem to name a few.
Upon investigation I found out that for $blog_id, there was an alternative, which is to use the get_current_blog_id() function. That is great, because it respects the WordPress way of working on the WordPress side, and in my plugin, I can now use a function instead of a global variable.
Could we make some equivalent functions for the other global WordPress objects? Like get_wp_db(), get_wp_filesystem() for example?
Thanking you.
Regards." jdmweb 4.8
Enhancements Awaiting Review 43484 WordPress Notification Center proposal Users normal feature request assigned 2018-03-07T11:48:10Z 2024-03-14T13:06:35Z "For a long time people have been suggesting / daydreaming / [https://twitter.com/Ipstenu/status/966411791134699520 wishing for] a unified notification center in WordPress. People expect it, the notification center has become a staple of almost all apps/sites that have a lot to keep track of - and WordPress definitely fits in that lineup. So there’s no reason not to add one to WordPress core too.
This ticket aims to explore the details of such an implementation. I think clear limitations, a good backwards compatibility strategy and a strong UX are key to make this work for everyone.
Key features:
- One location for all notifications.
- Easy to hook into, should work out of the box.
- Flexible enough to be useful, limited enough to not get a circus.
- Accessible from anywhere.
- Accessible in the a11y sense.
Here’s my first basic idea for notification properties, feel free to chime in:
- A text field, limited to 280 characters, the length of a tweet. Probably wouldn’t want one notification to get so long that it fills up the whole visible sidebar. Links can be added to the text to trigger actions or visit pages, same as now basically.
- A timestamp.
- An icon. Could be the plugin icon, author avatar, or something like a category/message type, like info, warning, question, error, update, stuff like that, to visually distinguish notifications quickly.
- A status, meaning read or unread basically.
- Persist/show as toast. A suggestion by Joen Asmussen. Shows the notification outside the notification center for a set amount of time in a floating div. Similar to what Android/MacOS/Windows does when a notification comes in. Maybe only WordPress itself can throw notices like that. Probably not for MVP anyway.
I created a quick interactive proof-of-concept in Sketch that you can view here.
Desktop: https://sketch.cloud/s/AZz0M/all/notification-center/desktop/play
Mobile: https://sketch.cloud/s/AZz0M/all/notification-center/iphone-8-plus/play
Riad Benguella got excited by this idea and built a basic plugin to test it in your own WordPress install. https://github.com/youknowriad/newtify, and also a previous exploration at https://wordpress.org/plugins/wp-notification-center/. Developing this as a plugin is a great way to explore the best implementation, and any help is more than welcome.
Some discussion points to get this started:
- Can we agree on a set of notification properties that provide a consistent experience and that plugin authors can be happy with?
- Which notification categories can we define, and should it only ever be possible to assign a category, or are plugin authors allowed to supply icons for their own notifications too?
- How best to approach the backwards compatibility so we don’t break (all) existing admin notices? Can some type of conversion be made?
- Is it enough to only show the notifications in the sidebar, or should there be a separate notifications page, maybe with filtering? (Probably not for MVP at least)
- Are there any essential features missing from the list?
" hedgefield dev-feedback
Defects Awaiting Review 41302 WordPress not stopping queries which have reached limit and preventing users to load WordPress until query times out Database normal defect (bug) new 2017-07-13T07:28:09Z 2017-07-14T07:58:38Z "[[Image(Pasted image at 2017_07_13 10_14 AM.png)]]
I have problem with WordPress mysql `max_questions=600, max_updates=600` limit
{{{
User 'id1561843_wp_ac6601cd835d82e22d89d11a3ea228a0' has exceeded the 'max_queries_per_hour' resource (current value: 500)
}}}
After
{{{
wp-db.php:830
}}}
comes timeout.
I suspect that that after limit is reached
{{{
public function set_charset( $dbh, $charset = null, $collate = null ) {
}}}
throws and error.
After that WordPress gets stuck on loading something. And you cannot make any other queries on other browser windows.
Proper script should just kill the query after error that limit has been exceeded." juslintek 4.8
Defects Awaiting Review 51963 WordPress Multisite: Menu Editor Does Not Work In Subsites Menus blocker defect (bug) new 2020-12-08T06:45:05Z 2021-03-02T22:18:58Z "Hello
If you install a fresh WordPress multisite without any plugins, and you create a subsite like mysite.com/site1 and you go to Appearance > Menus in the dashboard of the subsite, you come across the following problems although you do not have such problems with the main site's menu editor:
(I tested with various browsers, various PCs, various OS's, on the latest Wordpress version 5.5.3, a fresh install without any plugins)
1- We cannot add new items:
We can add new pages to the menu, but we cannot add new custom links, posts, categories, etc. to the menu. We can add them easily to the menu of the main site, but not the subsite.
2- We cannot move / rearrange the menu items:
When we click ""edit"" beside a menu item, we do not see the arrangement options such as Move Up / Move Down / Move Under / etc. Those options are available in the main site.
3- Screen Options Button Does not Work:
When we click on Screen Options, the button does not work. It works well on the main site.
" javad2000 5.5.3
Enhancements Awaiting Review 48901 WordPress multisite with subdirectories sites using the same 'Site Title' Networks and Sites normal enhancement new 2019-12-06T10:32:25Z 2019-12-06T10:32:25Z "I want to create a WordPress multisite with subdirectories sites using the same 'Site Title'.
I’ll be implementing an English version, Italian version, Spanish version, and so on.
The URL will be:
mysite.com
mysite.com/it
mysite.com/es
By clicking on 'My Sites', the sites list on the My Sites screen will show the same name. A change in the file my-sites.php may resolve this annoying problem
Instead of:
{{{#!php
userblog_id );
echo '';
echo ""{$user_blog->blogname} "";
$actions = """" . __( 'Visit' ) . ' ';
if ( current_user_can( 'read' ) ) {
$actions .= "" | "" . __( 'Dashboard' ) . ' ';
}
?>
}}}
Would it possible to change as described below ?
{{{#!php
userblog_id );
echo ' ';
if ( count($site_name) == 1 ):
echo ""{$user_blog->siteurl} "";
else:
echo ""{$user_blog->blogname} "";
endif;
$actions = """" . __( 'Visit' ) . ' ';
if ( current_user_can( 'read' ) ) {
$actions .= "" | "" . __( 'Dashboard' ) . ' ';
}
}}}
" simpleform 5.3
Defects Awaiting Review 59556 WordPress Multisite issue - Media files presenting on Google with wrong domain Networks and Sites normal defect (bug) new 2023-10-06T07:32:22Z 2023-10-09T07:52:26Z "Hi WordPress Team,
I have a WordPress Multisite set up with 6 sites. Each site has its own domain name.
I discovered on a google search, that an uploaded media file is incorrectly referenced and basically ""shared"" between domains.
I have google showing a link to a file on site ''#''17, but it is referencing the domain name for site ''#''20.
Google shows:
{{{
https://site20domain/wp-content/uploads/sites/17/filename.pdf
}}}
But it should be showing:
{{{
https://site17domain/wp-content/uploads/sites/17/filename.pdf
}}}
See also attached screenshots.
Thanks
Kind regards,
Regine
" nutsonshells 6.3.1
Defects Awaiting Review 53255 WordPress multisite allows you to delete plugins which are active on some subdomains Plugins critical defect (bug) reopened 2021-05-21T22:40:52Z 2021-05-22T14:56:21Z "Hello,
I remember in the past, WordPress was not allowing you to delete a plugin that is active at least on one website. " denisflorin197 4.6 needs-patch
Defects Awaiting Review 52218 WordPress Multisite 5.5.3 All Plugins set have Auto-Updates Disabled, but they Updated themselves anyway Plugins normal defect (bug) new 2021-01-04T18:44:30Z 2021-01-04T18:58:06Z "Running a WordPress Multisite Installation on Version 5.5.3 at the time of the issue.
All plugins have Auto-Updates DISABLED (I like to run them only when I have time available to troubleshoot in case something goes wrong.)
However, on December 14, 2020 (coincidentally at the same time as the big Google outage) - All 14 of my plugins that had updates available automatically updated themselves, even though I had all auto-updates disabled. This caused my site to get overloaded and go down, which was a big issue since google was also down and made it hard to communicate.
I have since updated to WordPress 5.6, and run other updates manually (core and themes), but I cannot figure out why the plugins auto-updated themselves. I suspect it could be a multisite issue. Some plugins are network activated and others are only activated on one site. The core and themes did NOT auto-update only the plugins updated themselves.
I am very nervous that it could happen again and cause downtime. I need to be able to plan ahead and control the update timing to occur on a slow time of day. Not sure if others with multisite installations have experienced the same.
Thanks!" wellesleyps 5.5.3 has-patch
Defects Awaiting Review 57019 WordPress is now adding underline to all website links except those with a specific class Themes major defect (bug) new 2022-11-07T12:37:12Z 2023-02-17T00:08:07Z "This is now appearing on all our WP sites, and you can see this will cause underlines to appear on all links without the `.wp-element-button` class.
{{{
a:where(:not(.wp-element-button)) {
text-decoration: underline;
}
}}}
" amityweb 6.1
Reporter Feedback / Close 52556 WordPress is adding always Editor normal defect (bug) new 2021-02-17T14:44:45Z 2021-02-23T10:01:41Z "Hello,
This bug is happening only if gutenberg editor is disabled.
Ill try to explain in best way how wordpress is adding this  .
1. Create a new page
1.1 Type a title or without both give same result.
1.2 In content there should be nothing
1.3 Publish
2. After publish try to leave the page editing lest say clicking on dashboard from the menu.
Wordpress will promp asking to save changes.
If you are in visual editor and swap to text editor you will notice that was added.
3. If you click update everytime wordpress will add a new
In inspector i have notice this script
{{{
}}}
If i put a breakpoint and reload the page will return thousandsSeparator undefined
I dont know much about this function and the idea behind it but any ideas how to prevent this would be great.
" snuffybg 5.6.1 reporter-feedback
Enhancements Awaiting Review 48473 WordPress installer should prompt to configure options like comments Upgrade/Install normal enhancement new 2019-10-30T20:15:32Z 2022-02-06T14:09:53Z "It may be useful to prompt users on installation if they want to turn on features e.g. blog comments during installation. My concern is that many newcomers to WordPress may install a site on production and not consider the security and spam implications of leaving comments on. They may only discover the issues later on.
My motivation for the above is that WordPress is used by many non-tech savvy users. Thus any assistance to secure the default installation would be helpful.
Alternatively, consider making blog comments disabled by default." loopy78
Defects Awaiting Review 46136 WordPress install impossible when using symlinks in apache vhost Upgrade/Install normal defect (bug) new 2019-01-29T16:08:58Z 2019-07-27T01:20:50Z "Hello.
Fresh install here. As always, in let's say `/var/www`, I creating directories for my apps. I like to have my apache virtualhost pointed on symlinks, so when I have to swap version, I don't have to restart apache (only have to edit symlinks).
For instance, let's say I have:
{{{
/var/www/myblog_all
/var/www/myblog_all/myblog_wordpress
/var/www/myblog_all/myblog_spip
/var/www/myblog -> /var/www/myblog_all/myblog_wordpress/
}}}
(last line is symlink)
In apache, I have :
{{{
ServerName myblog.com
DocumentRoot /var/www/myblog
}}}
Well, in that case, I cannot install wordpress when acceding to the URL `http://myblog.com`. I'm redirected to `http://myblog.com_all/myblog_wordpress/wp-admin/setup-config.php` (so a 404) !!
Why ? My guess is in the `index.php` file:
{{{#!php
}}} tag for the sake of accessibility (screenreaders etc.) and semantic markup. My blog, for example, is in English, but some of the blogs linked to in my blogroll have foreign-language titles.
WordPress already allows adding tags like {{{}}} in the Title field of new blog posts, presumably for precisely this purpose, so this feature should be made available to the Links editor as well." CRCulver 4.9.2
Defects Awaiting Review 54161 "WordPress destroy iis web.config when using ""location"" config." Rewrite Rules critical defect (bug) new 2021-09-22T15:53:05Z 2021-09-22T15:53:05Z "When wordpress doesn't find rewrite rulres, it tries to add them, and it works correctly.
BUT
If we use the ""location"" in web.config, that allow config to NOT inherit in sub applications, it crashes web.config.
When web.config looks like this:
{{{
}}}
...
wordpress thinks that the ""system.webserver"" is not present, so it append it at the end of the web.config. And, we get a ""500 error"" because that new edited web.config is invalid.
We fixed it temporary by disabling ""write"" access to web.config for our app pool, but you should fix it, and correctly find the ""rewrite rule"" even if it's under the xml path." foxontherock 5.8.1
Defects Awaiting Review 55147 WordPress Designers Stops Working due Incomplete Widget Settings Widgets normal defect (bug) new 2022-02-11T17:06:06Z 2022-02-11T17:35:37Z "I had a theme since wordpress 4 installed, and in some of the recent updates the WordPress Designer Mode was broken (Stops loading with Javascript error).
I finally found the rootcause which is array missing array settings for 2 widget zones in the widget theme config entry.
This was the entry I am talking about:
a:9:{s:19:""wp_inactive_widgets"";N;s:23:""himalayas_right_sidebar"";a:0:{}s:22:""himalayas_left_sidebar"";a:0:{}s:28:""himalayas_front_page_section"";a:0:{}s:32:""himalayas_error_404_page_sidebar"";a:0:{}s:28:""himalayas_footer_sidebar_one"";a:0:{}s:28:""himalayas_footer_sidebar_two"";i:8409;s:30:""himalayas_footer_sidebar_three"";i:8401;s:13:""array_version"";i:3;}
For two zones, the array entry is missng: a:0:{}
I corrected the entry manually in the database and the problem was fixed for me:
a:9:{s:19:""wp_inactive_widgets"";N;s:23:""himalayas_right_sidebar"";a:0:{}s:22:""himalayas_left_sidebar"";a:0:{}s:28:""himalayas_front_page_section"";a:0:{}s:32:""himalayas_error_404_page_sidebar"";a:0:{}s:28:""himalayas_footer_sidebar_one"";a:0:{}s:28:""himalayas_footer_sidebar_two"";a:0:{}i:8409;s:30:""himalayas_footer_sidebar_three"";a:0:{};i:8401;s:13:""array_version"";i:3;}
However there are certain areas where the existence of this Array is not checked causing unexpected errors." deltaray
Defects Awaiting Review 47744 WordPress default galleries do not display properly on Safari 10.1 and possibly other older browsers Gallery minor defect (bug) new 2019-07-20T20:48:07Z 2019-07-25T21:38:27Z "The following thread details the problem: [https://stackoverflow.com/questions/33636796/chrome-safari-not-filling-100-height-of-flex-parent]
Images are nested inside a flex container. The child elements have a height of 100% which does not work on these older browsers such as Safari 10.1. This is because the parent element does not have a set height. So the child element doesn't know what 100% height is. The correct way to do it is to remove the 100% height from everything and use flex throughout the elements.
{{{
.wp-block-gallery .blocks-gallery-image, .wp-block-gallery .blocks-gallery-item {
flex-direction: row;
}
.wp-block-gallery .blocks-gallery-image figure, .wp-block-gallery .blocks-gallery-item figure {
height: auto;
align-items: stretch;
}
.wp-block-gallery.is-cropped .blocks-gallery-image a, .wp-block-gallery.is-cropped .blocks-gallery-image img, .wp-block-gallery.is-cropped .blocks-gallery-item a, .wp-block-gallery.is-cropped .blocks-gallery-item img {
height: auto;
display: flex;
}
.wp-block-gallery .blocks-gallery-image figcaption, .wp-block-gallery .blocks-gallery-item figcaption {
left: 0;
}
}}}
The above CSS fixes the issue and should replace the current CSS.
" billybidley 5.2.2
Defects Awaiting Review 58133 WordPress database error Illegal mix of collations Database major defect (bug) reopened 2023-04-15T00:27:53Z 2023-04-24T14:31:43Z "Please see attached WordPress database error. I have run query in local database to check if those post exists in wp_posts table. But they do not exist anywhere in database, site-content and codebase.
Site Info
PHP version 8.0.25 (Supports 64bit values)
Extension mysqli
Server version 5.7.12
Database charset utf8mb4
Database collation utf8mb4_unicode_520_ci
" varinupadhyay 6.1.1 needs-patch
Reporter Feedback / Close 55361 WordPress database error Deadlock found when trying to get lock on wp_get_global_styles_svg_filters Editor normal defect (bug) new 2022-03-10T07:36:33Z 2023-10-30T16:59:30Z "I don't know where to ask this question but i have these error messages in my log file.
The template just calls wp_body_open after the body tag. I can see a filter is added for body open that renders svg filters in the default_filters.php in wordpress.
https://share.getcloudapp.com/5zuLpONl
https://share.getcloudapp.com/6quZ7Jvz
But how do i get rid of these entries in the error log and where are they coming from? It seems that wordpress is triggering these.
Can you please advice on how to get rid of these messages in the error log
WordPress database error Deadlock found when trying to get lock; try restarting transaction for query DELETE FROM `wp_options` WHERE `option_name` = '_transient_global_styles_svg_filters_champion' made by require('wp-blog-header.php'), require_once('wp-includes/template-loader.php'), include('/themes/champion/template_sections.php'), get_header, locate_template, load_template, require_once('/themes/champion/header.php'), wp_body_open, do_action('wp_body_open'), WP_Hook->do_action, WP_Hook->apply_filters, wp_global_styles_render_svg_filters, wp_get_global_styles_svg_filters, get_transient, delete_option
" BackuPs 5.9.1 close
Defects Awaiting Review, reported against latest stable branch 60106 WordPress Dashboard Weird Administration normal defect (bug) new 2023-12-19T15:24:32Z 2023-12-19T15:24:32Z "[[Image(In my admin dashboard I notice things change URLs to wordpress.com when I click certain things, specifically ""Add new plugin"". When I am there it also tells me certain plugins ""Not Supported"" but I have them installed on others sites so I am very confused as to why this would happen or be the case given we pay for the upgraded version of this entirely.
The URL also switched from my site URL(https://pgcacademy.org/wp-admin/plugin-install.php) to https://wordpress.com/plugins/pgcacademy.org when I am adding plugings, but also for some other things when I click it." iwomack 6.4.2
Defects Awaiting Review 58335 WordPress Dashboard Collapse Menu Transition issue. Administration normal defect (bug) new 2023-05-17T04:37:06Z 2024-01-11T21:01:22Z "Hi
When I collapse the menu it's showing awkward.
See the video: https://d.pr/v/34K9H4
I think this issue should be fixed as soon as possible.
Regards" shuvo52 5.2 needs-patch
Defects Awaiting Review 49995 WordPress creates unnecessary thumbnails Media normal defect (bug) new 2020-04-24T11:44:23Z 2020-04-26T12:09:32Z "Hello,
I think I found a bug in WordPress 5.3 onwards, when **imagick is installed and activated** on the server (PHP 7.3, phpinfo attached).
To reproduce the problem:
1 - in /wp-admin/options-media.php check what sizes are set (defaults are: 1024x1024, 300x300x 150x150)
2 - upload an image with the same size as one of the three, let's say I upload this image https://via.placeholder.com/1024x1024
3 - WordPress uploads the image and generates the following files
1024x1024.png -> original image
1024x1024-1024x1024.png -> SHOULD NOT BE CREATED
1024x1024-768x768.png -> medium_large
1024x1024-300x300.png -> medium
1024x1024-150x150.png -> thumbnail
1024x1024-1024x1024.png should not be generated, it's also bigger than the original (3.5kB vs 6.3kB).
The same thing happens with the other sizes as long as the image size is the same as one of the sizes set in the options.
It doesn't happen on Wordpress 5.2.x and downwards.
To solve the problem imagick must be deactivated, using GD the problem doesn't happen." XXVII 5.4
Defects Awaiting Review 56381 WordPress creates invalid web.config -file Rewrite Rules normal defect (bug) new 2022-08-15T18:12:27Z 2023-01-04T19:00:30Z "When WP creates the web.config file for URL Rewrite, it uses apparently wrong syntax in the file. In the file that WordPress creates, it has this line: {{{ }}} when it should have this: {{{ }}}.
This causes very odd behavior on the site, mainly because of Internal Server Error 500. The weird part is, that all image links that uses the plain name causes that error, but if you add the size to the url (eg. {{{/file.jpg}}} -> {{{file-150x150.jpg}}}) the error goes away and the image loads normally.
Ihad zero plugins installed when this occured. Tried also generating the file multiple times, always the same bug except when using ""Plain"" for url's.
I have Googled a lot, and found that there's many people who's suffering from that exact behavior at least from version 5.6. I do not know if they used IIS (Windows) for hosting, but if the used, then that web.config file is the reason on that case." liskoslayer63 6.0 has-patch
Defects Awaiting Review 46582 WordPress Core Updates: 'Last updated' date not showing correctly Upgrade/Install normal defect (bug) new 2019-03-21T06:44:12Z 2019-03-21T10:33:52Z "For the WordPress Core Updates the date for last search is constantly showing January 1st 1970.
My WordPress version is 5.1.1 in Development Mode." markustippner 5.1 dev-feedback
Defects Awaiting Review 60388 WordPress Core error message in my Website Site Health normal defect (bug) new 2024-01-30T22:00:14Z 2024-01-30T22:45:13Z "Hello,
Can you help me to fix this problem (see below). I tried several fixes but none worked...
Thanks
JP Fernandes
{{{
Fatal error: Uncaught TypeError: Unsupported operand types: string - int in /.../wp-admin/includes/class-wp-site-health.php:2985
Stack trace: #0 /.../wp-admin/includes/class-wp-site-health.php(1764): WP_Site_Health->has_missed_cron()
#1 /.../wp-admin/includes/class-wp-site-health.php(194): WP_Site_Health->get_test_scheduled_events()
#2 /.../wp-admin/includes/class-wp-site-health.php(139): WP_Site_Health->perform_test()
#3 /.../wp-includes/class-wp-hook.php(324): WP_Site_Health->enqueue_scripts()
#4 /.../wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()
#5 /.../public_html/wp-includes/plugin.php(517): WP_Hook->do_action()
#6 /.../wp-admin/admin-header.php(118): do_action()
#7 /.../wp-admin/site-health.php(96): require_once('/.../...')
#8 {main} thrown in /.../wp-admin/includes/class-wp-site-health.php on line 2985
}}}" JPTF
Reporter Feedback / Close 60558 WordPress Core CSS produces error in NU HTML Checker Editor normal defect (bug) new 2024-02-16T08:19:09Z 2024-02-16T10:12:52Z "The WordPress Default Block Library file Produces these types of errors in NU HTML Checker.
File Path:
/wp-includes/css/dist/block-library/style.min.css
I am attaching the screenshot for you to look over.
Screenshot URL:
https://share.cleanshot.com/XTb38NMBGlQPPwCGTqYS" umang7 6.4.3 close
Defects Awaiting Review 46243 WordPress Comments Core Query Comments normal defect (bug) new 2019-02-13T03:48:45Z 2021-03-26T16:16:24Z "Hello,
**Issue:** We have over 400K+ posts and I saw this slow query on any WordPress area on each page.
We had 2M+ comments.
**Question:** This Query is working on all pages on Dashboard or Settings, Plugin section and any sections why does it? It should works on only all Posts list?
**Solution:** I have noticed that Header Bar has Comments Icon and that has displayed the Pending Comments count. I have tried to disable it via custom Filter for following.
{{{
function admin_bar_remove_comments(){
global $wp_admin_bar;
$wp_admin_bar->remove_menu('comments');
}
add_action( 'wp_before_admin_bar_render', 'admin_bar_remove_comments' );
}}}
**Slow Query:**
{{{
SELECT comment_approved, COUNT( * ) AS total
FROM wp_comments
GROUP BY comment_approved
}}}
**Environment Information:**
WP Version 5.0.3 (also tested 4.9.8)
Theme: Twenty Seventeen (other themes)
Plugins: Query Monitor
Thanks." Uranbold 5.0.3 dev-feedback
Defects Awaiting Review 52305 WordPress Classic & Gutenberg Editor - ENTER key casing Textarea View Position To Jump Editor normal defect (bug) new 2021-01-15T11:10:01Z 2021-02-09T20:12:24Z "Steps to reproduce: (on Windows 10 x64, Chrome latest browser version)
1) Install latest and greatest WordPress*
- with ""2021"" theme as active (theme is irrelevant, actually)
- absolutely no plugins should be active EXCEPT WordPress Classic Editor: **wordpress.org/plugins/classic-editor/**
* NOTE: exact/latest WP version is not actually relevant, either, because this bug is an ongoing issue for at least a 6-12 months now - can't say for sure - it's just that I finally found the time to investigate it on a clean fresh system.
- Activate plugin, switch to **Classic Editor** mode for new posts, and switch from **Visual** to **Text** input mode (this is very important!).
2) Create new post in Text mode
- Simply copy-paste provided demo html text (demo lorem ipsum text with sufficient length should be used, to provide enough ""page scroll"" or reduce browser's window width to approx 1200 pixels to emulate older laptop computer) + add some h3 tags (for easier orientation, as long as you do not scroll all the way down to the end of the text, but position mouse cursor to the end of a paragraph somewhere in the middle you should be able to reproduce this bug.
- save the post
- now edit the post (it is best to activate DevTools and disable browser caching just to be sure everything is freshly loaded every time)
- when you **position mouse cursor somewhere in the middle** of the article **at the end of a paragraph or html element** and hit **ENTER** key on the keyboard (to create new paragraph line), Editor will jump its position and text will completely shift outside visible area to the top!
This is a bug that exists for about a year or so and it is very annoying (to say at least), particularly to us who are used to work directly with html tags in Text mode.
Bug seems to originate in TinyMCE editor's scroll function that is triggered when we hit Enter key (according to debugger). It uses math function to calculate position of the top toolbar with commands. (?)
See provided video recording to visualize the bug itself. Sometimes it may not occur, but try to repeat it again, and it should reproduce.
I would likely to know if there's an easy fix for this. Thanks!" Darko A7
Enhancements Awaiting Review 42455 WordPress Class methods and Single Responsibility (recent posts widgets) Widgets normal enhancement new 2017-11-07T13:24:34Z 2022-09-22T09:16:05Z "WordPress uses PHP Classes a lot and this is great for extending and improving. The problem is, many class methods does a lot of things at once and this doesn't help extending at all.
For instance, I'm trying to extend the Recent Posts Widget (`WP_Widget_Recent_Posts`).
The plugin has it's internal settings and logic, query posts and apply filters.
I want to change it's render method, but just that. Don't want to mess with the plugin logic.
The problem is, the render method (`widget` method) does a lot of things instead of focusing only on rendering. This forces me to copy every logical actions and reproduce them on my extending class.
This could be solved by just splitting the plugin logic and rendering in separated functions (an function to get the posts and filters, separated from the `widget` function).
This would improve a lot the WordPress extending by plugins and themes. If we apply the single responsibility principle on WordPress classes and functions, plugins wouldn't need to have much more code.
Another point: this enhancement wouldn't impact old plugins/themes if the functions signatures keep the same." viewup 4.9.8 dev-feedback
Enhancements Awaiting Review 59148 WordPress CDN/Mirror plugins/themes... General normal feature request new 2023-08-19T04:16:53Z 2023-08-19T04:16:53Z "Hello.
Does the wordpress theme and plugin repository have a distributed CDN/Mirrors system?
We are a cloud hosting service provider in Vietnam.
Our customers 90% use wordpress. And when connecting to wordpress to download, update, and get plugin/theme information, the connection is often lost.
Because our country VN has a connection to the international or interrupted.
Don't know if WordPress.org has distributed servers to download data?" tranbinhcse
Defects Awaiting Review 60421 WordPress Build Artifact Zip File Empty On Windows Build/Test Tools normal defect (bug) new 2024-02-02T06:19:20Z 2024-02-02T06:19:20Z "I downloaded `wordpress-build-5996.zip` from https://github.com/WordPress/wordpress-develop/actions/runs/7749179532 but although the file is 45MB, it's empty when I open it in Windows Explorer on Windows 10 Pro (Version 10.0.19045 Build 19045).
When I open it via 7-zip it opens successfully, as expected, so perhaps there is an issue with the zip file format being used (ie it's a format Windows can't read?). I'm not having the same trouble with zip files from other sources.
I recorded a 30 second screencast showing this here: https://envato.d.pr/v/UU0s9p/eaBDuOycbf
Please let me know if I can provide any further information. Thanks.
" StephenCronin
Defects Awaiting Review 59565 WordPress Block Editor Tag Limit Bug Editor normal defect (bug) new 2023-10-09T05:43:31Z 2023-10-25T03:43:50Z "Hi, WordPress mentioned there is no tag limit on its platform. But, Block editor wont take any tags above 200. On adding more tags above 200, it will add the tag but then remove the last tag in alphabetical order.
On installing classic editor plugin, the issue is resolved. Looks like there is no limit in classic editor.
Can this bug be resolved on block editor of wordpress? Thanks
" prowp7 6.3.2
Reporter Feedback / Close 48260 WordPress beta 5.3 - Unable to type Password when I login.... Login and Registration normal defect (bug) new 2019-10-08T17:02:50Z 2019-10-14T05:18:36Z I'm unable to type anything at the password field at WordPress 5.3-beta2-46428 william13110 5.3 reporter-feedback
Defects Awaiting Review 56844 WordPress Autoupdate Email Showing Incorrect Site Name with URL Upgrade/Install normal defect (bug) new 2022-10-18T14:36:06Z 2022-10-18T17:16:54Z "I develop websites for clients, and they're hosted on a staging site (staging.domain.com). After logging onto one of the sites today to work on a client's website, I got an email pinged to me, where it's title and URL didn't match.
To give you an example, the email is in this format.
{{{
Title: [Client 1] Your site has updated to WordPress 6.0.3
Body: Howdy! Your site at https://staging.domain.com/client2 has been updated automatically to WordPress 6.0.3.
No further action is needed on your part. For more on version 6.0.3, see the About WordPress screen:
https://staging.domain.com/client2/wp-admin/about.php
If you experience any issues or need support, the volunteers in the WordPress.org support forums may be able to help.
https://wordpress.org/support/forums/
You also have some plugins or themes with updates available. Update them now:
https://staging.domain.com/client2/wp-admin/
}}}
When it should be
{{{
Title: **[Client 2]** Your site has updated to WordPress 6.0.3
Body: Howdy! Your site at https://staging.domain.com/client2 has been updated automatically to WordPress 6.0.3.
No further action is needed on your part. For more on version 6.0.3, see the About WordPress screen:
https://staging.domain.com/client2/wp-admin/about.php
If you experience any issues or need support, the volunteers in the WordPress.org support forums may be able to help.
https://wordpress.org/support/forums/
You also have some plugins or themes with updates available. Update them now:
https://staging.domain.com/client2/wp-admin/
}}}
Going to other clients gets the URL correct upon upgrading, but the title is incorrect.
I've checked the database(s) to see if Client 1's name appeared in Client 2's database, but it doesn't. I've also cleared caching (it's hosted with Siteground), but it seems to not be the case." rhyswynne 6.0.3
Defects Awaiting Review 60142 wordpress api not returns category descriptions in embedded data of post General normal defect (bug) new 2023-12-22T19:40:07Z 2024-02-15T16:27:04Z Hello. Can you please add a feature to rest api,which allow return not only category id and name,but also description. Because for now for each category of post it not returns description (i mean when we using embedded feature),so to get it we should do additional request using id of category,but i want to have description of each category of post immediately. If it exists,can you please send example of query,which returns not only category id and name,but description too. If this not implemented,can you please implement this in new versions of wordpress. Thank you very much for your help. sashakozlovskiy
Defects Awaiting Review, reported against latest stable branch 56410 WordPress API error when trying to add tags Editor critical defect (bug) new 2022-08-20T03:49:31Z 2024-02-07T17:05:11Z "In this video- https://www.loom.com/share/6671fc834c624e37940ba9ecf0398389 you can see that, even with all plugins deactivated and with a default theme, there is an error whenever we tried to add a new tag. As you can see in the video, there is a 400 server error related to the WordPress API.
Maybe it is showing due to - WordPress API error when trying to add tags that already exist to a existing post or within site.
I’ve run into an error in the browser console whenever I try to add tags (that already exist on the site) to a post. I’ve managed to reproduce this on a completely new site.
To reproduce this, please try the following steps:
1) Create a few tags (around 5-6) under Posts > Tags.
2) Create a new post.
3) With the browser console open, start adding your tags to the new post.
4) You should see a 400 Bad Request error for /wp-json/wp/v2/tags?_locale=user
I was able to reproduce this error on a completely new WordPress 6.0.1 install.
We then tried to reproduce this issue on a completely new WordPress installation with no plugins and we managed to reproduce this problem. It looks like this is a problem in WordPress core and not in a plugin. The error seems to be triggered only when you try to add a tag that already exists on the site." fanmerch2016 6.4.2
Enhancements Awaiting Review 52384 WordPress API - Add Limit / Block API Access Features REST API normal feature request new 2021-01-27T15:36:19Z 2021-01-27T15:53:27Z "Hi,
WordPress API is powerful tool, but many users don't actually need or want it. While we can disable it using 3rd party plugins, I believe that basic features to limit access to API via specific/custom tokens, custom users, logged-in (authenticated) users, IP address(es) or CIDR ranges and so on -- should be provided in-core. Yes, yes I know we can achieve it via plugins, but they are not always best way to do it, and sometimes they have bugs, do not pass other internal plugins that actually use API (e.g. CF7) which may create problems, and so on.
What do you think?
Thanks" Darko A7
Defects Awaiting Review 55008 WordPress Admin slow since update to 5.9. General normal defect (bug) new 2022-01-31T13:28:34Z 2022-02-03T22:07:54Z The admin area is markedly slower than before the update from 5.8 to 5.9. This is noticeable with and without any plugins active. The problem doesn't appear to be on the same screen all the time. We have also been warned by the hosting company that the load on one of the sites has suddenly increased; also occurring at irregular times. (See screenshot as an example.) markhowellsmead 5.9
Defects Awaiting Review 54568 WordPress admin overwrite JS history.state General normal defect (bug) new 2021-12-03T12:44:22Z 2022-01-03T21:30:15Z "WordPress admin is injecting a piece of javascript at runtime (https://developer.wordpress.org/reference/functions/wp_admin_canonical_url/) that prevent accessing history.state. This is annoying because you cannot use {{{history.pushState()}}} and {{{history.replaceState()}}} functions properly in javascript.
Reproduce the bug:
1. Navigate to any wp admin page and open the browser developer console
2. Enter {{{window.history.replaceState({name: ""hello""}, null)}}} in console
3. Navigate to any other page
4. Go back and enter {{{history.state // result -> null}}}
Problem:
The code overwrites any history.state with {{{null}}} value:
{{{
window.history.replaceState( null, null, document.getElementById( 'wp-admin-canonical' ).href + window.location.hash );
}}}
Solution:
Replace {{{null}}} value by {{{window.history.state}}} (which also default to null):
{{{
window.history.replaceState( window.history.state, null, document.getElementById( 'wp-admin-canonical' ).href + window.location.hash );
}}}
The fix is very easy and has no side effect." maximeschoeni has-patch
Enhancements Awaiting Review 55075 WordPress admin bar does not contain a link to the Customizer Toolbar minor enhancement new 2022-02-04T11:14:26Z 2022-02-08T16:28:01Z "It would be nice to have a link to the Customizer in the WordPress admin bar. This will help quickly accessing that page.
This link is already visible on the frontend, but is absent in the admin." justinahinon 4.3
Defects Awaiting Review, reported against latest stable branch 60145 WordPress <= 6.4.2 is vulnerable to Server Side Request Forgery (SSRF) XML-RPC normal defect (bug) new 2023-12-23T07:57:45Z 2024-02-15T06:55:11Z "After installing the WordPress. I have got this. Please fix it on the core or provide a temporary solution.
This vulnerability affects all WordPress core versions, and at this point is not something that is likely to be fixed anytime soon. This vulnerability is of low severity and has no meaningful impact on the average site.
Simon Scannell & Thomas Chauchefoin discovered and reported this Server Side Request Forgery (SSRF) vulnerability in WordPress. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information of other services running on the system. This vulnerability has not been known to be fixed yet." fahimmurshed 6.4.2
Defects Awaiting Review 53973 WordPress <= 5.8 - Authenticated Persistent XSS (User role name) Security normal defect (bug) new 2021-08-21T01:03:21Z 2022-12-23T12:29:58Z "Hi there,
First of all, I need to mention this (as requested by @ehtis / H1):
>When creating the ticket, please mention in it that the security team has evaluated this and asked you to open a public ticket for discussion.
\\
== Intro:
In versions of WordPress, including the latest v5.8, it's possible to inject malicious JavaScript code in the name (`$display_name`, `$details['name']`) of any user role.
This vulnerability could be used to infect a website with malicious code or to keep a backdoor for future exploitations. Not all security plugins will detect such injections, cause adding or editing any user role is a legitimate process and all data is stored in the DB.
Important to note that the functionality of adding custom roles is available in many plugins and themes, some of which aren't properly protected from CSRF attacks. Given this vulnerability, such attack vectors can be combined to successfully compromise a website.
\\
== Impact:
Malicious JavaScript code injections, the ability to combine attack vectors against the targeted system, which can lead to a complete compromise of the resource.
\\
== Steps To Reproduce:
1. Use attached PoC plugin (this is the fastest way to reproduce the JS injection) or use this code in any PHP file on your WordPress website:
{{{
#!php
add_role( 'hacker', __( 'Hacker' ), array( 'read' => true, 'edit_posts' => true ) );
}}}
2. Activate the plugin (you can turn it off right away cause we don't need it anymore - our custom user role will be already injected). Our new role will appear in the database like this:
{{{
s:5:""hacker"";a:2:{s:4:""name"";s:37:""Hacker"";s:12:""capabilities"";a:2:{s:4:""read"";b:1;s:10:""edit_posts"";b:1;}}
}}}
3. After that injected payload will be triggered on many pages inside the dashboard, f.e.: /wp-admin/users.php | /wp-admin/profile.php | /wp-admin/options-general.php etc. In my PoC plugin there will be a simple alert window.
\\
== Additional Information:
Another way to add custom user role is by using plugin, f.e. '''uListing''' [https://ru.wordpress.org/plugins/ulisting/ulisting.2.0.4.1.zip v2.0.4.1] (CSRF scenario):
{{{
POST /wp-admin/admin-ajax.php HTTP/2
Host: example.com
Cookie: [admin cookies]
User-Agent: Mozilla/5.0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 925
action=stm_save_user_roles&roles%5B0%5D%5Bis_delete%5D=0&roles%5B0%5D%5Bname%5D=Visse%3Cscript%3Ealert(%2FVisse%2F)%3B%3C%2Fscript%3E&roles%5B0%5D%5Bslug%5D=visse&roles%5B0%5D%5Bcapabilities%5D%5Bdefault%5D=1&roles%5B0%5D%5Bcapabilities%5D%5Blisting_limit%5D=1553&roles%5B0%5D%5Bcapabilities%5D%5Blisting_moderation%5D=1&roles%5B0%5D%5Bcapabilities%5D%5Bstm_listing_role%5D=1&roles%5B0%5D%5Bcapabilities%5D%5Ballow_delete_listings%5D=0&roles%5B0%5D%5Bcapabilities%5D%5Bcomment%5D=1&roles%5B1%5D%5Bis_delete%5D=0&roles%5B1%5D%5Bname%5D=Hacker%3Cscript%3Ealert(%2FHacker%2F)%3B%3C%2Fscript%3E&roles%5B1%5D%5Bslug%5D=hacker&roles%5B1%5D%5Bcapabilities%5D%5Bdefault%5D=1&roles%5B1%5D%5Bcapabilities%5D%5Blisting_limit%5D=1337&roles%5B1%5D%5Bcapabilities%5D%5Bcomment%5D=1&roles%5B1%5D%5Bcapabilities%5D%5Blisting_moderation%5D=0&roles%5B1%5D%5Bcapabilities%5D%5Bstm_listing_role%5D=1&roles%5B1%5D%5Bcapabilities%5D%5Bis_open%5D=1
}}}
\\
== Possible solution:
File: /wp-includes/class-wp-roles.php, line 162:
`'name' => $display_name,` change to `'name' => strip_tags( $display_name ),`.
\\" visse dev-feedback
Reporter Feedback / Close 60662 "WordPress 6.5-beta3-57738 - Full Site Editor breaks after installing ""Contact Form 7""" Editor normal defect (bug) new 2024-02-29T22:38:04Z 2024-03-01T07:48:57Z "Hi- I am using WordPress 6.5-beta3-57738 running Twenty Twenty-Four CHILD theme.
I ran into an issue after installing Contact Form 7 plugin where the site editor breaks as shown in the attached images.
BEFORE-INSTALLING-CONTACT-FORM-7-PLUGIN
https://emailmarketing.capstonebpo.com/wp-content/uploads/2024/02/before-installing-contact-form-7.jpg
AFTER-INSTALLING-CONTACT-FORM-7-PLUGIN
https://emailmarketing.capstonebpo.com/wp-content/uploads/2024/02/after-installing-contact-form-7.jpg
Rajesh" capstonebpo trunk reporter-feedback
Reporter Feedback / Close 59911 WordPress 6.4 changes the font-face generation using wrong fontFamily attribute from theme.json preset Themes normal defect (bug) new 2023-11-15T10:25:18Z 2023-12-18T22:08:55Z "For various reasons, I used to declare font families in theme.json as follows:
{{{
""fontFamilies"": [
{
""fontFamily"": ""var(--font-primary)"",
""name"": ""Primary (Halcom)"",
""slug"": ""primary"",
""fontFace"": [
{
""fontFamily"": ""Halcom Variable"",
""fontStretch"": ""normal"",
""fontStyle"": ""normal"",
""fontWeight"": ""500 700"",
""src"": [""file:./assets/fonts/halcom/Halcom-VariableFont_slnt,wght.woff2""]
}
]
},
{
""fontFamily"": ""var(--font-secondary)"",
""name"": ""Secondary (Oskar)"",
""slug"": ""secondary"",
""fontFace"": [
{
""fontFamily"": ""Oskar"",
""fontStretch"": ""normal"",
""fontStyle"": ""normal"",
""fontWeight"": ""700"",
""src"": [""file:./assets/fonts/oskar/Oskar-One-Bold.woff2""]
}
]
}
],
}}}
Before WordPress 6.4, the result of the generated font-face was as follows:
{{{
@font-face{font-family:""Halcom Variable"";font-style:normal;font-weight:500 700;font-display:fallback;src:url('https://test.com/app/themes/my-theme/assets/fonts/halcom/Halcom-VariableFont_slnt,wght.woff2') format('woff2');font-stretch:normal;}
@font-face{font-family:Oskar;font-style:normal;font-weight:700;font-display:fallback;src:url('https://test.com/app/themes/my-theme/assets/fonts/oskar/Oskar-One-Bold.woff2') format('woff2');font-stretch:normal;}
}}}
Since WordPress 6.4, the generated font-face is as follows:
{{{
@font-face{font-family:var(--font-primary);font-style:normal;font-weight:500 700;font-display:fallback;src:url('http://test.local/app/themes/my-theme/assets/fonts/halcom/Halcom-VariableFont_slnt,wght.woff2') format('woff2');font-stretch:normal;}
@font-face{font-family:var(--font-secondary);font-style:normal;font-weight:700;font-display:fallback;src:url('http://test.local/app/themes/my-theme/assets/fonts/oskar/Oskar-One-Bold.woff2') format('woff2');font-stretch:normal;}
}}}
It seems that the wrong ""fontFamily"" attribute, the one of the preset, is now used as font-family property value inside font-face declaration (in the new wp-includes/fonts/class-wp-font-face.php). Is there a specific reason for this?
As for all other font size or spacing preset values, it should be possible to reference another CSS variable in font families too. It may be necessary to inject variables from a third-party framework into the theme.json, as in my first example. IMO I think that the value of the preset and its ""fontFamily"" attribute should be able to be different from the ""fontFamily"" value to be used in the font-face, as was the case before 6.4.
" alexandrebuffet 6.4 close
Defects Awaiting Review 59093 WordPress 6.3 and Featured Image Resize Problem Post Formats normal defect (bug) new 2023-08-13T12:59:49Z 2023-08-13T13:06:08Z "Hello,
After installing WordPress 6.3, we realized that we have an important problem. The images we upload as Featured are cropping.This can seriously affect our site traffic. How can we prevent this from happening? Our featured images are all high resolution, but they appear as 1200px in Google results.
We have been using add_filter( 'big_image_size_threshold', '__return_false' ); since day one. Also in media settings all resolution values are set to 0px. But despite this, after WP 6.3, all our images started to be indexed as 1200px.
An image that is normally 3000px is now indexed at 1200px: https://ibb.co/YyrRKwV
" ungowp
Defects Awaiting Review 58243 WordPress 6.2 duplicating images on upload Upload normal defect (bug) reopened 2023-05-03T13:09:07Z 2023-05-04T13:51:03Z "Wordpress 6.2 seems to have an issue with the uploads of large images. It duplicates or even triplicates the same uploaded image (appending the usual -1, -2 to the name of the file).
This happens both in the new post screen and the library section. When the same image is replicated, only the last one is really ""processed"" (e.g. thumbnails and ""-scaled"" version generated). Just as note, I tried turning off the generation of the scaled version with no luck.
The issue presented itself on a production site after upgrading to 6.2 and I can confirm that rolling back to WP 6.1 ""resolved"" it. I successfully replicated the same issue on a freshly deployed 6.2 installation.
I'm attaching the test image used to replicate the issue.
Server info:
`
### wp-core ###
version: 6.2
site_language: en_US
user_language: en_US
timezone: +00:00
permalink: /%postname%/
https_status: false
multisite: false
user_registration: 0
blog_public: 1
default_comment_status: open
environment_type: production
user_count: 1
dotorg_communication: true
### wp-paths-sizes ###
wordpress_path: /home/runcloud/webapps/app-ondricka
wordpress_size: 50.25 MB (52685903 bytes)
uploads_path: /wp-content/uploads
uploads_size: 130.27 MB (136601927 bytes)
themes_path: /wp-content/themes
themes_size: 12.35 MB (12951623 bytes)
plugins_path: /wp-content/plugins
plugins_size: 3.23 MB (3390376 bytes)
database_size: 2.30 MB (2408448 bytes)
total_size: 198.40 MB (208038277 bytes)
### wp-active-theme ###
name: Twenty Twenty-Three (twentytwentythree)
version: 1.1
author: the WordPress team
author_website: https://wordpress.org
parent_theme: none
theme_features: core-block-patterns, post-thumbnails, responsive-embeds, editor-styles, html5, automatic-feed-links, block-templates, widgets-block-editor
theme_path: /wp-content/themes/twentytwentythree
auto_update: Disabled
### wp-themes-inactive (2) ###
Twenty Twenty-One: version: 1.8, author: the WordPress team, Auto-updates disabled
Twenty Twenty-Two: version: 1.4, author: the WordPress team, Auto-updates disabled
### wp-plugins-inactive (3) ###
Akismet Anti-Spam: version: 5.1, author: Automattic, Auto-updates disabled
Hello Dolly: version: 1.7.2, author: Matt Mullenweg, Auto-updates disabled
LiteSpeed Cache: version: 5.4, author: LiteSpeed Technologies, Auto-updates disabled
### wp-media ###
image_editor: WP_Image_Editor_Imagick
imagick_module_version: 1690
imagemagick_version: ImageMagick 6.9.10-23 Q16 x86_64 20190101 https://imagemagick.org
imagick_version: 3.7.0
file_uploads: File uploads is turned off
post_max_size: 256M
upload_max_filesize: 256M
max_effective_size: 256 MB
max_file_uploads: 20
imagick_limits:
imagick::RESOURCETYPE_AREA: 122 MB
imagick::RESOURCETYPE_DISK: 1073741824
imagick::RESOURCETYPE_FILE: 786432
imagick::RESOURCETYPE_MAP: 512 MB
imagick::RESOURCETYPE_MEMORY: 256 MB
imagick::RESOURCETYPE_THREAD: 1
imagick::RESOURCETYPE_TIME: 1.844674407371E+19
imagemagick_file_formats: 3FR, 3G2, 3GP, AAI, AI, ART, ARW, AVI, AVS, BGR, BGRA, BGRO, BIE, BMP, BMP2, BMP3, BRF, CAL, CALS, CANVAS, CAPTION, CIN, CIP, CLIP, CMYK, CMYKA, CR2, CRW, CUR, CUT, DATA, DCM, DCR, DCX, DDS, DFONT, DNG, DPX, DXT1, DXT5, EPDF, EPI, EPS, EPS2, EPS3, EPSF, EPSI, EPT, EPT2, EPT3, ERF, FAX, FILE, FITS, FRACTAL, FTP, FTS, G3, G4, GIF, GIF87, GRADIENT, GRAY, GRAYA, GROUP4, H, HALD, HDR, HISTOGRAM, HRZ, HTM, HTML, HTTP, HTTPS, ICB, ICO, ICON, IIQ, INFO, INLINE, IPL, ISOBRL, ISOBRL6, JBG, JBIG, JNG, JNX, JPE, JPEG, JPG, JPS, JSON, K25, KDC, LABEL, M2V, M4V, MAC, MAGICK, MAP, MASK, MAT, MATTE, MEF, MIFF, MKV, MNG, MONO, MOV, MP4, MPC, MPEG, MPG, MRW, MSL, MTV, MVG, NEF, NRW, NULL, ORF, OTB, OTF, PAL, PALM, PAM, PATTERN, PBM, PCD, PCDS, PCL, PCT, PCX, PDB, PDF, PDFA, PEF, PES, PFA, PFB, PFM, PGM, PGX, PICON, PICT, PIX, PJPEG, PLASMA, PNG, PNG00, PNG24, PNG32, PNG48, PNG64, PNG8, PNM, PPM, PREVIEW, PS, PS2, PS3, PSB, PSD, PTIF, PWP, RADIAL-GRADIENT, RAF, RAS, RAW, RGB, RGBA, RGBO, RGF, RLA, RLE, RMF, RW2, SCR, SCT, SFW, SGI, SHTML, SIX, SIXEL, SPARSE-COLOR, SR2, SRF, STEGANO, SUN, TEXT, TGA, THUMBNAIL, TIFF, TIFF64, TILE, TIM, TTC, TTF, TXT, UBRL, UBRL6, UIL, UYVY, VDA, VICAR, VID, VIFF, VIPS, VST, WBMP, WEBP, WMV, WPG, X, X3F, XBM, XC, XCF, XPM, XPS, XV, XWD, YCbCr, YCbCrA, YUV
gd_version: bundled (2.1.0 compatible)
gd_formats: GIF, JPEG, PNG, WebP, BMP, XPM
ghostscript_version: 9.50
### wp-server ###
server_architecture: Linux 5.15.0-58-generic x86_64
httpd_software: LiteSpeed
php_version: 7.4.33 64bit
php_sapi: litespeed
max_input_variables: 1000
time_limit: 30
memory_limit: 256M
max_input_time: 60
upload_max_filesize: 256M
php_post_max_size: 256M
curl_version: 7.68.0 OpenSSL/1.1.1f
suhosin: false
imagick_availability: true
pretty_permalinks: true
htaccess_extra_rules: true
### wp-database ###
extension: mysqli
server_version: 10.4.28-MariaDB-1:10.4.28+maria~ubu2004-log
client_version: mysqlnd 7.4.33
max_allowed_packet: 16777216
max_connections: 100
### wp-constants ###
WP_HOME: undefined
WP_SITEURL: undefined
WP_CONTENT_DIR: /wp-content
WP_PLUGIN_DIR: /wp-content/plugins
WP_MEMORY_LIMIT: 40M
WP_MAX_MEMORY_LIMIT: 256M
WP_DEBUG: false
WP_DEBUG_DISPLAY: true
WP_DEBUG_LOG: false
SCRIPT_DEBUG: false
WP_CACHE: false
CONCATENATE_SCRIPTS: undefined
COMPRESS_SCRIPTS: undefined
COMPRESS_CSS: undefined
WP_ENVIRONMENT_TYPE: Undefined
DB_CHARSET: utf8
DB_COLLATE: undefined
### wp-filesystem ###
wordpress: writable
wp-content: writable
uploads: writable
plugins: writable
themes: writable
`" cptjump 6.2
Reporter Feedback / Close 58032 WordPress 6.2 breaks post edit screens in Safari 13 Editor normal defect (bug) new 2023-03-31T10:44:51Z 2023-04-01T22:09:12Z "After updating to 6.2, post edit screens are white screen in Safari 13.1.2.
Many block editor related JS errors in the Console, see attached screenshot.
Version 6.1.1 was working fine, I could work in the code editor without issues.
I fully expect this ticket to get cancelled because of older Safari version. But my mac does not go beyond High Sierra, so this is it then for older Macs and Safari.
I have a slight hope the errors are fixable.
" rembem 6.2 reporter-feedback
Defects Awaiting Review 57072 WordPress 6.1 uses wrong database collation Database normal defect (bug) new 2022-11-11T10:35:00Z 2022-11-11T10:35:00Z "After upgrade to WordPress 6.1 some plugins started reporting ""WordPress database error Illegal mix of collations (utf8mb4_unicode_520_ci,IMPLICIT) and (utf8mb4_unicode_ci,IMPLICIT)"". See: https://wordpress.org/support/topic/database-error-after-upgrade-to-wordpress-6-1/
It seems that WordPress 6.1 wrongly detects database collation. This is probably related to #54841.
Database section of the Site Health page (/wp-admin/site-health.php?tab=debug) displays:
{{{
Database charset utf8mb4
Database collation utf8mb4_unicode_520_ci
}}}
Eariler versions displayed correct one:
{{{
Database charset utf8mb4
Database collation utf8mb4_unicode_ci
}}}
Database collation should be utf8mb4_unicode_ci per server and database configuration:
{{{
MariaDB [(none)]> SHOW VARIABLES LIKE '%_server' ;
+----------------------+--------------------+
| Variable_name | Value |
+----------------------+--------------------+
| character_set_server | utf8mb4 |
| collation_server | utf8mb4_unicode_ci |
+----------------------+--------------------+
2 rows in set (0.002 sec)
MariaDB [(none)]> USE wordpress;
Database changed
MariaDB [wordpress]> SELECT @@character_set_database, @@collation_database;
+--------------------------+----------------------+
| @@character_set_database | @@collation_database |
+--------------------------+----------------------+
| utf8mb4 | utf8mb4_unicode_ci |
+--------------------------+----------------------+
1 row in set (0.000 sec)
}}}
Server version: 10.6.10-MariaDB-log
Having {{{define('DB_COLLATE', '');}}} in wp-config.php.
Using {{{define( 'DB_COLLATE', 'utf8mb4_unicode_ci' );}}} did not fix the issue, nor changed collation information in Database section of the Site Health page." Krstarica 6.1
Defects Awaiting Review 55597 WordPress 6.0-beta2-53224 not creating .htaccess Permalinks critical defect (bug) assigned 2022-04-21T10:58:53Z 2022-05-24T18:46:49Z "on my development site (Plesk Obsidian, Centos 7.9) a fresh installed latest WP 6.0 beta2 does not create an .htaccess file at all.
Steps:
- wordpress-6.0-beta2.zip does not contain .htaccess
- unzipped and uploaded to site
- domain opened in browser
- run set up process until login
- no .htaccess created
- table wp_options 'permalink_structure' contains ""/index.php/%year%/%monthnum%/%day%/%postname%/""
- login as admin
- selecting a permalink structure and saving on /wp-admin/options-permalink.php
- table wp_options 'permalink_structure' contains ""/%postname%/"" as expected
- no .htaccess created
- repeated saving of permalink structure does not help to create .htaccess
- no entry in debug.log
- as to be expected: permalinks not working in front end
- only solution: create a basic .htaccess manually
To me this seems a severe bug.
Found this while testing one of my plugins on WP 6.0 before updating it to plugin repository
Chris
PS: no answer required
" campation 6.0 needs-patch
Defects Awaiting Review 56387 WordPress 5.9.3 to WordPress 6.0.1: Front page has been replaced by my latest posts Upgrade/Install normal defect (bug) new 2022-08-16T01:59:20Z 2022-08-16T02:00:13Z "I tried to upgrade my WordPress instance from WordPress 5.9.3 to WordPress 6.0.1 but the home page has been replaced by the latest posts.
I have checked Settings > Reading in the admin console. but nothing changed there
I went back to the 5.9.3 wordpress files (without changing the DB) It works like a charm.
What happens with 6.0.1? How can I fix that?
Thanks
" mapi3
Defects Awaiting Review 55585 WordPress 5.9 wp-container styles introduce Cumulative Layout Shift Themes normal defect (bug) new 2022-04-18T06:05:00Z 2022-04-20T01:30:36Z "I'm using the latest stable WordPress version and Generatepress theme which doesn't support the newest fullsite block editing and templates (like the majority of themes right now).
I understand that the new `wp-container-NUMBER` styles were added to allow better customization. But in the current implementation they’re cumbersome, repetative and introduce Cumulative Layout Shift.
First of all, repetative styles are not being bundled together. Styles are being defined even if they'll never be used (I don't have tags that use `alignleft` or `alignright` in those blocks). And it makes no point in defining tags if they have default values.
Default Gutenberg container block (at least for me) doesn't even have an option to change margins for child elements.
{{{
}}}
So a better output would be:
{{{
}}}
Or even no output at all, since those are default values.
Now to the topic of Cumilative Layout Shift. Currently `wp-container` inline styles are being output in the `wp_footer` action unless user theme supports newest templates feature. This results in the following behaviour during the loading (Default Social Block as an example):
[[Image(https://i.ibb.co/kmCtVVC/2-Annotation-2022-04-18-070146.png)]]
And after page is fully loaded it looks like it's intented to be:
[[Image(https://i.ibb.co/v3smntX/1-Annotation-2022-04-18-070139.png)]]
Those styles either should be output in the `wp_head` action or right before block tags." rinart73 5.9
Defects Awaiting Review 54424 WordPress 5.8.2 Bug PHP 8 General blocker defect (bug) new 2021-11-11T19:54:39Z 2021-11-12T13:49:32Z "Hi,
i write to you because i see that there is a bug with wordpress 5.8.2 that not working with php 8, so i put the php version to 7.4. when i use php 8 wordpress show me 503 error, i use Avada theme, but i also have other site with other theme i see the same problem... can you fix it? thanks" yaggio94 5.8.1
Defects Awaiting Review 53755 WordPress 5.8 DatePicker component crashes Date/Time blocker defect (bug) new 2021-07-22T21:28:13Z 2021-07-30T16:02:39Z "when using the DatePicker component in the editor, try to change the month to input a different date. WP will crash and the error in the console is TypeError: t.onMonthPreviewed is not a function
I noticed in an article ""Whats new in Gutenberg 10.9"" from June of this year that bug # 31751 fix addresses this. I'm NOT using the gutenberg plugin, rather what comes with WordPress. This was not an issue in the previous version of WP.
I have cleared all caches etc tried on different computers with different test scenarios.
" ilenejohnson
Defects Awaiting Review 54098 WordPress 5.8 - Cannot read properties of undefined (reading 'clientId') Editor blocker defect (bug) new 2021-09-09T09:45:40Z 2021-09-21T13:38:46Z "Hi,
We updated our wordpress to 5.8 (we also tried 5.8.1 today), and just after that, we have an error on post edit page, in the console
{{{
data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2 An error occurred while running 'mapSelect': Cannot read properties of undefined (reading 'clientId')
The error may be correlated with this previous error:
TypeError: Cannot read properties of undefined (reading 'clientId')
at we (https://mywebsite.com/wp-includes/js/dist/block-editor.min.js?ver=fc8c27c6e95e7e0d59b4e344cb9ddfed:12:100185)
at https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:13742
at r (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:13559)
at https://mywebsite.com/wp-includes/js/dist/block-editor.min.js?ver=fc8c27c6e95e7e0d59b4e344cb9ddfed:12:285498
at Object.current (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:21206)
at https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:20809
at __experimentalMarkListeningStores (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:16751)
at Object.__experimentalMarkListeningStores (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:17238)
at https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:20171
at e (https://mywebsite.com/wp-includes/js/dist/data.min.js?ver=a9e98fe3ad76884fe7909ba8348395b7:2:20801)
Original stack trace:
}}}
When we downgrade to version 5.7.2 of wordpress, error disappear
We found the problem, and it is coming from our custom post taxonomy named ""selection"", in the args we put ""show_in_rest"" true, when it is false it is ok but we dont see that in Gutenberg so it is not the solution, and when we rename ""selection"" to ""selectiontest"" for example it is works but we lost our datas inside this taxonomy
We looked at ""Reserved Terms"" of wordpress, but ""selection"" is not in the list ([https://codex.wordpress.org/Reserved_Terms])
Our code
{{{#!php
$labels, // $labels is our labels array
'hierarchical' => true,
'public' => false,
'show_ui' => true,
'show_admin_column' => true,
'show_in_nav_menus' => true,
'show_in_rest' => true,
'show_tagcloud' => false,
'rewrite' => false
);
register_taxonomy('selection', array('post'), $args);
}}}
For the args, we are using the same config for other taxonomies too but the only ""selection"" is a problem, maybe something was added in the 5.8 and create a conflict with this name ?" ahsynv
Defects Awaiting Review 52918 WordPress 5.7 block parent focus bug for reusable block Editor normal defect (bug) new 2021-03-26T08:59:53Z 2021-04-24T10:17:44Z "Hi, I just made the change to WordPress 5.7 from Wordpress 5.6.2 and I experience a rather strange behavior for reusable blocks.
On 5.6.2 when I click on a reusable block I am prompted with an info box showing me the name of the block and an option to edit what's inside the block. That's perfect and make completely sense.
In 5.7 this behavior changed, if I click on a reusable block by default it selects the child inside and I don't see the info box anymore. To select the parent I need to hover the block icon to see the parent icon. That's not really easy to understand and I made multiple mistake by adding additional blocks in a reusable block just because I was not aware that the focus was on the children and not the parent.
I check the release note and was surprise to see that this was supposed to have changed: https://make.wordpress.org/core/2021/02/23/inner-blocks-api-changes/
Is it a wrong setting I put, something I miss or a bug?
" paulbouisset 5.7
Defects Awaiting Review 52570 "WordPress 5.6.1 bug/error ""Publishing failed. The response is not a valid JSON response.""" Editor normal defect (bug) new 2021-02-19T02:59:40Z 2021-02-24T21:33:07Z "In the Latest Version of WordPress Gutenberg Editor, is having the issue of
""Publishing failed. The response is not a valid JSON response."" error.
Please make update to the Wordpress, or some patch, from where the error could be originating.
I am using PHP8, Apache and MySQL. Not Xampp, own installation[[Image(https://imgur.com/a/Su24bGJ)]]" djacob56 5.6.1 needs-patch
Defects Awaiting Review 52540 WordPress 5.6.1 blocking new posts Editor blocker defect (bug) new 2021-02-16T14:14:59Z 2021-02-16T15:35:28Z "When I click ""new post"" I get a blank post with ""Auto-draft"" pre-filled as the title, but when I change it and populate the post with content and click save draft or publish, the content disappears, and I am returned to a blank ""Auto-draft"" post. This happens with all plugins active or disabled. The posts are saved as blank drafts with the title Auto-draft.
When I removed the Tiny MCE editor plugin, and tried to use the Gutenberg editor, the site stalls on saving the draft and does not complete the save." PodcastSteve 5.6.1
Defects Awaiting Review 52054 WordPress 5.6 broke my ability to create posts. Editor normal defect (bug) new 2020-12-12T21:59:44Z 2020-12-13T00:01:35Z "Immediately after upgrading to version 5.6, when I create/edit a post either the settings tab doesn't work or the settings column is off screen to the right and inaccessible unless I take my browser zoom down to 80% (and then I still can't get to lower items in settings).
Also, after an update or a save draft, an attempt to return to the dashboard is met with the leave page warning that usually only happens when a change is made w/o saving or updating.
I downgraded back to 5.3.3 as this was reliable for me." vormwmik54
Reporter Feedback / Close 50909 WordPress 5.5 update adds height and width attributes to images Media normal defect (bug) new 2020-08-11T22:02:56Z 2020-10-30T14:33:28Z "It appears that some images added with the gutenberg editor (no updates since June) now have height and width attributes being dynamically added following the new loading attribute.
I updated locally only so far.
This is the previous img element being displayed in the browser:
{{{
}}}
This is it now:
{{{
}}}
These are the new attributes being added:
{{{
loading=""lazy"" width=""1000"" height=""448""
}}}
" jeslen 5.5 close
Reporter Feedback / Close 51215 WordPress 5.5 no longer respects Headings values when pasting in text Editor normal defect (bug) new 2020-09-02T08:15:33Z 2020-11-26T05:41:41Z "In previous versions of WordPress, if you wrote a post outside of WordPress and then imported it, the import process would respect any Headings you made - so if you set H2, H3, H4, etc, in OneNote or Word, when you imported it, the Headings values you set would transfer to the WordPress post.
Now, in 5.5, this no longer happens. If you paste in text, all the Headings come in as Paragraphs. This is incredibly annoying and it is very time-consuming to go back and change them, constantly referring to your written document to see what the Headings values should be.
I am submitting this as a bug, as this was not how previous versions worked and is not mentioned in the release notes, so I imagine it is unintended." gizmo2501 5.5.1 reporter-feedback
Defects Awaiting Review 48768 WordPress 5.3 ajax bug with Elementor 2.7.5 Query critical defect (bug) new 2019-11-22T15:17:38Z 2019-11-22T15:17:38Z "To whom it may concern,
I was working on my WordPress site and updated it to the latest version available (5.3), before had the 5.2.4 version, i also updated the plugin Elementors to the latest version 2.7.5 .
I noticed that when i was trying to access their build in option, build query, for the elements, it would give and ajax error of type : **core-query uncaught TypeError: Cannot read property 'ajax' of undefined** .
I tried to downgrade the Elementor to a previous version but it didn't work, than i downgraded the WordPress one version older and it worked normally.
" argentum95 5.3
Defects Awaiting Review 45980 WordPress 5.0.3 PDF is opening empty page in Chrome and not showing content Media normal defect (bug) reopened 2019-01-14T10:34:54Z 2019-01-30T07:38:23Z "Hi,
I have some links that open pdf.
On firefox or safari, when I clic on the link, the pdf is opend on another page.
I can see the pdf.
On Chrome, when I clic, anoter page is open but the page is empty.
I can see on the url that the pdf is open
https://www.....de/wp-content/uploads/2018/07/TEST.pdf
but it is empty. And it worked before (not with WordPress 5.0.1)
And it doesn't work with new pdf too.
MAny thanks for you help" Timama 5.0.3
Defects Awaiting Review 45532 WordPress 5.0 preview does not show updated content Editor normal defect (bug) reopened 2018-12-08T03:34:48Z 2018-12-13T03:09:59Z "When making an update to a page using the WordPress 5.0 code editor and then clicking ""Preview,"" the preview page does not display the updated content.
Steps to reproduce:
- Log in as an admin
- Click Pages
- Select a page to edit
- Click the 3 dots menu on the right
- Select ""Code Editor""
- Make changes to code within the editor
- Click Preview in the top right
Expected result: Updated code will be displayed in the preview page
Actual result: The preview page displays the unedited page until the ""Update"" button is clicked" JoshCrawford 5.0 needs-patch
Defects Awaiting Review 59062 wordpress 404 error after update Upgrade/Install minor defect (bug) new 2023-08-10T21:00:19Z 2023-09-11T12:34:31Z "All of my wordpress sites are having a 404 error after updating to 6.3 when attempting to log in to the back end.
i have tried multiple sites, i have turned off all plugins, i have reset to base themes, i have manually performed the update by copying the files. this new update is borked.
the site in main question is chicagolandhomeproducts.com" fredricksoncr 6.3 has-patch
Defects Awaiting Review 40964 WordPress 4.8 Pasting into editor functionality changed Editor normal defect (bug) new 2017-06-09T05:43:45Z 2020-11-16T06:48:14Z "Hi there,
With 4.8 the paste functionality seems to have changed in the visual editor.
When I paste a list of items into the 4.8 visual editor from a text editor it now strips all ""line breaks"" and I end up with one big paragraph. I can still paste the list in text view and switch back to visual view and it keeps the line breaks.
This has changed in this new version. I do this process as a daily activity. " AngusMcKinnon 4.8 has-patch
Defects Awaiting Review 50132 Word Counter on Classic Editor is bugged Editor normal defect (bug) new 2020-05-08T19:28:22Z 2020-11-24T16:14:30Z "On the Classic Editor, sometimes words after a new line or new paragraph are not counted properly. If you create 10 lines, each consisting of 10 words each, only 91 words will be accounted for.
This seems to be mostly a JavaScript bug, but can potentially affect any other word-counting function on WP too, if their implementation is similar." matpratta 5.4.1
Defects Awaiting Review, reported against no version 40759 Word Count Discrepancies Editor normal defect (bug) new 2017-05-14T12:36:09Z 2020-11-24T06:27:13Z "I've noticed several discrepancies between how WordPress, Pages, Google Docs, and Word count words. Given the following text, all four count things quite differently.
{{{
a 1
foo-bar
e.g.
jack & jill
5 @ $4.99
.
fuzz@baz.blog
}}}
|| ||= WordPress =||= Word =||= Pages =||= Docs =||
|| Individual Words (a, jack, jill) || 3 || 3 || 3 || 3 ||
|| Individual Numbers (1, 5) || 0 || 2 || 2 || 2 ||
|| Hyphenated Words (foo-bar) || 1 || 1 || 2 || 1 ||
|| Abbreviations (e.g.) || 1 || 1 || 2 || 2 ||
|| Punctuation that translates to a word (&) || 0 || 1 || 0 || 0 ||
|| Punctuation that translates to a word in this usage (@) || 0 || 1 || 0 || 0 ||
|| Punctuation that doesn't translate to a word (.) || 0 || 1 || 0 || 0 ||
|| Compound number ($4.99) || 0 || 1 || 1 || 2 ||
|| Email address (`fuzz@baz.blog`) || 1 || 1 || 3 || 3 ||
I tend to fall in the camp of ""what would a reasonable native speaker count as a word"", which is probably closest to Word's definition, minus the punctuation that doesn't translate to a word." pento has-patch
Defects Awaiting Review 57382 Woocommerce have multiple Deprecated errors when working with PHP 8.1 Plugins normal defect (bug) new 2022-12-23T14:19:15Z 2022-12-23T16:03:51Z "I am working on a project using Woocommerce, Buddyboss theme, and Elementor and they are having multiple issues with deprecated warnings. The PHP version is 8.1 and we think that can be one of the main reasons.
The following are the error stored in error logs
{{{
Deprecated: Return type of BP_Core_BP_Nav_BackCompat::offsetExists($offset) should either be compatible with ArrayAccess::offsetExists(mixed $offset): bool, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/buddyboss-platform/bp-core/classes/class-bp-core-bp-nav-backcompat.php on line 122
Deprecated: Return type of BP_Core_BP_Nav_BackCompat::offsetGet($offset) should either be compatible with ArrayAccess::offsetGet(mixed $offset): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/buddyboss-platform/bp-core/classes/class-bp-core-bp-nav-backcompat.php on line 97
Deprecated: Return type of BP_Core_BP_Nav_BackCompat::offsetSet($offset, $value) should either be compatible with ArrayAccess::offsetSet(mixed $offset, mixed $value): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/buddyboss-platform/bp-core/classes/class-bp-core-bp-nav-backcompat.php on line 63
Deprecated: Return type of BP_Core_BP_Nav_BackCompat::offsetUnset($offset) should either be compatible with ArrayAccess::offsetUnset(mixed $offset): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/buddyboss-platform/bp-core/classes/class-bp-core-bp-nav-backcompat.php on line 148
Deprecated: Constant FILTER_SANITIZE_STRING is deprecated in /.../wp-content/plugins/buddyboss-platform-pro/includes/integrations/zoom/bp-zoom-actions.php on line 164
Deprecated: Return type of OMAPI_Plugins_Plugin::jsonSerialize() should either be compatible with JsonSerializable::jsonSerialize(): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/optinmonster/OMAPI/Plugins/Plugin.php on line 293
Deprecated: Return type of OMAPI_Plugins_Plugin::offsetExists($offset) should either be compatible with ArrayAccess::offsetExists(mixed $offset): bool, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/optinmonster/OMAPI/Plugins/Plugin.php on line 242
Deprecated: Return type of OMAPI_Plugins_Plugin::offsetGet($offset) should either be compatible with ArrayAccess::offsetGet(mixed $offset): mixed, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/optinmonster/OMAPI/Plugins/Plugin.php on line 255
Deprecated: Return type of OMAPI_Plugins_Plugin::offsetSet($offset, $value) should either be compatible with ArrayAccess::offsetSet(mixed $offset, mixed $value): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/optinmonster/OMAPI/Plugins/Plugin.php on line 269
Deprecated: Return type of OMAPI_Plugins_Plugin::offsetUnset($offset) should either be compatible with ArrayAccess::offsetUnset(mixed $offset): void, or the #[\ReturnTypeWillChange] attribute should be used to temporarily suppress the notice in /.../wp-content/plugins/optinmonster/OMAPI/Plugins/Plugin.php on line 282
Deprecated: version_compare(): Passing null to parameter #2 ($version2) of type string is deprecated in /.../wp-content/themes/buddyboss-theme/inc/plugins/buddyboss-menu-icons/vendor/codeinwp/themeisle-sdk/load.php on line 20
Deprecated: strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated in /.../wp-includes/functions.php on line 7022
Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated in /.../wp-includes/functions.php on line 2162
Deprecated: strpos(): Passing null to parameter #1 ($haystack) of type string is deprecated in /.../wp-includes/functions.php on line 7022
Deprecated: str_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated in /.../wp-includes/functions.php on line 2162
Deprecated: parse_str(): Passing null to parameter #1 ($string) of type string is deprecated in /.../wp-content/plugins/woocommerce/src/Admin/PageController.php on line 128
Saltar al contenido principalIr a la barra de herramientas
Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /.../wp-content/plugins/buddyboss-platform/bp-core/bp-core-avatars.php on line 435
Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /.../wp-content/plugins/buddyboss-platform/bp-core/bp-core-avatars.php on line 435
Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /.../wp-content/plugins/buddyboss-platform/bp-core/bp-core-avatars.php on line 435
Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /.../wp-content/plugins/buddyboss-platform/bp-core/bp-core-avatars.php on line 435
Deprecated: explode(): Passing null to parameter #2 ($string) of type string is deprecated in /.../wp-content/plugins/buddyboss-platform/bp-core/bp-core-avatars.php on line 435
}}}" nick7268 6.1.1
Reporter Feedback / Close 51158 "With ACF Blocks in 5.5, ""enqueue_assets"" causes fatal error" Editor blocker defect (bug) new 2020-08-27T15:20:27Z 2020-09-03T00:49:09Z "This is related to ACF Pro, but didn't happen until the upgrade to WP 5.5. I downgraded to 5.4.2 to make sure and I can verify it's a WordPress issue, likely related to REACT or the Rest API. I don't know enough about the Gutenberg editor to know if it's specific to that, so I'm posting here with ""second-opinion"" Workflow Keyword.
I have several custom blocks created using ACF Pro. One of them requires multiple javascript files and uses the ""enqueue_assets"" attribute to enqueue them.
When I try to edit any post, I get a popup error that covers the entire screen saying ""The editor has encountered an unexpected error."" and has 3 buttons: ""Attempt Recovery"", ""Copy Post Text"", ""Copy Error"". None of the buttons work.
In the console, I get these errors:
{{{
react-dom.min.js?ver=16.9.0:103
TypeError: First argument must be a String, HTMLElement, HTMLCollection, or NodeList
at t.exports (compose.min.js?ver=c4775e2aa9288586791e26a980eff851:9)
at e.value (compose.min.js?ver=c4775e2aa9288586791e26a980eff851:9)
at new e (compose.min.js?ver=c4775e2aa9288586791e26a980eff851:9)
at compose.min.js?ver=c4775e2aa9288586791e26a980eff851:9
at Vb (react-dom.min.js?ver=16.9.0:104)
at Xi (react-dom.min.js?ver=16.9.0:151)
at unstable_runWithPriority (react.min.js?ver=16.9.0:26)
at Ma (react-dom.min.js?ver=16.9.0:52)
at Yb (react-dom.min.js?ver=16.9.0:150)
at O (react-dom.min.js?ver=16.9.0:120)
components-1480.js:24
Uncaught TypeError: Cannot read property 'clientHeight' of null
at G.hasOverflowedContent (components-1480.js:24)
at G.fitTitle (components-1480.js:24)
at components-1480.js:24
}}}
After the second error, the first error repeats and keeps getting hit every few milliseconds, telling me it has thousands of times within a minute.
I'll post this with ACF Pro, too, but wanted to mention here in case it's a WordPress bug. I don't know how many people use ACF blocks in the Block Editor, but it completely prevents people from editing posts if they have some.
Thanks!" bronsonoquinn 5.5 dev-feedback
Defects Awaiting Review, reported against no version 43445 Wildcard `LIKE` support for `WP_Meta_Query` (and maybe other queries?) Query normal defect (bug) new 2018-03-01T04:09:44Z 2018-03-02T16:15:22Z "Passing `LIKE` as the `compare` parameter for a meta query (or `compare_key`, after [42768]) results in what is essentially a ""contains"" query for the literal `value` (or `key`) string. So:
{{{
array(
'compare' => 'LIKE',
'value' => 'foo',
)
}}}
becomes `WHERE ... value LIKE '%foo%'`.
MySQL `LIKE` wildcard characters `%` and `_` are escaped, so it's not possible to do a non-standard anchored search, or any other custom `LIKE` query.
It would be nice if you could pass a string like `foo%` and have the wildcard characters respected.
A few considerations:
1. Syntax. A potential solution is suggested in https://core.trac.wordpress.org/ticket/42409#comment:14. Another possibility is a filter for enabling the ""non-escaped"" version
2. Security. I'm unsure that there's a way to do this without introducing security issues, specifically around the `%` character. Any potential patch would need serious review." boonebgorges
Defects Awaiting Review 58909 width problem in the administration interface Administration normal defect (bug) new 2023-07-26T07:58:35Z 2024-02-23T17:48:23Z "Hi,
With quick edit mode (any post), and with french language, the French translation causes line breaks in the author and password columns :
" pasglop has-patch
Defects Awaiting Review 58744 Width issue while creating sync pattern using already existed pattern General normal defect (bug) assigned 2023-07-07T05:42:15Z 2023-08-14T14:23:27Z "**WordPress Version:** Development version (6.3-beta3)
**Theme:** Twenty Twenty-Three
**Browser:** Google Chrome Version 114.0.5735.198 (Official Build) (arm64)
----
**Follow this step to create this issue.**
* Create a new post
* Add any of the existing pattern into the post
* Change that pattern to sync pattern
Now, the main issue is:
If the pattern was fullwidth style by default, when you change that pattern to sync type pattern; that pattern will change to boxed style. But the view in frontend will be in it's original style i.e. if it was fullwidth, it will be fullwidth in frontend.
**Expected fix:**
After we change the pattern to sync pattern, the pattern style should remain same in both frontend and backend." labunchemjong 6.3 needs-patch
Defects Awaiting Review 49183 Width alignment issue in Edit attachment page Media normal defect (bug) new 2020-01-13T09:55:56Z 2020-01-13T20:11:52Z "Hello,
There is an issue with the width in the edit attachment page.
First, go to the media page and open any image and edit that image and click on the button that says ""Edit Image"" and you can see the issue.
I am using a laptop having size of 1366 x 768.
https://youtu.be/A440xIRrUJU
Please see this video for the issue I am talking about.
" rnitinb
Reporter Feedback / Close 53279 Widgets.php returning 500 when using php 8.0.3 Widgets normal defect (bug) assigned 2021-05-26T09:45:22Z 2021-06-02T14:31:42Z "I am not a developer. I switched from php 7.4 to php 8.0.3. The widgets do load at the front end but I cannot make any edits in appearance - widgets. /widgets.php is returning 500 error when using php 8.0.3. I reverted back to php 7.4 for testing and widgets.php functioned as normal.
I hope I contributed something." Dan14 5.7.2 reporter-feedback
Defects Awaiting Review 52848 Widgets z-index issue hides the widget's update button when other widgets remain open Widgets minor defect (bug) new 2021-03-18T12:59:43Z 2021-03-18T12:59:43Z "Hi,
I found an issue that should be fixed on widget part.
Steps to reproduce the issue:
1. Enable a theme that has multiple widgets areas like Sydney
2. Put some widgets on each widget area from Appearance > Widgets screen
4. Keep all widgets remain open
5. Try saving one widget
Here is my screen recording when getting the issue:
https://drive.google.com/file/d/1ZqcM8IYIbCGfwYaHw7SOLnTBTurKwmGD/view?usp=sharing
My screen resolution is 1280x800.
Best,
Kharis " kharisblank 5.7 has-patch
Reporter Feedback / Close 53732 Widgets option shows blank Widgets normal defect (bug) new 2021-07-22T08:53:02Z 2021-07-23T11:06:23Z After updating WordPress to 5.8 , Widgets option shows blank when clicking, can't access to widgets pirfirdouse 5.8 reporter-feedback
Defects Awaiting Review 60559 Widgets moved by calling the sidebars endpoint Widgets normal defect (bug) new 2024-02-16T10:02:07Z 2024-02-16T10:02:07Z "The GET /wp/v2/sidebars endpoint moves the widgets permanently, if for some reasons, one or more sidebars are not registered for WP REST. Moreover, it does it even if it returns a 401 status code.
To reproduce the issue:
1. Have Gutenberg disable with the ""Disable Gutenberg"" plugin
2. Add this code to theme's functions.php
{{{#!php
function test_register_sidebars() {
if ( strpos( $_SERVER['REQUEST_URI'], '/wp-json/' ) === false ) {
register_sidebar( [
'name' => 'Sidebar 1 - not registered on WP REST',
'id' => 'sidebar-1',
'before_widget' => '',
'before_title' => '',
'after_title' => ' ',
] );
}
register_sidebar( [
'name' => 'Sidebar 2',
'id' => 'sidebar-2',
'before_widget' => '',
'before_title' => '',
'after_title' => ' ',
] );
}
add_action( 'widgets_init', 'test_register_sidebars' );
}}}
3. Add widgets to ""Sidebar 1""
4. Visit GET /wp-json/wp/v2/sidebars" davit16
Reporter Feedback / Close 54312 Widgets editor blocks Widgets major defect (bug) new 2021-10-23T13:38:21Z 2022-02-16T08:32:44Z "Hi there, we have noticed a bug in widgets block.
When editing Widgets in Blocks will repeat with errors and the console shows it is a JSON error stating 'The response is not a valid JSON response' and also says 503 error with it.
Troubleshooting I have done:
- Have tried downgrading versions, errors will be removed but unable to move widgets around. Now I have the current version.
- Deactivating all plugins, one reactivated they come back and it is not related to a plugin.
- did permalinks,
- re did htaccess file
- classic widgets plugin also takes away errors but you cant move widgets.
none of these steps worked.
Some guidance on what is happening would be greatly appreciated. Thank you
" donno1 5.8.1 reporter-feedback
Defects Awaiting Review 42683 widgets cannot be edited General normal defect (bug) new 2017-11-23T18:38:01Z 2017-11-23T20:41:04Z "after upgrading to 4.9, my widgets cannot be edited. All i see is just the buttons after each widget (save etc)
" fovos 4.9
Enhancements Awaiting Review 48373 Widgets area grouping Widgets normal feature request new 2019-10-20T03:57:29Z 2019-10-20T03:57:29Z "The recent wordpress project I have been working on is news magazine, which has over 30 widgets areas for some reasons. I find it so difficult to drag and drop widget to specific widget area, just for the reason that there are so much areas.
We can also place widgets to an specific area by selecting name, but here too, so much names.
I though that grouping areas would solve this problem, so, how do we group?
{{{#!php
__('Banner area', 'td'),
'group' => 'Homepage' //@here
));
register_sidebar(array(
// Existing parameters +
'name' => __('Footer1', 'td'),
'group' => 'Homepage' //@here
));
/**
* `Single page` group
*/
register_sidebar(array(
// Existing parameters +
'name' => __('Banner area', 'td'),
'group' => 'Single page' //@here
));
register_sidebar(array(
// Existing parameters +
'name' => __('Footer1', 'td'),
'group' => 'Single page' //@here
));
}}}
So, based on these sidebar registrations, wordpress will show dropdown having two options, Homepage and Single page on the widgets page right above areas listing.
I think this thing is much likely to be related to core WP. I am interested to contribute WP too, but have never done before. Can I directly make pull request to git wordpress repo, or how do I?" dipakw
Reporter Feedback / Close 54603 Widgets are not showing Widgets normal defect (bug) new 2021-12-09T08:10:36Z 2021-12-13T11:33:11Z when i open the widgets page it is showing a blank page asma2022 reporter-feedback
Defects Awaiting Review 50811 Widget title box and text content not proper align. Widgets normal defect (bug) new 2020-07-29T16:00:32Z 2020-11-17T16:10:49Z "The widget title box and text content alignment is not proper. it needs to align.
http://localhost/src/wp-admin/widgets.php
" vinita29 5.5 has-patch
Reporter Feedback / Close 54688 Widget overlap in customizer settings Customize normal defect (bug) new 2021-12-23T12:08:01Z 2024-01-10T14:11:27Z In Twenty twenty one theme widget overlap in customizer settings when we adjust width of search widget and then selcting recent post widget on that tome widget are overlapping with above search widget. multidots1896 5.8.2 close
Reporter Feedback / Close 53805 Widget HTML Personalized no have Title Widgets normal enhancement new 2021-07-27T23:25:36Z 2021-09-14T11:44:18Z "The widget HTML Personalized no have one title, we can left the title blank but we need one title if we want use it, like: Note or Publicity etc.
The old HTML personalized has the title...
I don't no if are another widgets who need title, I no check all
I hope can fix it, also is one little slow the section widgets.
I like quit the previsualization, for load more faster." Guillermo77 5.8 reporter-feedback
Defects Awaiting Review 57769 Widget html malfunction Widgets normal defect (bug) assigned 2023-02-20T12:14:13Z 2023-05-03T23:45:06Z "The html code after being pasted into the ""html"" widget is tampered with.
Usually the first lines of code and the last ones disappear." aldo3853
Defects Awaiting Review 51538 Widget disappears from the sidebar when switching the theme and back again. Widgets critical defect (bug) new 2020-10-15T16:19:40Z 2020-10-15T16:19:40Z "A widget with ID **activity_right** disappearing when I switch BuddBboss theme to Twenty Twenty theme. This because of there something wrong with Widget Mapping
{{{
wp-includes/widgets.php
}}}
line number 1371
It should move widgets to new $new_sidebars_widgets when $new_sidebars_widgets has the same sidebar as $existing_sidebars_widgets has, then only, otherwise move it to inactivate sidebar.
Attaching a patch
" mhshohel 5.5.1 has-patch
Enhancements Awaiting Review 45054 "Widget deletion: Add an ""Are you sure you want to delete?"" popup before it gets deleted" Widgets normal enhancement new 2018-10-05T10:24:33Z 2020-05-25T18:16:56Z "For the widgets the ""Delete"" and ""Done"" buttons are close to each other, and if you accidentally click Delete, there is no obvious option to restore the widget. Not great if you have added lots of html code... I would have liked to see here a ""Are you sure you want to delete this widget?"". " Vibeque 4.9.8 dev-feedback
Enhancements Awaiting Review 27405 Widget Customizer: Fade out sidebar sections that lack any rendered widgets Widgets normal enhancement new 2014-03-13T21:44:19Z 2017-06-07T00:24:28Z "Currently when there is a widget that is not rendered in the current URL being previewed (e.g. via Widget Visibility), the widget control in the customizer will become semi-transparent to indicate it is not being rendered. The same semi-transparent indicator would be useful for sidebars that are empty or which lack any rendered widgets.
Originally reported in https://github.com/x-team/wp-widget-customizer/issues/76" westonruter 3.9 needs-patch
Defects Awaiting Review 57576 widget color settings gets lost when saving regarding another widget Widgets normal defect (bug) new 2023-01-28T09:53:26Z 2023-02-16T23:58:10Z When changing in a footer widget block, and then saving I loose the color-settings in a another widget area - a Hero Canvas widget area. I am pretty shure that I have experienced it before also with blocks in pages. It was a long time ago that I experienced the later. That could be fixed but the widget areas still seem to have the problem. mdproduktion 6.1.1
Defects Awaiting Review 46541 widget class name sent in headers is incorrect when the widget has a namespace Widgets normal defect (bug) new 2019-03-16T19:56:30Z 2019-03-17T02:50:47Z "It looks like WordPress is removing the '\' from a class name in the headers, this leads to difficulties making Oxygen to function with Multisite Language Switcher for instance.
Here is what is done in Oxygen to integrate a widget:
{{{#!php
widgets[$options['class_name']] ) {
... do stuff
}
else {
printf( __(""Error! No '%s' widget registered in this installation"", ""component-theme""), $options['class_name'] );
}
}}}
This does not work with multisite language switcher plugin since it is registered as ""llocMslsMslsWidget"" in `$options` and ""lloc\Msls\MslsWidget"" in `$GLOBALS`.
I think it is a WordPress bug because there is no reason to register a class name without the '\'. Alternatively you may want to replace the '\' with '_' but then you'd have to do the same in `$GLOBALS['wp_widget_factory']`
" dlorre 5.1
Reporter Feedback / Close 49746 Widening WordPress Limits and Compatibility Media normal enhancement new 2020-04-01T00:23:21Z 2022-03-10T15:39:24Z "Version:
A wish that to be in some WordPress 5.4 future minor version.
Problem:
WordPress ""Select image"" Dialog doesn't support inserting image from URL
in all cases and if, in the case it supports, when there is an image(or any file type) inserted
from a URL(specifically with dynamic-protocol URL that starts with just couple of slashes),
WordPress won't save and|or implement that dynamic-protocol URL in all cases what shortens
its compatibility of being compatible with browsers like Firefox security compliance and shortens
its compatibility of offering the writer the freedom of making his|her blogs URLs protocols
dynamic for a pitfall situation during, for example, an SSL renewing process what may stops or misbehaves his|her website.
Solution:
Let WordPress supports dynamic-protocol URLs anyway, let WordPress ""Select image"" Dialog
supports Insert any file type from a URL anyway, and make sure they all function well and securely.
Result:
Widening WordPress Limits and Compatibility.
-
-
Regards,
Al bunyan,
a WordPress User since WordPress first publication.
I was the first Arab required to translate WordPress.
http://ulike123.com/
-
-
" ulike123 5.4 reporter-feedback
Enhancements Awaiting Review 46082 Why returning $menu_array[x] instead of $title Administration normal enhancement new 2019-01-23T16:02:40Z 2021-12-08T12:38:49Z "
{{{
File: wp-admin/includes/plugin.php
Function: get_admin_page_title()
}}}
In lines `1613, 1616, 1637, 1645 and 1660` the following pattern of assignments and return the value are used:
{{{
$title = $menu_array[x];
return $menu_array[x];
}}}
where `$tile` is `global`.
What is the difference between the following returning patterns
{{{
$title = $menu_array[x];
return $menu_array[x];
}}}
AND
{{{
$title = $menu_array[x];
return $title;
}}}
Since we are already updating the the global variable `$title` with that of `$menu_array[x]`, why can't we just return `$title` instead of `$menu_array[x]`? For every single request `global $title` will receive a new value.
In `line 1620` the return pattern is usual:
{{{
$title = $menu_array[0];
return $title;
}}}
" subrataemfluence dev-feedback
Enhancements Awaiting Review 49408 Why is the action wp_ajax_wp_link_ajax not using wp_send_json() General normal enhancement new 2020-02-11T16:09:10Z 2020-12-16T19:31:11Z "The action now returns an array with results with the header content-type text/html
Should this not be application/json as achieved by the wp_send_json() function?
[https://core.trac.wordpress.org/browser/tags/5.3.2/src/wp-admin/includes/ajax-actions.php#L1863]
" stephanh 5.3.2 has-patch
Defects Awaiting Review 53320 Why delete_metadata and update_metadata slow performance? Database normal defect (bug) new 2021-06-02T11:11:06Z 2021-06-02T11:11:06Z "I’ve been doing some investigating on the overall performance of a local WordPress with WooCommerce build and something doesn’t seem to be making sense, I’m not sure if I’m missing something or if it’s an oversight in the development.
WooCommerce has ways of checking if meta keys and values need to be updated, for example update_post_meta in class-wc-order-data-store-cpt.php
The plugin also has a method update_or_delete_post_meta for handling the meta of posts integration with the WordPress Core.
Here’s where the confusion comes in,
1. [delete_metadata](https://github.com/WordPress/WordPress/blob/21cf92796123e98bcc9cc7981d80472977673fab/wp-includes/meta.php#L335)
Why does delete_metadata by default query to see if it exists before running the DELETE operation? I understand the DELETE operation is expensive but in this instance, we know the keys that are going to be removed. I understand we could hook into the delete_{$meta_type}_metadata
filter, return false and run the query ourselves but this doesn’t future proof things. I propose an additional filter and/or argument that allows you to bypass the initial lookup.
2. [update_metadata](https://github.com/WordPress/WordPress/blob/21cf92796123e98bcc9cc7981d80472977673fab/wp-includes/meta.php#L159)
There is a similar problem here too. [Every update queries the database](https://github.com/WordPress/WordPress/blob/21cf92796123e98bcc9cc7981d80472977673fab/wp-includes/meta.php#L220) to see if a row already exists and if so, then use the add_metadata. If we know the meta key 100% exists, why go to the expense of then querying the database again? Once again, I appreciate this is added as a fail-safe to ensure the data gets stored but this leaves the developer with no “official” way of updating the meta without having to do a lookup first. Again, we can hook into update_{$meta_type}_metadata but this has the same problem as before.. breaking future changes. I propose the same as above for this method too.
Has anybody else experienced this or found any solutions to excessive SQL lookups (other than relying on cache)?" cjj25
Enhancements Awaiting Review 39918 Whitelist audioBoom oEmbeds Embeds normal enhancement new 2017-02-20T11:00:33Z 2023-05-30T09:50:56Z "{{{
sandbox=""allow-scripts""
}}}
is disabling links within our iframe player on some wp sites, try the social icons on the audioBoom player in this article http://www.niemanlab.org/2017/02/in-a-chaotic-presidency-civics-101-is-giving-listeners-a-reintroduction-to-how-the-u-s-government-works/.
What are the steps to getting audioBoom whitelisted so that no changes are made to the oEmbed codes?
" arunaudioboom 4.8
Defects Awaiting Review 49136 White screen in password protected posts, referrer policy Posts, Post Types normal defect (bug) new 2020-01-05T17:19:32Z 2020-03-06T15:20:10Z "**Background**
Under some circumstances WP is displaying a white screen refering to URL ..../wp-login.php?action=postpass after entering either correct or incorrect password into password protected posts. It turns out this behaviour occurs reproducably in case WP site is set to no-referrer policy e.g. by Nginx configuration. This behaviour was observed since about July last year.
**Steps to reproduce**
1. Force no-referrer policy in Nginx .conf file
add_header Referrer-Policy no-referrer;
service nginx restart
2. Protect any post by password
3. Verify no-referrer policy in e.g. Chrome F12->network
4. Enter password into your password protected post
5. /wp-login.php?action=postpass white screen pops up, no error message, no debugg hints.
These steps reproduce in any WP configuration (under ubuntu server 18.04 LTS, LEMP stack) with or without themes/plugins. Exception: Safari and Edge (as of August last year) do not show white screenn. Reason: These browsers do not support referrer policy.
**Work around**
Set referrer policy to any other policy than no-referrer. In my case strict-origin-when-cross-origin did the job.
**Suggestion**
This issue might not be too common but it might become more relevant due to GDPR in Europe.
It seems that wp-login.php requires a reference to the calling URL to be able to redirect to that URL after verifying the password. In case of no-referrer policy this reference is not disclosed, hence wp-login.php cannot return to its caller.
If that is the case in order to ensure stable operation of password protected posts WP must not allow no-referrer policy but should force any other secure policy." derfuchs98 5.3.2
Reporter Feedback / Close 59671 white screen at post edit or page edit after upgrade General major defect (bug) new 2023-10-18T14:57:37Z 2023-11-07T23:26:44Z "white screen at post edit or page edit after upgrade to[[Image([[Image()]])]] version: 6.4-RC1
cannot edit any post or page because I got white screen
need a solution please
" jbconcep 6.3.3 reporter-feedback
Enhancements Awaiting Review 58935 White page on admin.php in WordPress Dashboard General normal enhancement new 2023-07-29T18:09:08Z 2023-08-02T10:22:12Z "Hello there,
As we all know, plugins (e.g. WooCommerce, etc.) are using `wp-admin/admin.php` to handle their option pages.
e.g. `http://localhost/wp-admin/admin.php?page=wc-admin`
The problem is, when we navigate to `admin.php` without any query string, it shows a white screen. I believe we can improve it by showing a message or redirecting to the main page of the dashboard.
e.g. `http://localhost/wp-admin/admin.php`" masoudin has-patch
Reporter Feedback / Close 60040 While installing a plugin using wordpress plugin installer, a directory seems to be missing Plugins normal defect (bug) new 2023-12-09T00:52:09Z 2024-02-15T16:29:41Z "**Description:**
When installing the Aiify Blocks plugin (slug: aiify) via the WordPress plugin installer at wp-admin/plugin-install.php, it appears that the directory created at wp-content/plugins/aiify is missing a crucial subdirectory named ""aiify."" This subdirectory typically contains the primary plugin block files. Consequently, this missing directory structure renders the plugin non-functional.
**Steps to Reproduce:**
- Access the WordPress dashboard (wp-admin).
- Navigate to the plugin installation section (wp-admin/plugin-install.php).
- Search for and install the Aiify Blocks plugin (slug: **aiify**).
**Expected Behavior:**
Upon installation via the WordPress plugin installer, the directory wp-content/plugins/aiify should contain a subdirectory named ""**aiify**"" housing the necessary plugin block files.
**Actual Behavior:**
The directory wp-content/plugins/aiify lacks the expected ""aiify"" subdirectory after installation using the WordPress plugin installer, causing the plugin to malfunction.
**Temporary Solution:**
Downloading the plugin directly from the URL https://downloads.wordpress.org/plugin/aiify.0.1.1.zip and unzipping it provides the correct directory structure with the necessary ""aiify"" subdirectory intact, resolving the issue temporarily.
**Additional Information:**
- WordPress Version: 6.3.2
- Plugin Version: Aiify Blocks 0.1.1
- Server Environment: The hosting environment is provided by app.getflywheel.com ( which seems to be based somehow on wp-engine )
- Disclaimer : I'm the plugin developper, a user contacted me for support as he couldn't use the provided blocks, that's how I noticed the issue and the missing directory.
This discrepancy in directory structure during installation impacts the functionality of the Aiify Blocks plugin ( and maybe other plugins ).
**Investigation and Update:**
While writing this ticket, I attempted to replicate the steps in wpsandbox.net (using WordPress 6.4), and the installation worked as expected. This suggests that the bug might be fixed or could be specific to the hosting environment.
While planning to update the plugin and rename the problematic directory, I'm keen to understand why this ""bug"" occurred in the first place and if this irregularity might be specific to the hosting environment or is due somehow to a wordpress bug." rahal.aboulfeth 6.3 close
Defects Awaiting Review 44519 Where are the pages of the headings added with the + add-on (any) ala https://wp-kama.ru/cat/wordpress/codex+xxx Query normal defect (bug) new 2018-07-05T10:00:29Z 2018-07-05T14:39:16Z "Here is the page for this blog (kama) - https://wp-kama.ru/cat/wordpress/codex+xxx
This is a page of the rubric with the added + add-on (any)
She does not give out the content, but her response code is 200 - http://joxi.ru/vAWplvLi13bNqr
It's just that Kama banned the headings for indexing through
meta name = ""robots"" content = ""noindex""
I have the same headings for indexing are allowed.So somehow finding such pages the search drags them to the index.
This is exactly what happens to me and Yandex joyfully informs me that I have dragged another pack of such pages into the index.
How to make sure that an error 404 would appear on the page https://wp-kama.ru/cat/wordpress/codex+xxx
As an option - how to add them
meta name = ""robots"" content = ""noindex""
Thank you." Dmitriy1973
Defects Awaiting Review 45819 when {category|tag}_base include spaces their rewrite rules don't get generated correctly, resulting in 404's Permalinks normal defect (bug) new 2019-01-03T17:00:58Z 2019-01-03T17:00:58Z "Steps to reproduce:
1. Go to Settings > Permalinks
2. Enter ""this is a test"" in the `category_base` field
3. Click ""Save Changes""
4. Notice that `category_base` gets saved as ""this%20is%20a%20test"".
5. Notice that the rewrite rules such as the following get generated:
{{{
'this%20is%20a%test/(.+?)?$' => 'index.php?%20was%$matches[1]&%20test%$matches[2]'
}}}
instead of (what I imagine the correct rule would be)
{{{
'this%20is%20a%test/(.+?)?$' => 'index.php?category_name=$matches[1]
}}}
I'm not sure whether the best thing to do is to disallow spaces in `{category|tag}_base` or to fix`WP_Rewrite::generate_rewrite_rules()` to generate correct rules if they do include spaces." pbiron
Defects Awaiting Review 45742 "When using HTTPS, ""preview post"" fails." Editor normal defect (bug) new 2018-12-22T17:21:41Z 2018-12-28T15:31:54Z "I am using WordPress 5.0.2 hosted at HostGator, but have been seeing this issue since 5.0 was released. I am using the Classic Editor plugin.
If I log into my WordPress site using https://(site), write a post, and then click ""preview"", WordPress will wait and then say the post cannot be displayed.
If I log into my WordPress site using http://(site), write a post, and then click ""preview,"" WordPress with show a preview of the draft as expected.
I have tried disabling all plug-ins and it did not fix the problem. HostGator forces WordPress users to use ""Endurance Page Cache"" plug-in, so I cannot disable that one.
I have multiple WordPress sites hosted on HostGator (RobOHara.com, Review-o-Matic.com, OHaraPress.com) and all of them have been having this issue since upgrading to 5.0.
Hopefully I found a legitimate bug and didn't waste anyone's time. Keep on 'Pressin!" robohara 5.0.2
Defects Awaiting Review 44980 When using a mobile browser (iOS 12) and the Visual Editor you won’t be able to properly select/highlight text Editor normal defect (bug) new 2018-09-21T23:46:00Z 2019-03-02T06:35:18Z "Hi folks!
I was able to reproduce this issue by using the latest version of WordPress.org and also on a WordPress.com site.
**Steps to reproduce the problem:**
1. Log in to your WordPress site using a browser (Safari or Chrome) on any device with iOS 12.
2. Edit or create a post/page with text on it using the Visual Editor
3. Select/highlight any word. Then try to highlight the next or previous word.
**What happens**
It won't let you highlight what you want. Instead, it will highlight all the paragraph or nothing.
Here's a video:
http://cld.wthms.co/NwMb1X
(You will notice this only happens with the Visual Editor and not the Text Editor)
**What I expected**
To be able to highlight the text as in the Text Editor
----
**Devices where I was able to replicate this:**
iPhone 6 Plus and iPad Air 2 (A1567)
**OS:**
iOS 12.0
**Browser:**
Safari & Chrome" Geost 4.9.8 has-patch
Defects Awaiting Review 57161 When using a child theme, blocks registered in the parent theme have the wrong asset file path which prevents styles from loading Themes normal defect (bug) new 2022-11-21T11:14:09Z 2022-11-21T11:14:09Z "I am registering blocks in a theme using `register_block_type()` pointing to a block.json. This works fine.
I then made a child theme and noticed that in the frontend the styles are loaded but in the backend all my blocks' styles are missing. This is because the URI for the assets includes the absolute file path, e.g. `http://localhost/wp-content/plugins/var/www/html/wp-content/themes/parent/block/style.css`. It worked in the frontend, because WordPress was inlining the styles which made correct use of the absolute file path.
The root cause, as far as I can tell, is that [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/blocks.php#L234 blocks.php] makes the assumption that all blocks are registered in the currently active theme. In the case of a child theme, this is not necessarily true. Then the check if the path starts with the current theme's path is faulty.
For a bit of context: We want to deliver themes to customers, but keep the option of making individual modifications. For that we plan to use child themes, for example to add additional blocks.
For now, we can work around this issue by registering the blocks styles separately and passing the registered style handle instead of the file path. We can achieve this by hooking into `block_type_metadata` and replacing the `$metadata['style']` and `$metadata['editorStyle']` with the registered handle.
However, I believe that this current behavior is confusing and that the code in [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/blocks.php#L234 blocks.php] should probably also check for the case that a child theme is active and the blocks are registered in the parent theme." jmaasonoffice 6.1.1
Defects Awaiting Review 55345 When uploading image through featured image section, the image item count is wrong. Media normal defect (bug) new 2022-03-08T17:45:56Z 2022-06-08T14:17:41Z "When uploading image through featured image section, the image item count is wrong.
=== Env
* 5.9.1
* Brave, Chromium
* Win 10
* Theme : TT2
* Plugins: None
=== Test Instruction
* Open Post Editor and click on 'Set featured image' option.
* Notice the total number of existing images
* Upload a new image into the featured image section.
* Now notice the number of images (+2)
* Reload the page, and now the count corrects itself.
When uploading image directly to the featured image section of the post editor, the media item count works correctly.
" alanjacobmathew needs-patch
Defects Awaiting Review 58787 when upload it multi upload duplicate the files in the media Upload normal defect (bug) new 2023-07-11T21:56:53Z 2023-10-30T19:36:30Z "{{{
$attachment_id->get_error_message());
} else {
// The file was uploaded successfully
$response = array('success' => 'File uploaded successfully with attachment ID ' . $attachment_id);
}
} else {
// No file was selected
$response = array('error' => 'No file selected.');
}
// Send the response back to the client-side script
echo json_encode($response);
}
// IMPORTANT: Don't forget to exit at the end of your callback function
exit;
}
?>
}}}" wasimo 6.2.2
Defects Awaiting Review 53191 "When upgrading translations and destination does NOT exist all files end up in ""wp-content/plugins""" Upgrade/Install major defect (bug) new 2021-05-12T04:57:56Z 2021-05-12T04:57:56Z "Hi
**Current install:**
Using the LATEST version of WordPress, the line numbers in this bug report relate to that version number.
**Problem Discription:**
I noticed a huge (220+) amount of .json, .mo and .po files in the ""wp-content/plugins"" directory. They shouldn't be there, in fact they should be in ""wp-content/languages/plugins"".
**Overview of Fix:**
I researched why that maybe the case and found the problem: if the directory ""wp-content/languages/plugins"" does NOT exist, all json/po/mo files are placed into ""wp-content/plugins"" - which in itself is a ""no no"" as the directory belongs to the ""protected"" directory set (I get to that later).
If the directory exists, there is no problem and all files end up in the correct directory and NOT in the ""wp-content/plugins"".
**Where I think the error comes from:**
For every language file that is updated the function ""install_package()"" in ""class-wp-upgrader.php"" is called. The parameter passed is an array containing the SOURCE and DESTINATION of the file needing an update.
The DESTINATION is correct when passed to the function ""install_package()"" but gets altered when the DESTINATION does not exist on line 501:
{{{
$remote_destination = $wp_filesystem->find_folder( $local_destination );
}}}
If the directory ""wp-content/languages/plugins"" exists, there is NO problem.
If the directory ""wp-content/languages/plugins"" DOES NOT exist, there is a problem and
{{{
$remote_destination
}}}
is set to ""wp-content/plugins"" - which in fact belongs to the ""protected directories""
**What steps should be taken to consistently reproduce the problem?**
Delete the directory ""wp-content/languages/plugins"" and update translations.
All *.json, *.po and *.mo files will end up in ""wp-content/plugins""
**Does the problem occur even when you deactivate all plugins and use the default theme?**
Not related, as issue is MISSING PATH related.
**In case it's relevant to the ticket, what is the expected output or result?**
I would assume that the directory ""wp-content/languages/plugins"" should be created if it is missing and not place all files in ""wp-content/plugins""
I for now have created the directory, but I saw on the Internet that MANY people seeing large amount of files in the plugins directory ""wp-content/plugins"".
Also ""wp-content/plugins"" belongs to the group of ""protected directories"" as seen on line 545 in file class-wp-upgrader.php:
{{{
$protected_directories = array( ABSPATH, WP_CONTENT_DIR, WP_PLUGIN_DIR, WP_CONTENT_DIR . '/themes' );
}}}
so for that reason alone no file SHOULD end up in there.
Also, it's ugly to have 200+ language files in the plugin folder where you should only find directories for plugins.
" jobst 5.7.1
Enhancements Awaiting Review 51528 When updating the theme from the dashboard, I want to change the theme folder name to the file name specified by Content-Disposition: attachment. Themes normal feature request new 2020-10-15T07:38:37Z 2020-10-15T07:41:02Z When updating the theme, the character string is also used as the file name after downloading at the end of the path of the download URL, but if the file name of Content-Disposition: attachment is specified, that file name should be used as the file name after downloading. .. kusokamayarou 5.4.2
Defects Awaiting Review 50850 When the deactivate_plugins() function is called in the ABSPATH/wp-admin/includes/plugin.php file, the is_plugin_active_for_network() conditional tag always returns true when the active_sitewide_plugins sitemeta option is set to 1 Plugins normal defect (bug) new 2020-08-05T01:28:10Z 2020-09-08T21:11:46Z "On multisite during the process of activating a plugin across the network (sitewide plugin activation), I noticed that if the activation process is not successful or if errors are triggered, the `active_sitewide_plugins' sitemeta option will be set to 1 and this causes the **is_plugin_active_for_network()** conditional tag to return true when called within the **deactivate_plugins** function, which is so untrue.
Also, when on the admin or network `plugins.php` screen, the **deactivate_plugins()** function triggers the following error becuase the **$plugins = get_site_option( 'active_sitewide_plugins' )** code doesn't return the correct type (array):
{{{
Fatal error: Uncaught Error: Cannot unset string offsets in ABSPATH\wp-admin\includes\plugin.php on line 779
}}}
Futhermore, after exploring the error, I found that since the **active_sitewide_plugins** sitemeta option is set to 1 and the **array_keys()** function is used to extract the plugin basenames into a new array and merged with non-sitewide activated plugins, then when used in the **foreach()** loop, this will always return true.
{{{#!php
`Themes` > `Activate` the Twenty Twenty-One theme.
2. Go to `Customize` > `Site Identity` > `Select logo` (under `Logo` setting) and set the logo.
3. Click `Publish`.
4. Exit Customizer.
5. Go `Themes` > `Activate` the Twenty Twenty theme.
6. Go to `Customize` > `Site Identify` > `Select logo` but select a different logo this time.
7. Click `Publish`.
8. Exist Customizer.
9. Go back and active the Twenty Twenty-One theme again.
10. Go back to `Customize` > `Site Identity`.
Notice:
- The logo is the one set in Step 6 (for the Twenty Twenty theme) and not the one set Step 2 (for TT1).
- The IDs are also different in the options database. For example:
- `theme_mods_twentytwentyone` `""custom_logo"";i:52;`
- `theme_mods_twentytwenty` `""custom_logo"";i:47;`
- `site_logo` = `47`" hellofromTonya 5.8
Defects Awaiting Review 25650 When switching between blogs, wp_upload_dir 'baseurl' and 'url' may be pointing to the current blog not the switched one Upload normal defect (bug) new 2013-10-21T14:36:08Z 2023-05-19T13:20:48Z "Only tested on subfolder multisite (I don't have a way to test on a subdomain install right now).
It seems very similar to ticket #23483 but I'm not sure if it should be treated the same:
Example with two blogs in a network:
- www.mydomain.com/my-source-blog (ID:5)
- www.mydomain.com/my-destination-blog (ID:15)
I discover this while trying to move a post with images from a blog to another. The post is copied and images inside the post are copied too.
Starting point: The current blog ID is 15 (my-destination-blog). I'm trying to get upload URLs from the current blog:
{{{
switch_to_blog( 5 );
$source_upload_dir = wp_upload_dir();
$source_upload_baseurl = $source_upload_dir['baseurl'];
restore_current_blog();
$destination_upload_dir = wp_upload_dir();
$destination_upload_baseurl = $destination_upload_dir ['baseurl'];
}}}
At this point, $source_upload_baseurl is:
{{{
http://www.mydomain.com/my-destination-blog/wp-content/uploads/sites/5
}}}
Where should be:
{{{
http://www.mydomain.com/my-source-blog/wp-content/uploads/sites/5
}}}
$destination_upload_baseurl is fine.
It seems that if get_option( 'upload_url_path' ) returns false, wp_upload_dir() makes use of WP_CONTENT_URL constant that is set to the current blog URL at the beggining of the execution (in default-constants.php):
{{{
define( 'WP_CONTENT_URL', get_option('siteurl') . '/wp-content');
}}}
This value obviously does not change when switching a blog.
" igmoweb 3.6.1 has-patch
Enhancements Awaiting Review 30976 When selecting multiple plugins and performing deactivate, keep selected for next bulk action (if any) Plugins minor enhancement new 2015-01-11T05:16:01Z 2021-08-08T06:10:37Z aubreypwd 4.2 ui/ux
Enhancements Awaiting Review 57016 When searching for a block, there is an unexpected blank space at the bottom of the Editor Editor normal enhancement new 2022-11-07T10:21:46Z 2022-11-07T22:07:52Z "With WordPress version 6.1, I observed an unexpected blank space on the editor when searching for any block.
Steps to reproduce:
- Open Gutenberg editor
- Search for a block but do not add/select it.
- Now, scroll down on the page, and see a huge white blank space at the bottom.
Screencast- https://d.pr/v/1Vl7I8" thebengalboy 6.1
Defects Awaiting Review 39196 When saving large menus the JSON encoded string was not used. related to #14134 Menus normal defect (bug) new 2016-12-09T09:24:44Z 2017-07-05T00:06:02Z "This is a follow-up to #14134.
The solution proposed in #14134 is not properly working. This is because the values of the JSON string are replacing $_POST but later on $_REQUEST was being used. The only reason it seemed to still work is because the post action of the form was populating all the variables, but still failed when the apache, php or suhosin were reached.
In the proposed solution only the JSON string, menu ID and action are submitted by post and then $_POST and $_REQUEST are populated with the data.
" budaned 4.5 has-patch
Defects Awaiting Review 55314 When saving edits to the footer in editor (beta), saving fails Editor normal defect (bug) new 2022-03-04T00:09:24Z 2022-03-04T00:09:24Z "When editing the page template, saving changes made to the footer fails while saving changes to other blocks works. When saving changes to the footer, this request
{{{
POST https://apgtest.dreamhosters.com/wp-json/wp/v2/template-parts/twentytwentytwo//footer?_locale=user
}}}
{{{
}}}
results in this response
{{{
418 I'm a teapot
}}}
" garnitchique 5.9.1
Enhancements Awaiting Review 56576 When post is switched from published to draft, create revision Posts, Post Types normal enhancement new 2022-09-15T08:35:32Z 2022-09-15T10:34:29Z "Hello,
I was thinking if it's possible to create a revision also when a post is switched from published to draft. At the moment, I was unable to see when someone switched the post status.
Looking forward to your answers.
Kind regards," denisflorin197
Defects Awaiting Review 47166 When option gmt_offset is blank, wordpress will give a 500 error Options, Meta APIs minor defect (bug) new 2019-05-07T11:05:16Z 2019-05-07T11:05:16Z "If for any reason the gmt_offset option is """", wordpress will give a type error:
A non-numeric value encountered in /wp-includes/functions.php on line 70 and 162
This can then only be solved by editing the database or reinstalling wordpress as the settings page cannot be loaded.
If a default value would be set (e.g. 0), the user can fix the problem in the settings page.
" silvanthus 5.1.1
Reporter Feedback / Close 53854 When opening Appearance/Customize, a different theme is activated, destroying all settings Customize normal defect (bug) new 2021-08-01T20:33:19Z 2021-08-02T00:16:08Z "Hi there:
Twice today, I have clicked on Appearance/Customize and the site has activated a completely different theme, destroying all my settings and necessitating a complete site restore. Twice.
The first time, I thought I'd clicked on a wrong button, but this second time I was careful.
It's definitely a bug!
Tracy Cooper-Posey
Site where the error was produced: https://StoriesRulePress.com" TracyCP reporter-feedback
Defects Awaiting Review 54805 When on the /wp-admin/network/site-settings.php network settings page, calling the update_option() always add the setting Options, Meta APIs minor defect (bug) new 2022-01-13T00:03:48Z 2022-01-13T00:03:48Z "When on the network settings (/wp-admin/network/site-settings.php), the udpate_option() used to update the changed settings always adds the settings whenever the form is submitted. So instead of firing the ""update_option"" action hook after the settings are updated, it still fires the **add_option** action hook every time!
Obviously, this should give an error but because there's a bailer when adding option using **ON DUPLICATE KEY UPDATE**, no error is shown." zenithcity 5.8.3 needs-patch
Defects Awaiting Review 58411 When Object Cache Pro plugin is enabled Cache API normal defect (bug) new 2023-05-26T03:32:24Z 2023-05-31T23:02:16Z "{{{
function update_term_cache( $terms, $taxonomy = '' ) {
$data = array();
foreach ( (array) $terms as $term ) {
// Create a copy in case the array was passed by reference.
$_term = clone $term;
// Object ID should not be cached.
unset( $_term->object_id );
$data[ $term->term_id ] = $_term;
}
wp_cache_add_multiple( $data, 'terms' );
}
PHP Warning: Undefined property: stdClass::$term_id in /.../wp-includes/taxonomy.php on line 3801
[24-May-2023 11:53:21 UTC] objectcache.error: Cache key must be integer or non-empty string, empty string given (require_once('wp-load.php'), require_once('wp-config.php'), require_once('wp-settings.php'), do_action('init'), WP_Hook->do_action, WP_Hook->apply_filters, WC_PB_Install::define_updating_constant, WC_PB_Install::is_update_pending, WC_PB_Install::must_update, WC_PB_Install::is_new_install, get_term_by, get_terms, WP_Term_Query->query, WP_Term_Query->get_terms, _prime_term_caches, update_term_cache)
}}}" danidorad0 6.2.2
Defects Awaiting Review, reported against no version 41372 when no any media. at that time this section is not usable. so Please hide when no any media. Media major defect (bug) reopened 2017-07-20T07:57:16Z 2017-11-06T06:02:03Z When no any media at that time this section is not usable. So please hide when no any media. rushabh4486 needs-patch
Reporter Feedback / Close 58381 "When logging in, the e-mail verification button ""The e-mail is correct"" doesn't accepts to let me in most of the time." Login and Registration normal defect (bug) new 2023-05-23T13:39:48Z 2023-05-23T13:58:57Z "Hi, it's been years from now that when I am logging in, the e-mail verification button ""The e-mail is correct"" is not working on almost all of the websites I'm developing. All of my websites are up to date with latest WordPress version. When I click the button, WP brings me back to login window with errors(In french) :
Erreur : le champ de l’identifiant est vide.
Erreur : le champ du mot de passe est vide.
It's a pain to not be able to tell the system the e-mail is correct. Eveytime, to log in, I click on Remind me later. But that forces me to see the e-mail verification window every time I log in to these websites." joseetremblay reporter-feedback
Defects Awaiting Review 42566 When I use wp_nav_menu I get a huge update_meta_cache query regardless of theme Menus normal defect (bug) reopened 2017-11-15T23:53:36Z 2021-01-26T02:32:23Z "Hi there,
I've got a wordpress site that's been up and running for a couple of years now. I always keep core+plugins up to date, and although I use a custom theme, I'm pretty happy with how it's working.
Recently however it started to crash regularly - and the server guys notified me that it was mysql that was causing it. So I installed Query Monitor and took a look - there was a massive query which looked like this:
{{{
SELECT post_id, meta_key, meta_value
FROM ajs_postmeta
WHERE post_id IN (11178,9677,9060,7417,7354, )
ORDER BY meta_id ASC
}}}
This was returning 20,000 rows each time the page was loading. This obviously overloaded the server during peak times and it needed rebooting.
This is the code that was causing the problem (I know this because I replaced it and the offending query disappeared)
{{{#!php
'header-menu',
'container' => 'nav',
'container_class' => 'nav-menu-holder nav-menu-landing nav-new',
'menu_class' => 'nav-menu',
'walker' => new themeslug_walker_nav_menu));
}}}
So I replaced wp_nav_menu with static HTML and the query size reduced as it was no longer calling wp_nav_menu. I thought it might have been something I'd done in my theme - so I removed the custom walker, which didn't have any effect, and played about with some settings. I tried using the recommendation here: [https://hitchhackerguide.com/2011/11/01/reducing-postmeta-queries-with-update_meta_cache]/ but that had no effect.
So the next step was to try a different menu. So I deleted my menu (which had 70/80 items in it) and added 5 new items to a new menu. That then gave the following query:
{{{
SELECT post_id, meta_key, meta_value
FROM ajs_postmeta
WHERE post_id IN (11178,9677,9060,7417,7354)
ORDER BY meta_id ASC
}}}
which is the same query as above but without the lots of additional ids - as this menu only had 5 items. This returned around 450 rows - so it's not hard to see that a menu with 70/80 items would get up to 20,000.
The last thing I tried was to change to the default theme and disable all plugins (bar Query Monitor) and tried again. I associated my test menu (with the 5 items) with the 2017 theme top menu and checked query monitor - it still showed this query:
{{{
SELECT post_id, meta_key, meta_value
FROM ajs_postmeta
WHERE post_id IN (11178,9677,9060,7417,7354)
ORDER BY meta_id ASC
}}}
with the same number of rows.
So my question is this - is this something that is a problem in core wordpress, seeing as this update_meta_cache() method seems to be creating massive queries if you have a larger than average menu - even 15/20 items would create a fairly large result set each time.
I've been googling like crazy as I really want to get this sorted - but I can't seem to find a solution, and I'm wondering if it's something in the latest release. There's no difference between browser or OS that I can see - its just something wrong (I think) with the update_meta_cache method as it relates to the wp_nav_menu function.
Anyway, happy for you to take a look at my config etc - let me know what you need. Best email to get me on is andy@weboptimize.co.uk or you can call my UK mobile on 07791-107755
Thanks
Andy" andyseaton83 4.8.3
Defects Awaiting Review 56364 When I update to 6.0.1 it hides categories, Featured image, Author selection when I want to create a post Posts, Post Types normal defect (bug) new 2022-08-11T13:35:08Z 2022-09-03T14:40:39Z "Since I updated to v6.0, when I create/edit posts, the Author, Category and Feature Image tabs on the right-hand side have disappeared.
I’ve tried disabling plugins and reactivating plugins to determine if it’s a plugin compatibility issue, but I don’t understand why it would be. But nothing worked.
My user account is a full admin.
After searching, I can see that some people have had the same or similar issue, but their solutions (deactivating plugins etc.) didn’t work for me." digital2019 6.0
Defects Awaiting Review, reported against latest stable branch 60174 When I press the write button I get an error. General normal defect (bug) new 2024-01-01T13:12:05Z 2024-01-01T21:28:11Z "I moved scspbk.com from WordPress server to Cloudways server.
If you click Write after moving, an error will occur.
I would like to solve the problem.
I have attached the URL where I uploaded the error photos and videos.
https://blog.naver.com/dlackddn83/223308797087" changwoolim 6.4.2
Defects Awaiting Review 60684 When expanding menu, on certain menu pages, menu items disappear. Administration normal defect (bug) new 2024-03-04T18:53:39Z 2024-03-04T19:07:26Z "Versions Tested: 6.5-beta3, 6.4.3.
Browser: Chromium, FF
When accessing the WP dashboard, usually the menu items are always available on the left side of the screen. But on certain pages like(Setting), when trying to expand the menu, the menu items disappear(or the user have to scroll to the top to access it). The left side becomes empty.
[[Image(https://i.ibb.co/2WHHtBg/pdajzny-I4r.png)]]
**How To Reproduce
* Open the WP dashboard and collapse the Menu.
* Click on **Settings Menu** (wp-admin/options-general.php).
* Scroll to the bottom of the Settings page.
* Expand the menu.
* Again scroll to top or bottom and the menu items appear.
" alanjacobmathew
Defects Awaiting Review 50871 When exact is true and orderby set to relevance, there is a DB error on search results page Query normal defect (bug) new 2020-08-06T20:21:56Z 2020-08-07T16:18:15Z "In search query, when `exact` is set to `true` and `orderby` set to `relevance` there is DB error
WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'DESC, wp_posts.post_date DESC LIMIT 0, 10' at line 1]
`SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts WHERE 1=1 AND (((wp_posts.post_title LIKE 'hello') OR (wp_posts.post_excerpt LIKE 'hello') OR (wp_posts.post_content LIKE 'hello'))) AND wp_posts.post_type IN ('post', 'page', 'attachment') AND (wp_posts.post_status = 'publish' OR wp_posts.post_author = 1 AND wp_posts.post_status = 'private') ORDER BY DESC, wp_posts.post_date DESC LIMIT 0, 10`
It is clear that both options together has no meaning. But it is compatibility issue between [https://wordpress.org/plugins/wp-extended-search/ WP Extended Search] and [https://wordpress.org/plugins/woocommerce/ WooCommerce]
WP Extended search has a feature to match exact sentence so it sets `exact` to `true` and later WooCommerce adds `orderby => relevance` causing this SQL error.
=== How to reproduce with just WP
* Add this code to theme or plugin
{{{#!php
set( 'exact', true );
$query->set( 'orderby', 'relevance' );
$query->set( 'order', 'DESC' );
});
}}}
* Go to front-end and make a search, you will see the error.
=== Proposed fix
Here https://core.trac.wordpress.org/browser/tags/5.4.2/src/wp-includes/class-wp-query.php#L2357
We checking if `! empty( $q['search_orderby_title'] )` is not empty but we allow to call `parse_search_order()` when `'relevance' === $q['orderby']` causing `ORDER BY DESC` in SQL query without column name.
IMHO, we should not call `parse_search_order()` when `search_orderby_title` is empty regardless of `orderby`." 5um17 dev-feedback
Defects Awaiting Review 59364 When editing Styles > Layout or Block > * > Dimensions, every possible (and unnecessary) combination of global settings is copied to custom styles Editor blocker defect (bug) new 2023-09-15T10:04:37Z 2023-09-15T10:04:37Z "In the site editor, when making changes in Styles > Layout, it looks like every possible core block style and setting is copied and saved in the custom styles (wp_global_styles).
This results in a ton of unnecessary global styles and settings, such as default colors and default font sizes, even in a theme that has defined settings.color.defaultPalette as false for example.
As far as I can tell the only styles option that triggers this are the options in Styles > Layout.
I've tried other options such as Typography, Colors, and individual block settings, and they all seem to work as expected in that the only thing saved in the custom styles is the option being edited.
No issue with WP 6.2.2
It seems this bug was introduced in WP 6.3
The Gutenberg issue for reference: https://github.com/WordPress/gutenberg/issues/53868" uxl 6.3.1
Defects Awaiting Review 58886 When editing a pattern getting console error on chrome browser Editor normal defect (bug) new 2023-07-24T07:49:43Z 2023-07-24T07:49:43Z "Chrome: Version 115.0.5790.102 (Official Build) (64-bit)
screenshot: https://prnt.sc/3XQEoNPkzv1A
" chiragrathod103 needs-patch
Defects Awaiting Review 52559 When doing JOINs for meta queries the meta_key should be in the ON clause whenever possible. Query normal defect (bug) new 2021-02-17T17:17:35Z 2021-04-26T07:45:57Z "Currently when doing `JOIN`s for meta queries the meta_key is only included in the `ON` clause if the meta compare is `NOT EXISTS`. In all other cases only the `post_id` is included.
This means that the meta key is only filtered after the JOIN is done.
Case in point, a meta_query that with 5 different keys generates the following query:
{{{#!sql
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts
LEFT JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id )
LEFT JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id )
LEFT JOIN wp_postmeta AS mt2 ON ( wp_posts.ID = mt2.post_id )
LEFT JOIN wp_postmeta AS mt3 ON ( wp_posts.ID = mt3.post_id )
LEFT JOIN wp_postmeta AS mt4 ON (wp_posts.ID = mt4.post_id AND mt4.meta_key = 'events_time_frame_end' )
WHERE 1=1 AND (
( wp_postmeta.meta_key = 'events_date_till' AND wp_postmeta.meta_value >= '20210217' )
AND
(
( mt1.meta_key = 'events_date_till' AND mt1.meta_value > '20210217' )
OR
(
( mt2.meta_key = 'events_date_till' AND mt2.meta_value = '20210217' )
AND
( mt3.meta_key = 'events_time_frame_end' AND mt3.meta_value >= '14:59:19' )
)
OR
mt4.post_id IS NULL
)
) AND wp_posts.post_type = 'events' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' OR wp_posts.post_status = 'dp-rewrite-republish') GROUP BY wp_posts.ID ORDER BY wp_postmeta.meta_value ASC LIMIT 0, 10;
}}}
This query takes 60 seconds on very well provisioned database with posts that each have 50 postmeta rows in a database with 50 million total postmeta rows.
In contrast the following query:
{{{#!sql
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID FROM wp_posts
LEFT JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id AND wp_postmeta.meta_key = 'events_date_till' )
LEFT JOIN wp_postmeta AS mt1 ON ( wp_posts.ID = mt1.post_id AND mt1.meta_key = 'events_date_till' )
LEFT JOIN wp_postmeta AS mt2 ON ( wp_posts.ID = mt2.post_id AND mt2.meta_key = 'events_date_till' )
LEFT JOIN wp_postmeta AS mt3 ON ( wp_posts.ID = mt3.post_id AND mt3.meta_key = 'events_time_frame_end' )
LEFT JOIN wp_postmeta AS mt4 ON (wp_posts.ID = mt4.post_id AND mt4.meta_key = 'events_time_frame_end' )
WHERE 1=1 AND (
( wp_postmeta.meta_value >= '20210217' )
AND
(
( mt1.meta_value > '20210217' )
OR
(
( mt2.meta_value = '20210217' )
AND
( mt3.meta_value >= '14:59:19' )
)
OR
mt4.post_id IS NULL
)
) AND wp_posts.post_type = 'events' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled' OR wp_posts.post_status = 'dp-rewrite-republish') GROUP BY wp_posts.ID ORDER BY wp_postmeta.meta_value ASC LIMIT 0, 10;
}}}
Takes 400ms and returns identical results.
I believe the cause here is that because in the first query filtering is only done after the join and each event has 50 postmeta fields MySQL is first creating a virtual table with 50^4^ ( 4 because the last JOIN does include the meta_key ) rows joined resulting in 60.000.000 total that are then filtered back down.
Adding the meta_key condition to the `ON` clause means we're only joining 1 ( or a small number in the case of the meta_key existing in multiple rows ) rows for each JOIN meaning the virtual table being created is significantly smaller thus having much better query performance.
At the very least when there is any LEFT JOIN occurring then ALL `meta_key` conditions should be moved in the `ON` clause. Although it may be simpler to always have the `meta_key` condition in the `ON` clause." herregroen needs-unit-tests
Defects Awaiting Review 58630 "When custom taxonomy assigned to ""Media"" post type and multiple images assigned to that taxonomy, then count only displaying 1" General normal defect (bug) new 2023-06-26T14:01:39Z 2023-07-04T11:49:31Z "Screenshot 1(https://prnt.sc/HoG6bAo9WqQK): as showing count shows only 1 in the admin column.
Screenshot 2(https://prnt.sc/BmGVH5LAhYwu): as shown here multiple images are assigned in ""English"" term under the ""language"" taxonomy" chiragrathod103 6.3
Defects Awaiting Review 59051 When copying multiple paragraphs, only one is copied Editor critical defect (bug) new 2023-08-10T14:35:50Z 2023-08-10T14:36:18Z When I try to copy several paragraphs to see and paste them in another site, only the first one is copied. Multiple paragraphs cannot be copied at once jose36ca 6.3
Defects Awaiting Review 55323 When an image is edited the URL of the image is not updated Media normal defect (bug) new 2022-03-06T01:31:01Z 2022-03-07T19:34:24Z "When an image is edited from the image editor, after an edit has been applied, the URL of the image is not updated due it always references back to the original image instead of referencing the image to the updated image (when the edit has been applied to all images sizes).
== Steps to replicate the problem.
1. Upload an image into the media library
2. After the image is uploaded into the media library click on Edit image
3. Apply an edit to the image, either rotate, flip or crop,
4. Make sure that the option is applied to all images sizes.
5. Click on Save
6. Observe how the URL of the image (see attached image), by clicking on Copy URL to the clipboard
7. Open the copied URL into a new tab the copied URL still references to the original image, and not the edited image instead.
" mitogh 5.9.1
Enhancements Awaiting Review 53385 "When adding a plugin/theme via ""add new plugin/theme"" it should show if the plugin/theme is translated or not" Plugins normal enhancement new 2021-06-11T14:08:02Z 2021-09-27T14:18:56Z "When you add a new plugin via the plugin menu and click on ""Add new plugin"" it should show if that plugin is translated to the site language.
Eg: show the flag or something of that nature with a checkmark or a cross...?
Of course, you could argue that if the explanation/plugin name is translated the translation is ""done"" but as a polygot for nl_BE and nl_NL myself, I can say that isn't the case. Since we have a TON of plugins where the readme isn't translated and even visa versa. " NekoJonez 5.7.2
Enhancements Awaiting Review 48299 "When ""big_images"" are automatically scaled, communicate with a UI message" Media normal enhancement new 2019-10-12T19:36:49Z 2019-10-25T15:33:39Z "The new big_image handling is done behind the scenes automagically which has a couple of downsides:
1. If a user actually wants a huge image for some reason, they’re going to be confused about what’s happening.
2. By fixing the issue for them with no communication, we’re missing out on the opportunity to better inform people about why they shouldn’t be uploading massive images to begin with.
Proposal: Add a UI message to communicate “hey, we fixed this huge image for you. Here’s why [insert link to helpful article]”
I would be happy to help contribute to such a document.
The addition of the Alt text message in the UI is a great model for how such communication can help educate and inform site owners.
" webtrainingwheels
Defects Awaiting Review 58725 What is the cancellation rate for Frontier Airlines? Gallery normal defect (bug) new 2023-07-06T09:16:11Z 2023-07-06T09:16:11Z "Frontier Airlines has a cancellation rate that varies depending on several factors. It's crucial to note that the cancellation rate can change over time due to various factors, including external events and industry trends. Frontier Cancellation Policy However, Frontier Airlines strives to maintain a reliable and punctual service for its passengers.
The specific cancellation rate for Frontier Airlines cannot be provided with absolute certainty as it is subject to change. Nonetheless, the airline aims to keep cancellations to a minimum and provides its customers with flexibility through its cancellation policy.
" skycoair 5.8.2
Reporter Feedback / Close 56483 Weird oneOf behaviour upon validation of post meta value upon GET retrieval via REST API REST API major defect (bug) new 2022-08-31T23:21:28Z 2022-12-11T15:54:52Z I've been checking for a significant amount of time with some other developers, and we can't find reasonable explanations for the behavior described here: https://wordpress.stackexchange.com/questions/409131/oneof-json-schema-validation-not-properly-working-for-custom-post-meta-value joeyojoeyo12 6.0.1 reporter-feedback
Defects Awaiting Review 48068 Weird behavior when setting hierarchical to false on the built-in taxonomy category Taxonomy normal defect (bug) new 2019-09-18T19:00:29Z 2019-09-20T17:39:10Z "When altering the taxonomy args of the built-in taxonomy category and setting hierarchical to false unexpected things started to happen - tested on a fresh install of WordPress.
{{{#!php
Import > Run Importer, then selecting ""Download and import file attachments"" on the import options, the media (what appears to be a native Featured Image in my case) does not import, and displays this following message for each failed media import:
{{{
Warning: Undefined array key ""file"" in .../wp-includes/media.php on line 1723
}}}
When looking into the matter, it appears in **wp_img_tag_add_srcset_and_sizes_attr** on line 2154 and 2155 where **wp_get_attachment_metadata** is called, which may return false, then it's sent directly into **wp_image_add_srcset_and_sizes**, where it (on 1723) tests a **preg_match** on it without testing if **$image_meta** is an array or if **key_exists**, etc.
{{{
2154 $image_meta = wp_get_attachment_metadata( $attachment_id ); // <--- returns array|false
2155 return wp_image_add_srcset_and_sizes( $image, $image_meta, $attachment_id );
}}}
{{{
1723 if ( preg_match( '/-e[0-9]{13}/', $image_meta['file'], $img_edit_hash ) // <--- $image_meta may be false
}}}
Get blame says this code has been around for over 4 years.
[https://github.com/WordPress/wordpress-develop/blame/6.4/src/wp-includes/media.php#L2138-L2159]
My scenario is importing a custom post type (that is identical to generic post type) with only WYSIWYG content and a featured image, to a local dev site on my personal computer from a public site (w/ full DNS with SSL cert), so there should not be an issue with fetching the images I believe. Either way, this error is a bug, and needs a way to fail more gracefully if the issue is else where in the Import process." shanemac10 6.4.3
Defects Awaiting Review 59573 warning: trying to access array offset on value of type bool in wp-includes/media.php Media normal defect (bug) new 2023-10-09T16:14:04Z 2023-10-26T17:04:39Z "{{{
function image_get_intermediate_size($post_id, $size = 'thumbnail')
{
$imagedata = wp_get_attachment_metadata($post_id);
// Checking whether $imagedata and $imagedata['sizes'] are real arrays.
if (!is_array($imagedata) || empty($imagedata['sizes']) || !is_array($imagedata['sizes'])) {
return false;
}
// Checking whether $size has a valid structure.
if (!is_array($size) || count($size) < 2) {
return false;
}
$data = [];
}}}
....." androidforlife 6.3.1
Defects Awaiting Review, reported against latest stable branch 60750 Warning: these pages should not be the same as your Privacy Policy page! General normal defect (bug) new 2024-03-11T20:20:54Z 2024-03-11T20:20:54Z On Settings > Reading this message appears. The Privacy Page is NOT SELECTED. The homepage is another page and that is what is selected. There is nothing else in there. OctoTooT 6.4.3
Reporter Feedback / Close 49729 Warning: fread() expects parameter 1 to be resource, bool given in \wp-includes\functions.php on line 5785 Plugins minor defect (bug) new 2020-03-30T12:47:43Z 2022-03-10T15:46:55Z "Happens in dashboard and it goes coupled with:
{{{
Warning: fread() expects parameter 1 to be resource, bool given in ...\wp-includes\functions.php on line 5785
Warning: fclose() expects parameter 1 to be resource, bool given in ...\wp-includes\functions.php on line 5788
}}}
PHP 7.4
I think it occurs mostly when one loads the dashboard after a directory's previously active plugin has been deleted from the filesystem." DrLightman 5.3.2 reporter-feedback
Defects Awaiting Review 42423 Warning in redirect_guess_404_permalink if $query->post_type is an array instead of a string Canonical normal defect (bug) new 2017-11-02T20:02:01Z 2019-02-01T12:30:46Z "I am not familiar enough with WordPress to know if this is an issue or intended.
redirect_guess_404_permalink has a block that looks like:
wp-includes/canonical.php:594
{{{#!php
// if any of post_type, year, monthnum, or day are set, use them to refine the query
if ( get_query_var('post_type') )
$where .= $wpdb->prepare("" AND post_type = %s"", get_query_var('post_type'));
else
$where .= "" AND post_type IN ('"" . implode( ""', '"", get_post_types( array( 'public' => true ) ) ) . ""')"";
}}}
This works in the case that post_type is a single value, but if it has been changed to an array of values then this looks to trigger the warning:
wp-includes/wp-db.php:1353
{{{#!php
_doing_it_wrong( 'wpdb::prepare', __( 'The query only expected one placeholder, but an array of multiple placeholders was sent.' ), '4.9.0' );
}}}" augustuswm 4.8.3
Enhancements Awaiting Review 40156 Warning for invalid hook callback is not very useful Plugins normal enhancement new 2017-03-14T23:07:39Z 2017-03-15T08:38:54Z "If you add a hook with an uncallable callback, an error like `Warning: call_user_func_array() expects parameter 1 to be a valid callback, function 'not_a_function' not found or invalid function name in` is shown.
This is technically correct, but not useful. When I say useful, I don't think it is useful to the following user profiles:
1) Non-technical user seeing errors. A non-developer might no what a WordPress hook is, but not how it works internally. Therefore they are not likely to understand this error is related to a hook. They are not given good information, and might be missing a clue as to who to ask for support (plugin or theme developer, host, etc.)
2) New developer. A developer new to WordPress might not understand yet what a hook is or that a missing callback generates this type of error. A more clear error will help guide their googling for the error and/ or help them find the issue in the code.
3) Experienced WordPress developer. When I see this error, I assume there is a non-callabale hook callback. But `call_user_func()` has other uses so it might be misleading to me.
I think it would be way more helpful if the error triggered was something like `Hook $hook_name could not call $callback` or `The callback function $hook, registered for $hook_name is not callabale`
" Shelob9 0.71
Enhancements Awaiting Review 51702 Warn of potentially poor/insecure password generation Site Health normal feature request new 2020-11-03T20:28:34Z 2021-06-01T13:48:56Z "`wp_generate_password()` is responsible for generating random strings for many things in core. To name a few, [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/class-wp-application-passwords.php?rev=49490#L49 Application Passwords], [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/setup-config.php?rev=49490#L324 Core salts] (as a fallback), [https://core.trac.wordpress.org/browser/trunk/src/wp-admin/includes/privacy-tools.php?rev=49490#L335 random file names] (Privacy), default user passwords, and more. Each scenario passes the length of the desired generated string, and whether to include 2 different sets of special characters.
In addition to being fully pluggable, there is a `random_password` filter within `wp_generate_password()` that can alter the result of the generated password. The `$length` field should always be respected and `wp_generate_password()` should never return a string shorter than requested. If this does happen, the user should be made aware that potentially insecure strings are being generated so that they can attempt to fix this." desrosj dev-feedback
Defects Awaiting Review 41857 Walker_PageDropdown doesn't set correct selected value when using value_field Posts, Post Types normal defect (bug) new 2017-09-11T17:16:16Z 2020-07-22T16:55:25Z "If the ''value_field'' is different from ID, the selected value was not set.
Function Walker_PageDropdown::start_el
{{{
if ( $page->ID == $args['selected'] )
$output .= ' selected=""selected""';
}}}
See also #32330
" it4life 4.8.1
Defects Awaiting Review 57428 Walker_Nav_Menu::start_el() $data_object is not a WP_Post Menus minor defect (bug) new 2023-01-06T11:26:26Z 2023-01-06T11:26:26Z "The inline docs for `Walker_Nav_menu::start_el()` state that the `$data_object` parameter is a WP_Post object. This isn't accurate as the object that comes in has various properties such as `$title` and `$url` which do not exist on a standard `WP_Post` object.
The docs were changed from `object` to `WP_Post` here https://core.trac.wordpress.org/changeset/38559, but it's not clear why.
Proposed solutions would be to revert this to an `object` parameter, leaving it to the developer to find out what type of object is being passed in, or an improvement would be to define an object type for a `Walker_Nav_Menu_Data_Object` (likely extending WP_Post) that documents all possible/acceptable properties that would be expected to be able to be used in a walker. " jdamner 6.1.1
Defects Awaiting Review 41882 Walker_CategoryDropdown does not wrap options inside HTML select element with wp_list_categories Taxonomy normal defect (bug) new 2017-09-14T14:57:49Z 2017-09-14T15:25:32Z "If I use `Walker_CategoryDropdown()` class to build a dropdown list with `wp_list_categories` function, the output does not get wrapped inside `... ` element. The rendered output is like this:
{{{
Comedy
Sci-Fi
}}}
when it should be like
{{{
Comedy
Sci-Fi
}}}
In order to achieve this we can add an additional parameter `html_wrapper_element` in `wp_list_categories` function and pass a value `dorpdown` in the argument like:
{{{#!php
'movies_taxonomy',
'walker' => new Walker_CategoryDropdown(),
'hide_empty' => false,
'html_wrapper_element' => 'dropdown'
);
wp_list_categories($args);
?>
}}}
and in `wp_list_categories` we add this before the $html gets returned from the function.
{{{#!php
' . $html . ' ';
}
if ( $r['echo'] ) {
echo $html;
} else {
return $html;
}
}}}
" subrataemfluence 4.8.1 has-patch
Enhancements Awaiting Review 48498 Walker_Category should also accept the `item_spacing` parameter. Taxonomy minor enhancement new 2019-11-05T08:11:19Z 2019-11-06T01:27:16Z "In WordPress 4.7 wp_list_pages(), Walker_Page and Walker_Nav_Menu were updated to accept an additional parameter `item_spacing` so that they can more robustly be styled using inline-blocks - see #27762
wp_list_categories() and Walker_Category would also benefit from accepting the `item_spacing` parameter for the same reasons." husobj
Defects Awaiting Review 40090 Walker::display_element does not populate $args[0]->has_children when it is cast as an Object Menus normal defect (bug) new 2017-03-09T23:39:09Z 2017-03-10T00:38:08Z "When using the various hooks in {{{Walker_Nav_Menu}}}, the {{{$args}}} argument is expected to have a {{{has_children}}} object property.
Walker::display_element only creates and populates this property if {{{$args[0]}}} exists and is an array.
{{{#!php
has_children = ! empty( $children_elements[ $id ] );
if ( isset( $args[0] ) && is_array( $args[0] ) ) {
$args[0]['has_children'] = $this->has_children; // Back-compat.
}
}}}
But {{{wp_nav_menu()}}} casts $args as an object ensuring that this assignment will always fail.
= Suggested Fix =
Add an additional check for object type and assign appropriately.
{{{#!php
has_children = ! empty( $children_elements[ $id ] );
if ( isset( $args[0] ) && is_array( $args[0] ) ) {
$args[0]['has_children'] = $this->has_children; // Back-compat.
} else if ( isset( $args[0] ) && is_object( $args[0] ) ) {
$args[0]->has_children = $this->has_children;
}
}}}
" JoelStransky 4.7.3
Defects Awaiting Review 59744 walk_page_tree issue - cast array to object to fix Menus normal defect (bug) new 2023-10-26T09:27:55Z 2023-10-26T16:44:27Z "`( ! ) Warning: Attempt to read property ""before"" on array in ...\wp-includes\class-walker-nav-menu.php on line 273`
`$walker->walk` expects an object but
`walk_page_tree` passes an array.
https://github.com/WordPress/WordPress/pull/679" lazardanlucian
Reporter Feedback / Close 56729 Vulnerability in plugin update notification (impersonation of plugins with possible RCE) Plugins normal defect (bug) new 2022-10-04T09:21:13Z 2022-10-04T09:32:00Z "During the development of a private plugin (not uploaded to the WordPress market https://es.wordpress.org/plugins/) with our own metadata, we noticed that the WordPress plugin update notification system informs us that an update is available for our plugin, how is this possible?
Well, the only explanation for this is that the update review system is based solely on the plugin's folder name, ignoring any authorship metadata and project URIs.
To make sure that the update system is evidently ignoring any data in the plugin's metadata, we proceed to download it (the plugin). This confirms our suspicions, the update system is only governed by the name of a directory.
Due to this lack of security in the metadata check, the only solution so far is to never activate the auto-update and to manually check each update.
If you click on the ""update now"" link, the system will install the possible malicious plugin without any confirmation.
Criticality:
HIGH [8.8] - Exploitation of this vulnerability would affect the server in remote code execution (RCE) mode. It is downgraded from critical to high because it requires human action on plugin configuration.
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected environments:
All installations with custom plugins that are not in the official WordPress marketplace.
Aggravated if the unattended updater is accidentally activated.
If a maintenance technician is unaware of the custom plugin development and hits the update button.
Conclusion:
As there is no signature checking system in the plugin update review system, there is a possibility of impersonation of our plugin if an attacker created a plugin in the official market with the same name as the directory of our custom plugin, being able to execute remote code on our server.
Temporary solution:
Disable the automatic update systems and generate plugin page with a so that no one can get to take that name to perform the impersonation.
Having today as a warning, process to request a CVE ID for the formal vulnerability write-up.
" sylm87 close
Enhancements Awaiting Review 50745 Visualisation of site health could be better Site Health normal enhancement new 2020-07-23T19:41:18Z 2020-09-21T19:34:04Z "Currently the colored circle in the dashboard widget and in the top of the Site Health-page is quite vague in my opinion. Why is it so small, and what does the thin color border communicate? It does not communicate the grade of health for me.
Just an idea: could we use a more direct way to communicate the health with better graphics? I tried a thermomether/scale with an arrow and three colors exposed all the time. With it you get an idea of where your are, and where you could be.
Thanks!
" kebbet
Defects Awaiting Review 47088 Visting wp-login.php whilst logged in logs you out Login and Registration normal defect (bug) reopened 2019-05-01T08:00:01Z 2023-10-10T00:28:18Z "I leave multiple, regularly-used WP admin tabs open in a browser window. The login sessions time out, as expected, resulting in tabs with URLs like https://example.com/wp-login.php?redirect_to=https%3A%2F%2Fexample.com%2Fwp-admin%2Fadmin.php%3Fpage%3Dfoo-bar&reauth=1
If log in on such a tab to do something, then switch to another tab that also has that type of auto-logged-out URL, I am immediately logged out of the site.
I would expect WP to realise that I am logged in and simply honour the redirect already in the URL, or at least provide the choice of logging out or going to the redirect page/dashboard." lev0 3.0
Reporter Feedback / Close 53783 Visiting Widgets Is Blocking Access To My Server Widgets blocker defect (bug) new 2021-07-26T11:46:00Z 2021-08-04T07:42:19Z "Any time I visit widgets with my current host I get blocked from visiting all of my websites on the server.
Here are the details:
triggering a mod security rule as below:
{{{
941160 Warning. Pattern match \""(?i:(?:<\\w[\\s\\S]*[\\s\\/]|\'\\"" ?)(?:on(?:d(?:e(?:vice(?:(?:orienta|mo)tion|proximity|found|light)|livery(?:success|error)|activate)|r(?:ag(?:e(?:n(?:ter|d)|xit)|(?:gestur|leav)e|start|drop|over)|op)|i(?:s(?:c(?:hargingtimechange ...\"" at REQUEST_HEADERS:Referer. [file \""/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf\""] [line \""199\""] [id \""941160\""] [msg \""NoScript XSS InjectionChecker: HTML Injection\""] [data \""Matched Data: \x0d\x0a 2021-07-24 18:22:36
}}}" inkwellcd 5.8 reporter-feedback
Reporter Feedback / Close 58502 Visiting /wp-admin/options-permalink.php causing Fatal Error Permalinks normal defect (bug) new 2023-06-09T10:05:47Z 2023-06-28T15:48:07Z "I'm using WordPress 6.2.2 on PHP 8.1.x
`Fatal error: Uncaught ValueError: Unknown format specifier ""<"" in /wp-admin/options-permalink.php:38 Stack trace: #0 /wp-admin/options-permalink.php(38): sprintf() #1 {main} thrown in /wp-admin/options-permalink.php on line 38`
Here is the WordPress Health Status:
{{{
### wp-core ###
version: 6.2.2
site_language: bn_BD
user_language: bn_BD
timezone: Asia/Dhaka
permalink: /%postname%/
https_status: true
multisite: false
user_registration: 0
blog_public: 1
default_comment_status: open
environment_type: production
user_count: 1
dotorg_communication: true
### wp-paths-sizes ###
wordpress_path: /home/PATHTRUNCATED
wordpress_size: 685.79 MB (719102256 bytes)
uploads_path: /home/PATHTRUNCATED/wp-content/uploads
uploads_size: 584.80 MB (613205338 bytes)
themes_path: /home/PATHTRUNCATED/wp-content/themes
themes_size: 7.46 মেগাবাইট (7824982 bytes)
plugins_path: /home/PATHTRUNCATED/wp-content/plugins
plugins_size: 121.31 MB (127206397 bytes)
database_size: 25.04 MB (26253129 bytes)
total_size: 1.39 GB (1493592102 bytes)
### wp-dropins (1) ###
maintenance.php: true
### wp-active-theme ###
name: Twenty Fifteen (twentyfifteen)
version: 3.4
author: ওয়ার্ডপ্রেস টিম
author_website: https://wordpress.org/%20
parent_theme: none
theme_features: core-block-patterns, widgets-block-editor, automatic-feed-links, title-tag, post-thumbnails, menus, html5, post-formats, custom-logo, custom-background, editor-style, editor-styles, wp-block-styles, responsive-embeds, editor-color-palette, editor-gradient-presets, customize-selective-refresh-widgets, custom-header, widgets
theme_path: /home/PATHTRUNCATED/wp-content/themes/twentyfifteen
auto_update: off
### wp-themes-inactive (1) ###
Twenty Twenty-Three: version: 1.1, author: the WordPress team, automated updates is turned off
### wp-mu-plugins (1) ###
InfiniteWP - Client Loader: version: 1.0.1, author: Revmakx
### wp-plugins-active (1) ###
Maintenano: version: 0.0.1, author: nanodesigns, automated updates is turned off
### wp-media ###
image_editor: WP_Image_Editor_GD
imagick_module_version: not found
imagemagick_version: not found
imagick_version: not found
file_uploads: File uploads is turned off
post_max_size: 8M
upload_max_filesize: 2M
max_effective_size: 2 মেগাবাইট
max_file_uploads: 20
gd_version: 2.3.3
gd_formats: GIF, JPEG, PNG, WebP, BMP, AVIF, XPM
ghostscript_version: 9.25
### wp-server ###
server_architecture: Linux 4.18.0-348.20.1.lve.1.el7h.x86_64 x86_64
httpd_software: LiteSpeed
php_version: 8.1.18 64bit
php_sapi: litespeed
max_input_variables: 1000
time_limit: 180
memory_limit: 128M
admin_memory_limit: 256M
max_input_time: 60
upload_max_filesize: 2M
php_post_max_size: 8M
curl_version: 7.87.0 OpenSSL/1.1.1p
suhosin: false
imagick_availability: false
pretty_permalinks: true
htaccess_extra_rules: true
### wp-database ###
extension: mysqli
server_version: 10.3.39-MariaDB
client_version: mysqlnd 8.1.18
max_allowed_packet: 268435456
max_connections: 151
### wp-constants ###
WP_HOME: undefined
WP_SITEURL: undefined
WP_CONTENT_DIR: /home/PATHTRUNCATED/wp-content
WP_PLUGIN_DIR: /home/PATHTRUNCATED/wp-content/plugins
WP_MEMORY_LIMIT: 40M
WP_MAX_MEMORY_LIMIT: 256M
WP_DEBUG: true
WP_DEBUG_DISPLAY: true
WP_DEBUG_LOG: false
SCRIPT_DEBUG: false
WP_CACHE: false
CONCATENATE_SCRIPTS: undefined
COMPRESS_SCRIPTS: undefined
COMPRESS_CSS: undefined
WP_ENVIRONMENT_TYPE: undefined
DB_CHARSET: utf8mb4
DB_COLLATE: undefined
### wp-filesystem ###
wordpress: writable
wp-content: writable
uploads: writable
plugins: writable
themes: writable
mu-plugins: writable
}}}" wzislam 6.2.2 close
Reporter Feedback / Close 47268 Vimeo videos not working on Chrome audrasjb Widgets normal defect (bug) reviewing 2019-05-14T18:19:54Z 2019-09-06T19:27:03Z "I noticed that if you use the Video widget to add a video from Vimeo, it will not work in Chrome browsers (at least on Mac). It works fine in other browsers. Visually, a second set of video controls appear on top Vimeo's video controls. Confirmed this on different servers, with different sites, and with different themes.
Steps:
1. Go to Appearance > Widgets or Appearance > Customize,
2. Add Video widget
3. Click ""Add Video,"" then ""Insert from URL,"" then enter a Vimeo URL.
4. Visit a page on Chrome which has that widget.
5. Observe that pressing play has no effect." luciantucker reporter-feedback
Reporter Feedback / Close 53935 Vimeo oembed force player with large height on blog post Embeds minor defect (bug) new 2021-08-16T17:08:49Z 2021-08-18T19:46:11Z "Hi,
When embedding a Vimeo Video Player on a blog post, the admin automatic embed display the player correctly but the published version have height that is way bigger than the player.
How to reproduce :
- create a new blog post
- insert text before
- embed a Vimeo video with link : player.vimeo.com/video/VIDEOID
- insert text after
- publish post
-> the vimeo video player is with large blank space on top and bottom
More details :
Seems like this is the iframe code on the WP Public page :
>> this width / height seems large and does not seems to come from the site theme either.
" Trouffman 5.8 reporter-feedback
Defects Awaiting Review 53934 Vimeo embed working in admin and not on post when using private link Editor normal defect (bug) new 2021-08-16T16:48:19Z 2021-11-03T13:39:07Z "Hi,
Issue :
Vimeo Embed link does not appear in the post (not even in the source code of the blog post) when using private link.
Current Behavior :
When copy/pasting a ""private video link"" from Vimeo into the WordPress Post editor (default one) the embed is done automatically, but does not display / work on the post once published.
Expected behavior :
Copy/paste the Vimeo link to wordpress, emebed is done autoamtically, when publishing video is visible ont he blog page.
How to reproduce :
- Get a Vimeo ""private link"" to a video
- Paste the Private link to a new blog post
- (WP will Auto embed the vimeo videpo player)
- publish post
- Post does not contain the video.
- If you edit the same blog post, the video is in there.
How to solve (workaround)
> Embed the vimeo player as an ""embed"" link using the ""player.vimeo.com/video/VIDEOID"".
What is causing the problem ?
From my experience & debugging : This behavior is mostly with Vimeo ""private link"".
Wordpress will automatically embed even is you copy the private link and it will work in the admin (and if you are connected on your vimeo account). But this will not show up on the page/blog post once published.
Embed expect the following : player.vimeo.com/video/VIDEOID
The private link is : vimeo.com/VIDEOID/RANDOMUNIQUEIDHERE
The vimeo page via private link is providing the info for oembed (json & xml) in its source.
(first time submitting a bug report here. Edit if required.)" Trouffman 5.8
Defects Awaiting Review 48656 Views details blocked by SAMEORIGIN Plugins major defect (bug) new 2019-11-15T19:43:41Z 2019-11-17T17:19:12Z "Hello,
On multisite, the ""view detail"" link on this page /wp-admin/plugins.php (in each plugin) is bloked by an error
{{{
Chargement refusé par X-Frame-Options : « SAMEORIGIN » à l’adresse « https://example.com/wp-admin/network/plugin-install.php?tab=plugin-information&plugin=loco-translate& », le site ne permet pas l’utilisation de cadres multiorigines depuis « https://example.com/wp-admin/plugins.php ».
}}}
" sebastienserre 5.3 needs-patch
Defects Awaiting Review 58714 View post link issue in post/article listing screen Posts, Post Types normal defect (bug) new 2023-07-05T10:04:19Z 2023-07-05T10:04:19Z "Hello,
View post or permalink not generated when ""public"" argument is ""false"" in custom post type but ""View"" link show in post/article listing screen if ""public"" argument is ""false"" so It should be not shown in listing screen" hiren1094
Defects Awaiting Review 45853 Videos embedded in a plugins readme.txt does not load while searching for a plugin in an actual WP install (not wp.org) Plugins normal defect (bug) new 2019-01-07T16:06:38Z 2022-03-07T15:37:45Z "If you embed a video within your plugins readme.txt file it only shows the video on the wp.org website, videos do not load when you're searching for a plugin via an actual WordPress install. In addition, if you install a plugin and click on ""View Details"" to learn more about the plugin, the video also does not load here either. Inspect element shows an empty span tag:
{{{
}}}
This should either embed the video or at the least display a link to the video.
Here's an example plugin for reference: https://wordpress.org/plugins/simple-icons/" thememason 5.0.2 needs-patch
Defects Awaiting Review 51468 Video widget with youtube link doesn't work properly Widgets normal defect (bug) new 2020-10-07T13:38:44Z 2020-11-27T15:58:31Z "If I add a video widget with a youtube link inside of it to the Twentytwenty's footer, watching the video full-screen makes it to be black, even after i minimize the window to its original state (only sound works). I tried to do the same with the Neve theme, and the video inside the widget worked, but clicking on youtube commands (share, more videos, etc.) doesn't work, only responds like i clicked the video and pause it.
How the widget works with Twentytwenty theme:
https://www.loom.com/share/67a6253e8f3740baa40a6cc0bde4b715
How the widget works with Neve theme:
https://www.loom.com/share/2d1a9eb1e1d94fd6b18fbacff0fa7e30" irinelenache
Enhancements Awaiting Review 28367 Video upload failure is a dead end Upload normal enhancement new 2014-05-26T15:41:46Z 2019-05-15T21:15:44Z """VID_1234.mp4 exceeds the maximum upload size for this site.""
That's what you see on most hosts when trying to upload a video, even one only a few seconds long. This is a dead end that could be so much more helpful. Just a link to a codex page on how to bump upload_max_filesize and post_max_size or install a video plugin would be welcome, but this seems a place where we should aspire to greater smoothness." ryan 3.9.1
Defects Awaiting Review 42718 Video shortcode needs muted attribute for Autoplay to work with Safari 11.0.1+ Shortcodes normal defect (bug) new 2017-11-27T21:31:45Z 2020-07-10T10:19:58Z "Safari 11.0.1 disables autoplay on everything that isn't muted by default. Link here:
https://techcrunch.com/2017/06/05/auto-play-block/
Chrome will disable it starting next year:
https://arstechnica.com/tech-policy/2017/09/google-chrome-block-auto-play-video/
For this reason, if we're including the autoplay attribute in the video shortcode, we should add a muted attribute to make it a useable shortcode.
Other than a code change, we should also update the docs about the shortcode here:
https://codex.wordpress.org/Video_Shortcode
How to test this now:
Get on Safari 11.0.1 (or greater)
Create a post with a video shortcode and an autoplay tag.
Go to the front end version and see that it won't play.
" deeptiboddapati 3.6 has-patch
Defects Awaiting Review 53944 Video resolution in portrait orientation Media normal defect (bug) new 2021-08-17T14:17:33Z 2021-08-17T17:07:51Z "Hi!
I uploaded mp4 video file having portrait orientation and found that attachment metadata contains swapped width and height parameters. I see that WP is using getID3 library to read video metadata and found that it can detect when video is rotated.
I used following filter to fix that:
{{{#!php
addChild( $name, '', 'http://www.google.com/schemas/sitemap-image/1.1' );
foreach ( $value as $child_name => $child_value ) {
$parent->addChild( $child_name, esc_xml( $child_value ) );
}
}}}
Proposed $sitemap_entry structure:
{{{#!php
home_url('/') . $listing->slug,
'image' => array(
'loc' => 'http://example.com/image.jpg'
),
'video' => array(
'thumbnail_loc' => 'http://www.example.com/thumbs/123.jpg'
)
);
}}}
" constructivemedia 5.5
Reporter Feedback / Close 56181 Video alignment off - items aligned left when they should align center General normal defect (bug) new 2022-07-08T14:44:49Z 2022-07-10T05:49:15Z All video elements at our website (ncchagerstown.org) are aligning left when they should align center. Any help is greatly appreciated! justinclemente close
Enhancements Awaiting Review 48899 Verification admin email again after just changed/updated email? Login and Registration normal enhancement new 2019-12-06T08:03:07Z 2019-12-06T14:21:41Z "Show the admin email varification after logged in, user is want to change the admin email.
1. Logged in.
2. Show the **verification admin email**.
3. Click the ""Update"".
4. Change the admin email on admin options setting screen.
5. Get the confimation email.
6. Update the admin email.
7. Logged out.
8. Logged in.
9. **Verification admin email again**.
I think add the admin email check internal when just update admin email." gqevu6bsiz 5.3
Defects Awaiting Review 57615 Various comment functions reporting error when `get_comment()` returns `null` Comments minor defect (bug) new 2023-02-02T21:14:08Z 2023-03-08T16:06:06Z "While working on #53290 I noticed that if the function `get_comment_author_link()` is called with no value passed into it or if an invalid comment ID is passed into the function an error is thrown on the return filter:
{{{
Trying to get property 'comment_ID' of non-object
wp-includes/comment-template.php:242
}}}
While gathering information to report this I also noticed several other functions in the same file, `wp-includes/comment-template.php` will suffer from the same or a similar issue:
+ `comment_author()`
+ `get_comment_author_email()`
+ `comment_author_email()`
+ `get_comment_author_IP()`
+ `comment_author_url()`
+ `get_comment_excerpt()`
+ `comment_excerpt()`
+ `get_comment_type()`
Some of the functions in this file, `get_comment_author()` for example, store the comment ID as a variable and pass that into the return filter:
`$comment_ID = ! empty( $comment->comment_ID ) ? $comment->comment_ID : $comment_ID;`
I'm currently working on writing tests since most of the functions I'm mentioned don't have existing test coverage.
I'm also uploading a patch with my proposed solution. If this seems like the right direction to go I'll add changes to the remaining functions and update the patch (and tests)." thomasplevy has-patch
Enhancements Awaiting Review 40150 VARCHAR/TEXT inefficiencies Database normal enhancement new 2017-03-14T00:45:10Z 2017-03-14T00:45:10Z "From conversation with Matty Cohen, a selection of structural improvement suggestions, for performance and future-proofing. Note that these aspects have recently been applied to WooCommerce already, resulting in a much optimised/modernised default table structure.
Current some of the TEXT and VARCHAR use in WP Core appear to be based on old information - that is, restrictions and behaviour from MySQL versions long ago. This has consequences for performance.
First, VARCHAR.
In MySQL 4.0, VARCHAR used to be restricted to 255 max. In MySQL 4.1 character sets such as UTF8 were introduced and MySQL 5.1 supports VARCHARs up to 64K-1 in byte length. Thus, any occurrence of VARCHAR(255) indicates some old style logic that needs to be reviewed.
Why not just set the maximum length possible? Well...
A VARCHAR is subject to the character set it's in, for UTF8 this means either 3 or 4 (utf8mb4) bytes per character can be used. So if one specifies VARCHAR(50) CHARSET utf8mb4, the actual byte length of the stored string can be up to 200 bytes.
In stored row format, MySQL uses 1 byte for VARCHAR length when possible (depending on the column definition), and up to 2 bytes if necessary. So, specifying VARCHAR(255) unnecessarily means that the server has to use a 2 byte length in the stored row.
This may be viewed as nitpicking in the margin, however storage efficiency affects the number of rows that can fit on a data page and thus the amount of I/O required to manage a certain amount of rows. It all adds up, so having little unnecessary inefficiencies will cost - particularly for larger sites.
Best practice is to set VARCHAR to the maximum necessary, not the maximum possible - otherwise, as per the above, the maximum possible is about 16000 for utf8mb4, not 255 - and nobody would propose setting it to 16000, would they? But it's not much different, in stored row space a VARCHAR(255) requires a 2 byte length indicator just like VARCHAR(16000) would.
So please review VARCHAR columns and set their definition to the maximum actually necessary, this is very unlikely to come out as 255. If 255, why not 300? Or rather 200? Or 60? Setting a proper number indicates that thought and data analysis has gone into the design. 255 looks sloppy.
On to TEXT.
TEXT (and LONGTEXT) columns are handled different in MySQL/MariaDB. First, a recap of some facts related to TEXT columns.
The db server often needs to create a temporary table while processing a query. MEMORY tables cannot contain TEXT type columns, thus the temporary table created will be a disk-based one. Admittedly this will likely remain in the disk cache and never actually touch a disk, however it goes through file I/O functions and thus causes overhead - unnecessarily. Queries will be slower.
InnoDB can store a TEXT column on a separate page, and only retrieve it when necessary (this also means that using SELECT * is needlessly inefficient - it's almost always better to specify only the columns that are required - this also makes code maintenance easier).
A TEXT column can contain up to 64k-1 in byte length (4G for LONGTEXT). So essentially a TEXT column can store the same amount of data as a VARCHAR column (since MySQL 5.0), and we know that VARCHAR offers us benefits in terms of server behaviour. Thus, any instance of TEXT should be carefully reviewed and generally the outcome is to change to an appropriate VARCHAR.
Using LONGTEXT is ok, if necessary. If the amount of data is not going to exceed say 16KB character length, using LONGTEXT is not warranted and again VARCHAR (not TEXT) is the most suitable column type.
Applications don't need to care, so the db definition can be altered without any application impact.
Summary:
Particularly when combined with the best practice of not using SELECT *, using appropriately defined VARCHAR columns (rather than VARCHAR(255) or TEXT) can have a measurable and even significant performance impact on application environments. It is a worthwhile effort." arjenlentz 4.7.3
Defects Awaiting Review 42288 Validation of custom menu link Menus normal defect (bug) new 2017-10-20T05:38:04Z 2018-06-14T13:40:20Z "1. go to menus page
2. try to add custom menu link with label only. without a URL.
expected and actual result: validation failed and link cannot be added.
1. go to menus page
2. add custom menu link with label and URL: '#'
3. save menu
4. edit the custom link from the menu and remove the URL.
5. click save
expected result: validation failed and menu won't be saved.
actual result: menu saved. no validation." dvirhazout 4.8.2 needs-patch
Defects Awaiting Review 53821 Validation Error for Block that Isn't in Use - Multisite Env Autosave normal defect (bug) new 2021-07-29T00:22:38Z 2022-01-25T15:10:53Z "I work with a pretty big multisite environment (45 sites) hosted with WP Engine. I work on a local environment, then push to staging (WPE Engine), then push to production. Currently, local and staging use WordPress 5.8, but I haven't updated production yet. On staging and local, the browser console shows the error below. Production does not show the error. The error shows in the page editor -- always. When I am adding a new page and haven't entered a title or added a block; when I open a page that doesn't have the block mentioned in the error; and when I'm working on a page that does use the block. The pages work fine. The block seems to work fine. But I'm kind of anal when it comes to errors and warnings in the console.
The error says that is was generated by the ""Save"" function. I believe it must be the autosave function as the error appears as soon as a new or existing page is loaded into the editor. No active ""save"" action as to take place.
This is the error/message from the console:
*** BEGIN MESSAGE ***
Block validation: Block validation failed for `core/quote` ({name: ""core/quote"", icon: {…}, keywords: Array(2), attributes: {…}, providesContext: {…}, …}).
Content generated by `save` function:
""Contributing makes me feel like I'm being useful to the planet.""
— Anna Wong, Volunteer
Content retrieved from post body:
""Contributing makes me feel like I'm being useful to the planet.""
— Anna Wong, Volunteer
*** END MESSAGE ***
As you can see from the error/message, there is reference to some placeholder version of the quote block. But when I look in the template and block libraries, I see no such placeholder text. Neither the core quote block nor the core pullquote block (as seen in the block library) contains a placeholder quote by Anna Wong.
I searched the database. The main site (site #1) contains a couple of records in the _sitemeta table with this meta key: _site_transient_wp_remote_block_patterns_...
Those records contain the placeholder quote that appears in the error message.
The function generating the message gets printed to the file's output source:
function() {
window._wpLoadBlockEditor = new Promise( function( resolve ) {
wp.domReady( function() {
resolve( wp.editPost.initializeEditor(...
That function seems to be generated by wp-admin/edit-form-blocks.php
Since this error is only occurring on local and staging (which use v 5.8) and not on production (5.7.2) I'm reluctant to upgrade production right now.
Sorry for the long read... Anyone else experiencing this or know what to do about it?
Thanks!" tinamar 5.8
Defects Awaiting Review 41736 validate_file function will always return error for file paths in windows dev environments Plugins normal defect (bug) new 2017-08-27T18:50:51Z 2017-08-30T16:30:16Z "In Windows dev environments such as WAMP or XAMPP a file path always contains a colon after a drive letter, so all plugins making conditional checks with `validate_file()` would fail.
" lechdulian 4.8 has-patch
Enhancements Awaiting Review 58311 Validate Username for not to be a email and strip everything after @ Login and Registration normal enhancement new 2023-05-14T18:09:52Z 2023-08-15T12:07:25Z "Right now it is possible to register user and place full email as Username and username is not supposed to be changed after. When site administrator is adding someone manually, it can be done easily as a mistake and reviling author's email for everyone to see and can be picked up from authors archive as well. Display name can be changed after, but it needs to be done manually, by default Username, Nickname and the Display name are equal.
If some people already have @ in their usernames (and I think I've seen that somewhere), the only thing which can be done about this is to filter the Display name before output and strip the @ and everything after." oglekler dev-feedback
Enhancements Awaiting Review 38432 Validate user creation and email change by token Login and Registration normal feature request new 2016-10-21T13:34:31Z 2018-01-17T11:57:10Z "When you register on a wordpress site or when you change your email, we can use a fake email (or error entry) and it create ghost profile. I see 36 bad profile in 2 month on a website.
If an email is send with a validate links (token), the profile or the email change can be executed.
It secure correct data.
Thanks
" lriaudel 4.9 needs-unit-tests
Defects Awaiting Review 45387 Valid HTML get mangled on the frontend Editor normal defect (bug) new 2018-11-20T18:12:49Z 2023-11-22T15:40:07Z "Open the HTML editor, paste this HTML code
{{{
To make this thing happen, go to Pages an aria label"">http://google.com
}}}
And preview the post in frontend.
The HTML is a big mangled in the output, the link don't show up properly.
I suspect that it's related to one of `the_content` filters.
Reproduced in 4.9.8" youknowriad has-patch
Defects Awaiting Review 58505 Using WORDPRESS_DB_HOST variable Cannot connect to the database, must be configu General major defect (bug) new 2023-06-10T07:07:08Z 2023-11-18T13:21:13Z "I use kubernetes to run wordpress, and configure the WORDPRESS_DB_HOST variable, but it can not connect to the database, manually configure the database IP can be, mast have i to manually configure?
I also tried using docker and 'WORDPRESS_DB_HOST' didn't work either.
The image I used is wordpress:php8.2" chentc 6.2.2 needs-patch
Defects Awaiting Review 58486 Using WordPress 5.7.8 (but also all other more recent branches) - characters are stripped through TinyMCE Copy paste from Word TinyMCE normal defect (bug) new 2023-06-08T09:44:51Z 2023-06-08T09:44:51Z "Hi
Using WordPress 5.7.8 (but also all other more recent branches) - characters are stripped through TinyMCE Copy paste from Word.
Under conditions: Bulleted list, from word, pasted, containing a dot at the end of the word.
Detailed descpription with fix here:
https://github.com/tinymce/tinymce/issues/3480
https://github.com/aautio/tinymce/commit/b5f4db5a8377d2beb9ca3a1a7164587b280acbf4
Seems implemented in TinyMCE since March 31 2021, however the update of TinyMCE editor has not yet been included in current WordPress versions.
Can this still be applied?
Kind regards,
Ralph Gortzen
Application manager Atos.net Group site.
" rgortzen 5.7.2 needs-patch
Defects Awaiting Review 40870 Using underscore in meta box id field metabox is not working correctly General normal defect (bug) new 2017-05-26T11:52:17Z 2017-05-26T17:49:18Z "To reproduce this issue: 1. Create a meta box with an id that has underscores(id_with_underscores). 2. Try to put the box after the title. Nothing happens. Replace the underscores with dashes and everything works as expected.
{{{#!php
Test
col_meta never gets populated Database normal defect (bug) new 2023-11-08T14:04:37Z 2023-11-08T19:20:09Z "I have a non-core table with a binary column that I use for selects and deletes (it's an efficient way to store UUIDs). I've noticed that whenever I attempt to do select from it, WP does a relatively expensive SHOW FULL COLUMNS FROM query, which seems to be uncachable. I've been attempting to use the pre_get_table_charset filter to get around this, but this then caused problems when get_col_charset() runs in the same call. It seems that inside get_table_charset() there is the line $this->col_meta[ $tablekey ] = $columns; which appears to be the only place that col_meta is ever populated. But it wont be populated for that table if you use the hook, so if something like this then runs:
{{{#!php
// If still no column information, return the table charset.
if ( empty( $this->col_meta[ $tablekey ] ) ) {
return $this->table_charset[ $tablekey ];
}
}}}
as it does in get_col_charset() then things just break. col_meta for that table is not populated and neither is table_charset. I'm too stupid to work out the best way to fix this I'm afraid.
" c0ntax 6.3.3
Defects Awaiting Review, reported against no version 40393 Using remove_action within an action callback skips over execution of other callbacks with lower priority Plugins major defect (bug) new 2017-04-07T16:01:05Z 2020-07-07T14:23:02Z "Description:
When remove_action is used by an action callback to remove itself from the list of callbacks, this results in all callbacks hooked with the immediately lower priority to be skipped by apply_filters.
Here is simple code to demonstrate:
{{{#!php
First Run';
echo '';
do_action('custom_action');
echo ' ';
echo 'Second Run ';
echo '';
do_action('custom_action');
echo ' ';
}
public function callback_1()
{
echo ""Callback 1\n"";
}
public function callback_2()
{
echo ""Callback 2\n"";
remove_action('custom_action', array($this, 'callback_2'));
}
public function callback_3()
{
echo ""Callback 3 - Priority 20\n"";
}
}
$runner = new Sample;
$runner->test();
}}}
The output is:
First Run
Callback 1
Callback 2
Second Run
Callback 1
Callback 3 - Priority 20
The expected output should be:
First Run
Callback 1
Callback 2
Callback 3 - Priority 20
Second Run
Callback 1
Callback 3 - Priority 20
The net effect of this issue is that a plugin using remove_action in that way will break another, totally unrelated plugin, if they both add actions on same tag, with different prorities.
WooCommerce is using this method, it uses remove_action inside a pre_get_posts action callback. This broke our Accelerated Mobile Pages plugin when doing AMP pages for WooCommerce.
This was reported to [https://github.com/woocommerce/woocommerce/issues/14092 WooCommerce here], but it was then suggested it was a core issue.
'''Additional notes''':
- all callbacks must '''object methods'''. The problem does not occur if callbacks are functions.
- the callback using remove_action must be the only registered callback for that priority level
{{{#!php
labels->archives
" shamai 5.4.2
Defects Awaiting Review 31751 Using PgDn and PgUp keyboard keys in the editor scrolls both post edit box and the whole viewport Editor normal defect (bug) new 2015-03-24T16:42:26Z 2020-11-24T06:13:57Z "The editor in WordPress 4.1 is great, and the whole sticky sidebar is a great improvement, but editing using Page Down and Page Up keys as part of the workflow is some of the most frustrating experience one can have because they control both the cursor in the post edit box and the page itself.
For example, if I go into a short post, put the cursor at the beginning of the post, and press Page Down, I'm going to end up with this: [[Image(http://i.imgur.com/CZr3FXQ.png)]]
At this point, I can only see a tiny sliver of the post because the page has scrolled too.
This is similar to #30919, except I'm not talking about the distraction-free mode, which I almost never use.
Windows 8.1 on Chrome 42 beta, but this behavior has been the same for as long as I can remember." archon810 4.1.1 needs-patch
Enhancements Awaiting Review 48880 Using JSON.parse instead of an actual object literal when localizing scripts Script Loader normal enhancement new 2019-12-05T00:34:18Z 2019-12-06T20:17:43Z "As the V8 team at Google stated in their ""The cost of JavaScript in 2019"" [https://v8.dev/blog/cost-of-javascript-2019#json]"" blog post using {{{JSON.parse()}}} is generally faster (~18%) for configuration object literals such as the output of the localize method of the WP_Scripts class.
As the output of the localize method is already rendered using {{{wp_json_encode()}}} the change would be quite trivial and backward compatible.
Added a diff with additional changes to the block editor init script using the same method." naxvog has-patch
Reporter Feedback / Close 47817 Using file editor ignores schema and always uses http Filesystem API normal defect (bug) new 2019-08-01T22:52:15Z 2023-03-11T03:26:19Z "When editing a template/theme or plugin file with the WordPress file editor, the internal loopback which I assume uses wp-json does not honor the schema of the siteurl.
For example:
Siteurl: https://kinsta.com
The request will come through as http://kinsta.com
If SSL is forced at the server level, this will force the https:// schema.
This was recently discovered and was failing because a user's SSL intermediate chain was missing, so the site would edit fine without HTTPS forced, but with SSL forced it would fail.
We were able to identify the chain issue due to this error occuring when force HTTPS was enabled in Nginx:
```Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.```" jeffpaulkinsta 5.2.2 reporter-feedback
Defects Awaiting Review 55133 Using an array containing a single object as first $arg in do_action() Plugins normal defect (bug) new 2022-02-10T07:55:43Z 2022-06-17T09:36:19Z "When passing an array containing 1 single object as the first argument of `do_action()`, the array is automatically flattened and all functions triggered by the hook will receive a single object as the first argument (instead of an array).
**Example:**
{{{#!php
$var = [
(object) [
'key' => 'name',
'value' => 'Pierre',
]
];
do_action( 'hook_name', $var );
}}}
Any function hooked to `hook_name` receives this first argument:
{{{#!php
stdClass Object
(
[key] => name
[value] => Pierre
)
}}}
…instead of an array containing this object.
I've found that this is because of some **PHP4** backward compatibility in the `do_action()` function:
{{{#!php
} elseif ( is_array( $arg[0] ) && 1 === count( $arg[0] ) && isset( $arg[0][0] ) && is_object( $arg[0][0] ) ) {
// Backward compatibility for PHP4-style passing of `array( &$this )` as action `$arg`.
$arg[0] = $arg[0][0];
}
}}}
This is a weird and unexpected behavior, could we add an additional condition in this `elseif` in order to check for the PHP version to apply this hack?" pskli dev-feedback
Defects Awaiting Review 47211 using amp in search show all post / pages with the & Query normal defect (bug) new 2019-05-10T08:50:16Z 2019-05-10T13:19:59Z "as the & is a & i get all pages in the search result with a &, when searching for an amp. this happens on various wordpress page where a & is in the name. but as a result, this is wrong.
i found this bug, as i'm building a page for a lending company, lending amp (amplifiers)." paolo_wp
Defects Awaiting Review 51868 Using a SVG as featured image covers admin panel Options, Meta APIs normal defect (bug) new 2020-11-24T18:39:22Z 2020-11-24T18:39:22Z "Hello,
I'm using a SVG as featured image in a page. When I select it the image covers (overflows) the UI.
I'm attaching a screenshot for reference and a SVG file for testing.
Thank you,
Kostas" gasmas75 5.5.3
Reporter Feedback / Close 46352 Using a single quote locks up UI Customize normal defect (bug) new 2019-02-26T20:52:41Z 2021-12-15T06:11:40Z "Using the latest versions of WP and WC, and the Twenty-Sixteen theme while updating the appearance, and entering the Site Header Tagline, I tried to use a single quote.
The entire UI locks up and goes to la-la land.. After a few Chrome says ""this page is unresponsive...""
Thought maybe someone might like to know about it..
Havent tried other themes or text lines..
Thanks
" grampysbbq reporter-feedback
Defects Awaiting Review 40521 Using a custom query var on a static front page results in wrong $post Posts, Post Types normal defect (bug) new 2017-04-21T20:52:36Z 2017-04-22T09:15:03Z "'''Steps to reproduce:'''
* Create a page and make it the static front page
* Add a new query var via filter in theme's functions.php: `add_filter( 'query_vars', function( $vars ) { array_push( $vars, 'buggy' ); return $vars; } );`
* Open the front page setting the newly added query var (e.g. ""https://example.com/?buggy=yep"")
'''Result:''' displays the latest blog post
'''Expected result:''' displays front page" mechter 4.7.4
Defects Awaiting Review 54268 Using `author_name` in URL parameter gives unexpected results when logged into contributor account Query minor defect (bug) new 2021-10-14T22:22:48Z 2021-10-14T22:22:48Z "When logged into a contributor account, and trying to view the post listing on the dashboard of an administrator user, the query changes unexpectedly when the URL uses the `author_name` parameter rather than the default url.
Assuming a user ID of 1 for an administrator user, and a user ID of 2 for a contributor user:
When logged into the contributor account, and displaying the admin user's posts in the dashboard, the URL looks like this and works as expected:
`/wp-admin/edit.php?post_type=post&author=1`
The main query is:
{{{
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1
AND wp_posts.post_author IN (1)
AND wp_posts.post_type = 'post'
AND (wp_posts.post_status = 'publish'
OR wp_posts.post_status = 'future'
OR wp_posts.post_status = 'draft'
OR wp_posts.post_status = 'pending'
OR wp_posts.post_author = 2
AND wp_posts.post_status = 'private')
ORDER BY wp_posts.post_date DESC
LIMIT 0, 20
}}}
But if the URL is switched to the username of the administrator user, example, admin, like this `/wp-admin/edit.php?post_type=post&author_name=admin` or even just `/wp-admin/edit.php?author_name=admin` I would expect the same results, but they are different:
{{{
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1
AND wp_posts.post_author IN (2)
AND (wp_posts.post_author = 1)
AND wp_posts.post_type = 'post'
AND (wp_posts.post_status = 'publish'
OR wp_posts.post_status = 'future'
OR wp_posts.post_status = 'draft'
OR wp_posts.post_status = 'pending'
OR wp_posts.post_author = 2
AND wp_posts.post_status = 'private')
ORDER BY wp_posts.post_date DESC
LIMIT 0, 20
}}}
The `IN (2)` and the `OR wp_posts.post_author = 2` here is unexpected, because the 2 is the user ID of the contributor user that is logged in, and it isn't relevant to a query for the posts of user ID 1 (admin).
For comparison, when logged into the administrator's account, this query looks like this:
{{{
SELECT SQL_CALC_FOUND_ROWS wp_posts.ID
FROM wp_posts
WHERE 1=1
AND (wp_posts.post_author = 1)
AND wp_posts.post_type = 'post'
AND (wp_posts.post_status = 'publish'
OR wp_posts.post_status = 'future'
OR wp_posts.post_status = 'draft'
OR wp_posts.post_status = 'pending'
OR wp_posts.post_status = 'private')
ORDER BY wp_posts.post_date DESC
LIMIT 0, 20
}}}
To replicate:
1. Create two users, one with the administrator role, and another with a contributor role.
2. Publish a post for the admin user.
3. While logged into the contributor user's account, view the administrator user's posts in the dashboard. The link will look like `/wp-admin/edit.php?post_type=post&author=1`. Take note of the main query and the search results.
4. Alter the url to look for the username of that administrator user, in this format: `/wp-admin/edit.php?post_type=post&author_name=admin`. Check the main query and search results again.
This appears to be coming from the `get_posts` function in the wp-includes/class-wp-query.php file.
This is a low severity issue that I stumbled upon while investigating a Co Authors Plus [https://github.com/Automattic/Co-Authors-Plus/issues/820 issue], a plugin that uses the `author_name` in the URL. However, even when that plugin is not installed, the above described behavior is replicable." lschuyler 5.8.1
Enhancements Awaiting Review 48241 Using `add_theme_support( 'custom-background' )` enables both background color and background image. Themes normal enhancement new 2019-10-07T18:30:09Z 2019-10-30T08:10:47Z "Both custom color and custom image options for appear in the customizer when `add_theme_support( 'custom-background' )` is defined. In some instances it is designer preference to have no custom color option or no custom image option. Currently it is not possible to have one or the other - it is both or none.
The code responsible for this is here: https://github.com/WordPress/wordpress-develop/blob/5.2/src/wp-includes/theme.php#L2535-L2545
It could be adjusted to first detect a newly added default value before adding the support. That way would keep it working in a backwards compatible way while allowing others to pick and choose which their theme supports going forward." williampatton
Defects Awaiting Review, reported against no version 37832 Using ?p=xxx on a posts page with an invalid post ID does not return a 404 status Posts, Post Types normal defect (bug) new 2016-08-25T23:06:41Z 2019-04-19T15:20:07Z "Steps to replicate:
- Create a page and set it as the posts page.
- Visit this page with ?p=123456 (an invalid ID) added.
WordPress will return whatever 'no results found' message you have in the theme, but with a 200 status.
The handle_404 function seems to have been set up to always give a 200 status if is_home() returns true. This should not apply if you're overriding the query in some way via the URL.
Somehow many of these URLs have been detected by Google on a site of ours and are being reported as soft 404s. How they were found is one thing, but WordPress should not be returning a 200 status regardless." smerriman
Defects Awaiting Review 40335 using 'pre_get_terms' is confusing when it comes to ordering by meta Query normal defect (bug) new 2017-04-02T09:41:03Z 2019-10-12T00:18:14Z "There's a `pre_get_terms` hook. One might think that it works in the same way how `pre_get_posts` works, but it doesn't.
I wanted to order terms by a meta field, so I did something like this:
{{{#!php
query_vars;
$args = [
'meta_key' => 'my_meta_key',
'orderby' => 'meta_value',
'order' => 'ASC',
];
$query->query_vars = array_merge($queryVars, $args);
});
}}}
And for `pre_get_posts` this technique would work. But with `pre_get_terms` it's different. Digging into `WP_Term_Query` class code I found that this code would cause `parse_orderby()` method to set the `$maybe_orderby_meta` variable to `true`. But it doesn't mean that terms will be sorted by a meta field. It only means that terms '''maybe''' will be sorted by meta.
There's an another filter required. At the end of the `parse_orderby()` method there's an another filter applied: `get_terms_orderby`.
So in order to sort terms by meta field there's one more thing required. Something like:
{{{#!php
remove_cap('delete_pages');
$role->remove_cap('delete_others_pages');
$role->remove_cap('delete_published_pages');
});
}}}
The administrator role is now unable to delete pages EXCEPT the page that is set as the homepage, which they are still able to trash.
It appears this bug exists in v4.7 onwards. In 4.6.1 I see the expected behaviour: this code prevents an administrator from trashing any pages, including the page set as the homepage." robdxw
Defects Awaiting Review 50072 Users with email addresses containing a single quote cannot reset their passwords Users major defect (bug) new 2020-05-04T09:28:31Z 2020-05-05T11:27:55Z "I just found that users with a single quote in their email addresses cannot reset their passwords.
This happens because there is a difference in the email addresses compared by the wp_insert_user() function.
Take a look at this example.
I have a user with an email address equal to **daniel.o'brian@gmail.com**
When he tries to reset his password, he receives the reset key, but his activation key is not stored in the database.
Looking at lines 1805-1808 of the file users.php I found the problem:
{{{
if ( $update ) {
if ( $user_email !== $old_user_data->user_email || $user_pass !== $old_user_data->user_pass ) {
$data['user_activation_key'] = '';
}
}}}
In the above code the variable $user_email is **daniel.o'brian@gmail.com**, but the $old_user_data->user_email is escaped and appears to be **daniel.o\'brian@gmail.com**, so there isn't the match and user activation key is cleared.
Can you confirm and provide a fix?
In the meantime, I can change this behavior by escaping the $user_email myself in the filter wp_pre_insert_user_data which is a few lines above the checking, I guess.
Thanks!" daniele.perilli 5.4 needs-unit-tests
Defects Awaiting Review 54102 Users with email address's containing & shows up as HTML & breaking certain connectivity Users normal defect (bug) new 2021-09-09T11:01:47Z 2021-09-23T08:53:21Z "The email address is set to tes&123@go6.co.uk but WordPress back end-user panel is treating it as tes&123@go6.co.uk which is causing malformed results when trying to perform other actions we need.
See screenshot - https://i.snipboard.io/VHAgmO.jpg" waynep16 5.8 needs-patch
Enhancements Awaiting Review 58854 Users should be able to reset their user preferences to default Users normal feature request new 2023-07-19T17:41:45Z 2023-07-26T20:15:50Z "I work with many end users of the block editor and one thing that has come up frequently is sometimes their user preferences settings have created a view state of the editor that makes it difficult to find a certain feature and gets confusing when we are training them.
What I'm hoping for is an option to reset a user's preferences. This would reset all options under Preferences back to default, reset any other toggle they have (full screen, toolbar, etc.)
Ideally both a user and an admin would be able to access this function. Thanks for the consideration!
Related: https://wordpress.org/support/topic/reset-a-users-preferences-ie-block-editor-preferences/" bozzmedia
Defects Awaiting Review 47674 Users forbidden to confirm email changes Users normal defect (bug) new 2019-07-10T16:15:54Z 2019-07-10T17:05:55Z This is the same problem as #38451, and I believe the solution is similar, except that it has to be done in wp-includes/user.php jean-gui 5.2.2
Defects Awaiting Review, reported against no version 39773 Users Can Wrongly Set a Custom Page Template when front-page.php is in Use Themes normal defect (bug) new 2017-02-02T23:56:47Z 2017-04-27T14:16:43Z "If you try to set a custom page template in a theme that uses a `front-page.php`, `front-page.php` always wins. This is expected, but a user doesn't know that. They're still able to save the page, and it looks like it should work, but on the front end, `front-page.php` wins, and they may be left confused.
Discovered while researching #39299.
Steps to reproduce:
1. Activate Twenty Seventeen.
2. Set the front page to a static page.
3. Create a page template.
4. Assign it to the static page being used as the front page.
5. Save.
6. Visit front end – the template isn't used.
What I expected?
At the very least – WordPress doesn't save this change, and provides an error message. Better: The page template selection box doesn't show up in this case because setting a template when the front page is a static page and a theme has `front-page.php` isn't possible." davidakennedy
Defects Awaiting Review, reported against no version 22367 "Usernames with ""@"" char are assumed email addresses, causing incorrect look-up in several places" johnjamesjacoby Users normal defect (bug) reviewing 2012-11-06T00:45:19Z 2022-08-01T19:50:23Z "'''Problem'''
Usernames containing the ""@"" character are mistakenly assumed to be email addresses when:
* wp-login.php - Resetting passwords
* /wp-admin/user-new.php - Adding an existing user to a site, in multisite
* /wp-includes/user.php - Searching for a user
----
'''Duplicate'''
* Create a user with the login ""@testing""
* Verify the account, etc...
'''Bug in Search'''
* Visit: wp-admin/network/users.php - attempt to search for: ""@testing""
* Result: no users found
* What should happen: find the user
'''Bug in Add New'''
* Visit: wp-admin/wp-admin/user-new.php - attempt to add: ""@testing""
* Result: no users found
* What should happen: add the user
'''Bug in Reset Password'''
* Visit: wp-login.php - attempt to reset password for: ""@testing""
* Result: retrieve_password() accidentally succeeds, because strpos() check returns 0, which is the correct position of the ""@"" character. If the username was ""testing@"" this test would fail
----
'''Solution'''
The attached patch fixes these bugs by using is_email() instead of an strpos() for an @ character." johnjamesjacoby has-patch
Enhancements Awaiting Review 44690 Username should not accept space Users normal enhancement new 2018-08-01T11:19:00Z 2021-02-27T16:17:02Z "The `username` field accepts `space`, not leading or trailing ones though. Space is usually not in the list of accepted characters.
I am not sure if it is there in purpose. Ideally it should not accept this character.
`Username` also accepts `@`, which is not an issue. But the problem starts when the username looks like an email address! When sending verification requests for Export and Erase private data the issue can be noticed.
However, if `username` has to accept `@`, WordPress should first check whether it is validating email address pattern. If it does, I think that should be reported rather than allowing it to get saved.
I explained the above issue in #44683." subrataemfluence dev-feedback
Defects Awaiting Review 46625 username and password automatically change to dexter Database normal defect (bug) new 2019-03-24T07:32:46Z 2019-03-24T10:18:13Z "Dear sir,
username and password automatically change to dexter
" ram181 4.9.1
Enhancements Awaiting Review 34927 user_url and user_email length too short Users normal enhancement new 2015-12-09T06:26:38Z 2018-05-14T19:32:04Z "I have been adding users to my client's site with no issues, until I got to a user with a .edu email address. I add the user details as normal. Click the Add New User button and get the message ""New user created"". No error message at all. But the user has not been created. I tried 3 times, same result. I have turned off all plugins and changed to the wordpress default theme (2015). Same issue.
What I expect to happen: When I add a user I expect them to be added to the Users list.
What happens: when I add a user with a .edu email address, there is no error message, I get message ""New user created"", but the user is not in the user's list. These users should also appear in the Author drop down in posts (because they are added with Author role), but the new user does not appear in the Author dropdown eiither.
Using Firefox 42.0 on Mac OS X Yosemite.
Same issue happens with Safari 9.0.1 on Mac OS X Yosemite. " DonnaMiller dev-feedback
Defects Awaiting Review 43734 user_profile_update_errors hook needs work-around to validate a to-be updated email address Users normal defect (bug) new 2018-04-10T19:56:47Z 2020-02-24T12:12:27Z "The 'user_profile_update_errors' hook can be used to (in)validate (custom added) fields in the user_profile before these fields are saved.
As far as I know, the 'best-practice' to do this is, is by accessing the field using it's name in {{{$_POST}}}. Grab it's value, do your thing and if this results in an error, add an error message to the $errors object and prevent the field from being saved to the database.
This does not work with the email field anymore (since WordPress version 4.9.0?), because {{{$_POST['email']}}} is reset to the current value in the database in the function {{{send_confirmation_on_profile_email()}}}. See: [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/user.php#L2792 wp-includes/user.php]
The reset of {{{$_POST['email']}}} to the current email address in the database prevents the 'best-practice' of accessing a field's value through {{{$_POST}}} because the new email address is now gone from {{{$_POST}}}.
'''Why is there a reset on $_POST?
'''
''My assumption is:''
Resetting {{{$_POST['email']}}} to the current email address in the database is needed, because of the new flow in WordPres in which WordPress requests a user's confirmation of a proposed email change (by sending an email to the new address and requesting the user to clink a link to confirm the change) before saving the new email address.
Therefor the value in the form should (at least temporarily) not be changed until the user has confirmed the change in email address. The chosen solution is such that the new email address is temporarily saved in a user meta field with the name '_new_email' including a hash. This is then processed upon when the user clicks on the link in the email requesting the email change.
'''
'''Solution'''
I don't have a good solution yet and by submitting this ticket I hope more people can have a look at this issue.
For now I'd suggest to update docs to include detailed information on how to use the user meta field {{{_new_email['newemail']}} instead of {{{$_POST['email']}}} in the user_profile_update_errors hook.
" BjornW
Defects Awaiting Review 38897 user_email with & (ampersand) being encoded within the database making notifications fail Users normal defect (bug) new 2016-11-22T01:24:45Z 2019-06-04T18:11:13Z "Hello,
It seems WordPress does some encoding on the email field which causes issues as the encoded email is stored in the database and causes notifications to fail as it's no longer a valid email.
The specific email i noticed this with had an ampersand (&) within the email, the following is a bogus one to illustrate;
johnny&joey@telus.net
This is apparently a valid email according to telus.net (as the email exists there, not that exact one of course) and according to IETF Trust as shown in this stack overflow answer;
http://stackoverflow.com/a/2049510
Anyway, if you register a user with an email containing & it will encode it into the database and fail to deliver the password notification.
The following should NOT be encoded;
""Characters ! # $ % & ' * + - / = ? ^ _ ` { | } ~
Character . (dot, period, full stop) provided that it is not the first or last character, and provided also that it does not appear two or more times consecutively.""
Thank you" garrett-eclipse 4.6.1
Defects Awaiting Review 43071 User without the ability to publish are unable to edit post status Editor normal defect (bug) new 2018-01-11T21:46:21Z 2021-12-10T05:34:24Z "If a user is able to edit a post but unable to publish a post, they can change the post status from the `wp-admin/edit.php?post_type=post_type` page using the quick edit dropdown feature. However, if the user goes to the `wp-admin/post.php?post=ID&action=edit` page, they are unable to edit the post status.
User who are able to edit post_type should be able to do so from the post edit page." NathanAtmoz needs-unit-tests
Defects Awaiting Review 49345 User with admin privileges cannot edit some pages/posts Role/Capability normal defect (bug) new 2020-02-02T20:05:29Z 2020-02-02T20:05:29Z "It happened to me when I deleted the admin user with ID = 1 and moved all its posts and pages to another user with admin privileges. As soon as I did it, some older pages could not be edited anymore (only seen or deleted).
In order to regain control of those pages, I had to patch wp-includes/capabilities.php as follows:
{{{
function current_user_can( $capability, ...$args ) {
$current_user = wp_get_current_user();
if ( empty( $current_user ) ) {
return false;
}
if ($current_user->has_cap(‘create_users')) return true; // line added
return $current_user->has_cap( $capability, ...$args );
}
}}}
" malamiao 5.3.2 needs-patch
Reporter Feedback / Close 57882 User that has capability to create user can make only administrator. Security normal defect (bug) new 2023-03-07T20:58:47Z 2023-03-07T23:58:11Z "I have user role ""Manager"" that has capabilities:
add users
create users
delete users
edit users
list users
remove users
That users should be able to create users with different roles except administrators (they doesn't have ""promote users"" capability)
When manager opens Add new user page he doesn't see dropdown with roles and created user becomes administrator." dangerd512 6.1.1 reporter-feedback
Enhancements Awaiting Review 34316 User status inconsistent between single-site & multisite Users normal enhancement new 2015-10-15T19:00:15Z 2017-09-27T15:30:10Z "The way a user's status is defined in WordPress differs between single-site and multisite:
* In single-site, the `user_status` column is used
* In multisite, there are two additional columns for `spam` and `deleted`
Not only this, but the `update_user_status()` function is multisite only, and the `user_status` column is an integer without an API to help announce what values equate to what results.
On the plus side, user statuses aren't really ever used in core. Marking users as spammers in multisite installations is the only real benefit of this feature as it exists today. I'd like to propose the following:
* Stop creating the the `spam` and `deleted` columns in `wp_users` on new installations
* ALTER the `user_status` column from `INT(11)` to `VARCHAR(20)` ala `wp_posts`
* A bevy of `wp_register_user_status()` like functions to introduce bonafide support for them
* A database upgrade routine to move user status `0` to `active` and `1` to `spammer`
* A new index on the `wp_users` table for the updated `user_status` column type. We may need a few, based on how users are commonly queried in core, BuddyPress, etc...
* Update the `WP_User` and `WP_User_Query` classes to suss out any `user_status` inconsistencies
A few considerations worth noting:
* Large installations would need to manually perform these DB upgrades. I'm embarrassed to say I've personally frozen WordPress.org for several minutes years ago by missing a `DO_NOT_UPGRADE_GLOBAL_TABLES` check on the `wp_users` table
* Several plugins use their own values in the `users_status` column, assuming their numeric ID is unique and special. The authors of these plugins would need notifying, and their code updating to support the above ideas
* This work *could* parlay into the Post Status API that's on infinite back-burner. There are some really excellent ideas floating around about how `post_status` could work that would translate nicely to users, too" johnjamesjacoby 1.5 needs-unit-tests
Defects Awaiting Review 41725 User Search Box disappears if searched with 0 (zero) Users normal defect (bug) new 2017-08-25T11:44:12Z 2017-08-25T12:07:15Z "If I search users with ""0"" in search box, the '''search box disappears''' after the search is performed and there is no way of doing another search without reloading user list or going back!
If I enter any other value like 999999, -200, xyz etc. no user is fetched, which is fine. But the search box remains visible. It only disappears for `0`.
Line nos. 347 and 348 in /wp-admin/includes/class-wp-list-table.php has this:
{{{#!php
has_items() )
return;
...
}
}}}
If I understand correctly, according to [https://developer.wordpress.org/reference/classes/wp_list_table/search_box/] and [https://developer.wordpress.org/reference/classes/wp_list_table/has_items/], (`&& !$this->has_items()`) looks whether the table has items to display or not, where the first link is responsible for rendering the search_box.
So when I enter such a value for which there will no record fetched, should not render the search box after search is performed, but as I said, it is happening only for `0`
Commenting out the above if block prevents search box from disappearing. The search box should remain visible irrespective of values entered into it." subrataemfluence 4.8.1 has-patch
Enhancements Awaiting Review 57398 "User roles are reset to ""All"" tabs when performing bulk actions on certain user roles." General normal enhancement new 2022-12-29T14:11:19Z 2023-02-17T08:41:22Z "Whenever bulk actions are performed on certain roles and applied, the page reloads back to the ""All"" roles. This makes performing Bulk Actions on certain roles tedious if we have to do it multiple times as we need to switch to the role again.
Issue Video Link => [https://share.cleanshot.com/wSHt0nxqtGWkFlPgsq8h]
" aezazshekh dev-feedback
Reporter Feedback / Close 43796 User Role with integer role name not showing in admin filter list Users normal defect (bug) new 2018-04-18T08:38:58Z 2024-01-17T19:20:54Z When we create a new user role using add_role function and role name is an integer then assign that role to users and that role will not display on top of User listing. aiyaz 4.9 reporter-feedback
Defects Awaiting Review 47064 User Profile Users normal defect (bug) new 2019-04-28T08:50:00Z 2019-05-03T10:39:52Z "Hi, there is a bug when updating someone's user's profile by leaving a required field blank.
Example leaving the nickname field as blank, it will show some error that you need to fill out the field. But when you refresh the page, the page will be ""Invalid user ID."". The ?user_id in the url has been removed.
Thank you" jdan21 5.1.1 has-patch
Defects Awaiting Review 44921 User nicename discovery is slow to return Users normal defect (bug) new 2018-09-08T12:12:26Z 2019-01-07T01:51:33Z "In the function `wp_insert_user` it checks to is if the user nicename is in use by another user before saving. This is because, a nicename should is required to be unique. Unlike usernames, however, that rejects already in use usernames, if first checks to see if the nicename is in uses, then runs a while loop to try and find the next available nicename with a suffix. So nicename jonny becomes jonny_2 if jonny is already in use.
The behaviour is fine, however it uses a while loop to find the next available nicename, which can result in an extremely high number of queries. Take the following use case.
You have a script that generates 10000 test users for a site. The call to wp_insert_user, passed `'user_nicename' => 'test_user'`. Within the function call, it will run the while loop and find next available nicename. By the 9999th call, it would have to loop around 9999 to find the next slot, making the return of wp_insert_user extremely slow.
For testing scripts and sites with lots of registered users, this could make `wp_insert_user` almost unusable. " spacedmonkey 2.0 has-patch
Defects Awaiting Review 54481 User list doesn't honor allow_password_reset filter Users minor defect (bug) new 2021-11-21T06:52:23Z 2021-11-23T21:13:27Z "In WP 5.7 or so, the user list (Users - All Users in the admin section) began to display a ""Send password reset"" link for users (other than yourself). On many of my sites, I have a filter like this:
`add_filter('allow_password_reset', '__return_false');`
(I use an outside authentication system, so the WP-local passwords aren't used for anything, and most users can't get to WordPress' own login screen anyway.)
I expected the above filter also to suppress the links in the user list, but this appears not to be the case.
The patch for this is simple enough (a few lines of new code around line 279 in wp-admin/includes/class-wp-users-list-table.php), but before I write and test it, is this the best approach to fix this bug? i.e. is there anyone expecting that the ''allow_password_reset'' filter only applies to users doing self-service password resets, as opposed to admins sending resets on behalf of other users? If that's the case, this probably should be a separate filter or define of some sort." desmith 5.8.2
Defects Awaiting Review 59324 User list Users normal defect (bug) new 2023-09-11T11:22:54Z 2023-09-13T03:40:28Z "Hello,
I have the site and operates well. But suddenly, the Users menu from dashboard, I can not see the users list even I've loggined as a admin.
[[Image(https://imgur.com/a/NxdJG85)]]
From the back-end, it seems there are the data in there, but seems the front-end is not displaying the list.
Is there any similar case reported?
So far, I deactivated all plug-in, but no sucess. I have checked the wp-admin/users.php file but no problem.
Please let me know where I can look for. Thanks.
" kylechoi 5.2.2 dev-feedback
Enhancements Awaiting Review 23391 User in contributor role can add images to post only via the text editor Role/Capability normal enhancement new 2013-02-05T07:34:26Z 2018-10-03T12:18:01Z "1. Create a user with contributor role
2. start new post with it
3. notice there is no ""add media"" button anywhere
4. switch to text editing
5. use the img button to insert a URL to a valid img on the web
6. request approval for the post
7. let admin/editor approve it
8. go the the post's URL and notice that the image is shown
So, it is not that contributors are not allowed to use images, it is just that WP makes it hard to do so.
Either HTML needs to be sanitized and have all img tags removes for contributors, or access to the media library should be allowed for contributors denying only access to uploading. I vote for the second option." mark-k needs-patch
Defects Awaiting Review 52976 user emails comparison should be case insensitive Users normal defect (bug) new 2021-04-06T00:08:20Z 2023-06-29T03:39:02Z "In [https://core.trac.wordpress.org/browser/tags/5.7/src/wp-includes/user.php#L2188 user.php] for WordPress 5.7, email update comparisons are case sensitive. Is there a specific reason for this? Because emails are case insensitive. Here is the line that does that:
{{{
#!php
if ( isset( $userdata['user_email'] ) && $user['user_email'] !== $userdata['user_email'] )
}}}
Can the function:
{{{
#!php
strcasecmp
}}}
be used instead? The problem is that there is a plugin that uses the function:
{{{
#!php
wp_update_user
}}}
And it would send a notification for email change even if it was the casing of the characters only.
Thanks for your time and consideration" asaifm 4.3 has-patch
Reporter Feedback / Close 47833 "User deletion: Using the link ""deletion"", one won't be asked about what to do with this users content after deletion" Users normal defect (bug) new 2019-08-04T18:24:07Z 2019-08-04T21:18:25Z "Hi WP-Team!
There are two ways how deletions of users are being handled by WordPress:
1) If you delete a user by selecting ""delete"" underneath the username, the user will be deleted.
2) If you insted first select the users name and then select ""Bulk action/delete"" (via drop-down), you will be asked about what you'd like to do with the users contents after deletion.
The expected behaviour would be, that one is always being asked about what to do with the users contents after deletion.
Cheers,
Kai
" kosmicon 5.2.2 reporter-feedback
Defects Awaiting Review 43033 User can not see updated Icon in editing Menu with live preview Menus normal defect (bug) new 2018-01-06T06:48:54Z 2018-02-05T14:06:38Z "Bug: User can not see updated Icon in editing Menu with live preview
Attachment for steps: https://www.screencast.com/t/jOBHlmVeUTdO
Steps:
1. Navigate to Appearance->Menus from left rail
2. Select ""Menu with Live preview""
3. Select Menu and click on 'Add Items""
4. Sect ""Pages"" and add some page, User can see that ""+"" icon is changed to Tickmark sign
5. User will remove it from menu,Now User can not see previous symbol again to add
Thanks" nilamacharya 4.9.1 needs-patch
Defects Awaiting Review 48508 User cache needs to be cleaned after updating user_activation_key via wpdb Users normal defect (bug) new 2019-11-06T10:27:32Z 2019-11-06T10:27:32Z "The r45716 has replaced direct SQL query for getting `user_activation_key` for `get_user_by` function call. However, it `get_user_by` takes advantage of cache and may return a cached user object.
In case a WP install is using a persistent cache backend (memcache, redis ...), a direct update of `user_activation_key` via `$wpdb->update` (eg.: done by a plugin), would not invalidate the cache, and newly added activation key would then get rejected as invalid.
There are some plugins / pieces of code out there, which are performing the direct SQL update and which might stop working under mentioned conditions (persistent cache backend). Eg.:
* https://plugins.trac.wordpress.org/browser/bnfw/tags/1.7.5/includes/overrides.php#L97
* https://plugins.trac.wordpress.org/browser/sailthru-widget/tags/3.3.0/sailthru_mail.php#L115
* https://github.com/haekalby/fkp/blob/442fec37333faba4e1a84a346ca5384bee54138/wp-content/themes/forumengine/includes/core/class-email-confirmation.php#L92
* https://github.com/localymine/medican/blob/da89cb3354c3fe6139caa562a7063dae870cf4da/wp-content/themes/medican-child/woocommerce/myaccount/resetpassword.php#L13
A hotfix for the issue in affected plugins/code would be to call `clean_user_cache` function or use the `get_password_reset_key` function or `wp_update_user`, which, since r45714, uses `wp_update_user`, and thus is properly clearing the caches." david.binda
Enhancements Awaiting Review 47237 Used different escape function on options-media.php Media trivial enhancement new 2019-05-11T16:02:00Z 2019-05-11T16:33:37Z "I have checked the options-media.php file and found two different escape function.
Example:
{{{
1) "" class=""regular-text code"" />
2) "" class=""small-text"" />
}}}
" dilipbheda has-patch
Defects Awaiting Review 56506 Used default separator style in editor but It's showing Wide Line Separator style in My Patterns Editor normal defect (bug) new 2022-09-04T06:36:36Z 2023-10-30T16:35:53Z "I have an issue on pattern design submission. While submitting my pattern, I have used default style separator but I'm getting Wide line style Separator in frontend in current WordPress Version. I did not understand what have I missed.
Used Separator
https://tinyurl.com/2lpyuja4
Frontend Separator
https://tinyurl.com/2nd2k8by" rohit900 6.0.2
Reporter Feedback / Close 54182 Use wp_unslash() for $_REQUEST Parameter in wp-admin/admin-post.php file General normal enhancement new 2021-09-25T11:13:03Z 2021-09-30T20:56:30Z Need to use the `wp_unslash()` for `$_REQUEST['action']`, you can see screenshot. yagniksangani 5.8.1 reporter-feedback
Reporter Feedback / Close 48085 use wp_safe_redirect() function Administration normal defect (bug) new 2019-09-20T10:23:31Z 2019-09-20T17:40:08Z dkarfa close
Enhancements Awaiting Review 52390 Use specific page for postpass Login and Registration normal enhancement new 2021-01-28T17:49:55Z 2021-01-28T17:49:55Z "Currently postpass uses wp-login.php which causes 3 problems:
1) If you want to monitor/rate/investigate logins to the site, this is mixed with postpass submissions.
2) if you want to limit access to wp-login through the webserver, this affects postpass
3) even if allow ?action=postpass to be widely accessible, ""action"" can be overriden via POST to login / reset passwords etc.
Since postpass is not a real website login and may be used by non-members of the site, i suggest that postpass gets its own page like /postpass.php where only postpass requests can be done." briandd
Enhancements Awaiting Review 45839 Use site meta for blog details Networks and Sites normal enhancement new 2019-01-05T06:32:13Z 2020-03-29T18:18:06Z Currently details about each site is received from each site's options. This means, that every time a WP_Site object is loaded, it may end up calling switch_to_blog. This is expensive and wasteful. This fields should be cached in site meta, which will improve load times and makes it easier to manage. spacedmonkey 4.6 dev-feedback
Enhancements Awaiting Review 39613 Use Shift + Delete to bypass Trash/Prompt Administration normal feature request new 2017-01-17T08:24:39Z 2017-07-10T16:10:59Z "There are times where deleting many single items is necessary, but the bulk edit interface isn't desirable. For these situations, it might be nice to have a Shift + Delete interface, that bypasses the warnings and sends items straight to being permanently deleted.
bbPress is my current example of this, where it's not uncommon to want to cherry-pick several topics/replies for different bulk actions in the same view, or mass-delete topic tags where dozens of spam tags exist and clicking ""Delete"" in every action-row brings up a dedicated prompt.
Yes, you can check the boxes and use Bulk Edit to delete them, but UX wise that approach requires a bit more planning than you usually want to do when you're in cleanup mode. It isn't comfortable to queue up a bunch of internal todo's just to moderate a queue of topics & replies, but it does feel comfortable to have identified something needing doing, and to be able to do that think as quickly as possible." johnjamesjacoby
Enhancements Awaiting Review 41054 Use sargable date filtering where possible Database normal enhancement new 2017-06-15T07:54:13Z 2017-06-15T12:13:22Z "Currently, many queries generated by WP use post_date in a non-sargable fashion, namely by filtering based on the output of a MySQL function taking post_date as a parameter.
These can be easily rewritten to use the index on post_date without, to my eyes, breaking anything to boost performance.
Here's an example:
{{{
MariaDB [blog]> EXPLAIN SELECT * FROM blog.wp_posts WHERE YEAR(post_date) = 2017;
+------+-------------+----------+------+---------------+------+---------+------+------+-------------+
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra |
+------+-------------+----------+------+---------------+------+---------+------+------+-------------+
| 1 | SIMPLE | wp_posts | ALL | NULL | NULL | NULL | NULL | 2684 | Using where |
+------+-------------+----------+------+---------------+------+---------+------+------+-------------+
}}}
vs
{{{
MariaDB [blog]> EXPLAIN SELECT * FROM blog.wp_posts WHERE post_date >= ""2017-01-01"" AND post_date < ""2018-01-01"";
+------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+
| id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra |
+------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+
| 1 | SIMPLE | wp_posts | range | post_date | post_date | 8 | NULL | 262 | Using index condition |
+------+-------------+----------+-------+---------------+-----------+---------+------+------+-----------------------+
}}}
This optimization can be applied to any comparison between post_date and an already known parameter (from query_var). The only time it wouldn't be possible would be when comparing a portion of the date of two different posts (e.g. WHERE MONTH(x.post_date) == MONTH(y.post_date))
It's not much, but it's something. " ComputerGuru needs-patch
Enhancements Awaiting Review 44032 Use random_bytes() for generating keys and salts Upgrade/Install trivial enhancement new 2018-05-09T23:21:52Z 2018-05-12T09:06:46Z "While auditing WordPress for remote queries the servers make, I noticed the generation of salts in wp-admin.php is wasteful with an unnecessary loop inside a loop. If the system php supports random_int it also supports random_bytes.
Attached patch generates 64 byte (512 bit) salts without needed the 64 round loop inside the 8 round loop loop." alicewondermiscreations has-patch
Enhancements Awaiting Review 41451 Use pretty permalinks by default in the test suite Build/Test Tools normal enhancement new 2017-07-26T21:16:09Z 2018-10-19T11:13:58Z "There are 118 instances of `$this->set_permalink_structure( ... )` in the test suite. The majority of these calls are present simply to enable pretty permalinks, regardless of the permastructure for posts.
Pretty permalinks should be enabled by default for the test suite. Let's try it and see if anything breaks." johnbillion needs-unit-tests
Reporter Feedback / Close 55853 Use of unsanitized data in wp_ajax_dashboard_widgets() Widgets major enhancement new 2022-05-27T05:39:19Z 2022-05-27T17:37:18Z "In the ""wp-admin/includes/ajax-actions.php,"" there are much data that is unsanitized. Below is one example of it. I think it is good to sanitize all the fields properly to avoid unwanted scenarios.
{{{
$pagenow = $_GET['pagenow'];
if ( 'dashboard-user' === $pagenow || 'dashboard-network' === $pagenow || 'dashboard' === $pagenow ) {
set_current_screen( $pagenow );
}
switch ( $_GET['widget'] ) {
case 'dashboard_primary':
wp_dashboard_primary();
break;
}
}}}
Here the $_GET fields are used without any sanitization.
" hilayt24 close
Enhancements Awaiting Review 57725 Use of rand() function instead of wp_rand() Filesystem API normal enhancement new 2023-02-15T11:14:13Z 2023-06-21T11:00:43Z "Filesystem API function {{{wp_edit_theme_plugin_file}}} using PHP {{{rand()}}} function rather than WP's {{{wp_rand()}}}. Can we enhance this as {{{rand()}}} is discouraged?
File path: wp-admin/includes/file.php
Line: 524 and 526
" haritpanchal dev-feedback
Defects Awaiting Review 52738 Use of get_object_vars() in sanitize_post() and WP_Post constructor does not handle null byte Posts, Post Types normal defect (bug) new 2021-03-09T14:56:39Z 2023-10-04T08:36:17Z "In places where get_object_vars is used to loop over an objects properties and then trying to access them null bytes are not handled.
There is an old bug-report (from me) for map_deep #47164 but now we are experience this in other places too; in sanitize_post and in the constructor of class-wp-post.
This is totally destroying our business and I don't know what to do. Since I reported the issue for map_deep I have had to manually patch formatting.php every time there is a WordPress update. But now, trying to handle all the places get_object_vars is used in hopeless.
Best approach to handle this would be to always filter the return values from get_object_vars. Something like:
{{{#!php
ord( $var ) !== 0, get_object_vars( $object ));
}}}
" bitcomplex 5.6.2 has-patch
Enhancements Awaiting Review 40988 Use objects for `get_item_schema()` calls REST API normal enhancement new 2017-06-10T06:07:54Z 2017-12-03T22:32:02Z "The `get_item_schema()` method of a REST API controller always returns a dynamically generated array of schema information. This dynamic nature is needed, because some keys/values can change based on the current environment/controller.
This incurs a large performance penalty because the arrays need to be set up again and again, and as a side-effect, the translations that are being used for the `'description'` field are being loaded every single time. On a fresh, empty install of WordPress 4.8, making a request to `GET /wp-json/wpv2/posts` can spend a third or more of its time translating strings. Most of these translations are done multiple times, every single time an item schema is being requested. See blackfire profiling run here: https://blackfire.io/profiles/20516863-50e3-4df2-938a-7fa2f462abc8/graph
I suggest turning the arrays that `get_item_schema()` returns into a collection of smart objects that implement `ArrayAccess`. This offers the following benefits:
* Objects use up the memory for their keys once.
* Objects can be cloned (with the possibility to make changes after the clone), making sure that translations will at the most be loaded only once for every individual string.
* Objects can be extended and/or decorated, making it easy and clean to provide different structures for different use case, to get around `if/else` edge case handling.
* Objects can provide ""lazily-loaded"" keys (through magic methods or the proxy pattern), allowing the descriptions to only be processed when they are actually being requested. This would avoid the translation work completely for a use case like I tested above.
I expect this to shave around 30% off of the execution time of the above test case. It also makes the code more scalable, as large response sets might even incur yet a bigger performance penalty than the one I have recorded." schlessera 4.7
Enhancements Awaiting Review 56822 Use non-breaking space in required fields message General normal enhancement new 2022-10-14T00:26:32Z 2022-11-04T17:46:35Z "@Drivingralle recommended [https://make.wordpress.org/core/2022/10/10/functions-and-hooks-for-required-fields-in-wordpress-6-1/#comment-43914 changing the default space] before the visual indicator to a non-breaking space (so the symbol does not wrap to the next line, separated from the rest of the message).
There at least two different ways to achieve that:
1. Updating the text string to `'Required fields are marked %s'` or
2. Creating a default filter like the dev note's [https://make.wordpress.org/core/2022/10/10/functions-and-hooks-for-required-fields-in-wordpress-6-1/#message-example ""Message example""]" sabernhardt
Enhancements Awaiting Review 53998 Use network_home_url() instead of $_SERVER['HTTP_HOST'] for added safety. General normal enhancement new 2021-08-24T23:29:09Z 2022-08-07T18:04:12Z "Would it not be safer from XSS if uses of **$_SERVER[''HTTP_HOST'']** were replaced with **network_home_url()**? It looks to me like **network_home_url()** reads the server host name from the site settings instead of relying on a possibly manipulated **$_SERVER[''HTTP_HOST'']** value.
For example, I came across this code in /wp-admin/includes/class-wp-list-table.php...
{{{#!php
= 50600){
return hash_equals($stored_hash, $hash);
} else {
# This is not constant-time. In order to keep the code simple,
# for timing safety we currently rely on the salts being
# unpredictable, which they are at least in the non-fallback
# cases (that is, when we use /dev/urandom and bcrypt).
return $hash === $stored_hash;
}
}}}
PHP_VERSION_ID was introduced in 5.2.7, and i doubt WordPress still need to support PHP5.2. Unsure if WordPress still support 5.5? if the answer is no, the entire PHP_VERSION_ID can be removed. " hanshenrik close
Enhancements Awaiting Review 48816 Use get_bloginfo in the REST API index REST API normal enhancement new 2019-11-27T19:35:39Z 2019-11-29T18:39:35Z "The REST API provides data in the site ""index"" when making a request to `https://example.org/wp-json`. This describes the site and the APIs available. In particular it returns the name of the website, and the tagline. These values are retrieved using `get_option` directly instead of `get_bloginfo`.
Because this data would be used presentationally, it seems like it'd be more useful if it returned the ""presentation"" version of these strings.
As far as I could tell, the index has more or less worked the same since the GSOC version of the REST API, so I wasn't able to find any description of why it was built that way.
I opened this because of [https://github.com/WordPress/gutenberg/pull/18760 a Gutenberg PR] which would display the site title." TimothyBlynJacobs 4.4 dev-feedback
Reporter Feedback / Close 58948 Use Elvis operator (`:?`) to replace repeating ternary patterns (`a ? a : b`) General trivial enhancement new 2023-07-31T17:54:39Z 2023-10-17T20:11:44Z "This is a somewhat big change, but a simple one at that.
Replaces `a ? a : b` patterns of ternary statements to use the Elvis operator `a ?: b`.
Null coalescing operator (`??`) was added in PHP 7.0, which WordPress now requires as the minimum version. However, to make this ticket focused and easier to review, this ticket only proposes the Elvis operator.
On tainted lines, it follows WordPress CS to use uppercase constants (`NULL` instead of `null`, for example), and removes a few cases of unnecessary braces. Apart from them, the diff output should be quite minimal and straight forward.
Perhaps, the review will be easier with word-diff (`git show --word-diff`), or on GitHub, where it highlights word diffs in the line-diff mode.
Thank you." ayeshrajans 6.3 close
Defects Awaiting Review 56251 Use dominant color in media library General normal defect (bug) new 2022-07-19T18:19:41Z 2022-07-19T18:20:04Z "This is a follow-up on ticket from https://core.trac.wordpress.org/ticket/56151
Now we have Dominant color in core we should start to us it
This patch adds it to the Media library module in core " pbearne has-patch
Enhancements Awaiting Review 55521 Use dashicons-class in `wp_dashboard_quota` and `wp_dashboard_right_now` Administration normal enhancement new 2022-04-03T18:06:18Z 2023-12-01T08:06:21Z "Proposal:
Replace hardcoded css-rules for each item in the `At a Glance`-widget, use dashicons-classes for each item. This makes adding new items to the widget easier, simply just add a `dashicons-before`-class the your new items.
Background:
So using `dashboard_glance_items` to add custom items to the post list is easy, but changing icons without adding new css with a file or inline to the admin views is hard, since the hardcoded rules overrides `dashicons-before` on my added items.
" kebbet 3.8 has-patch
Defects Awaiting Review 58134 Use correct plural of status Posts, Post Types normal defect (bug) new 2023-04-15T06:58:24Z 2023-08-18T23:37:30Z "Core uses a variable named **$stati** (10 times to be found, in 3 files), but that's not the correct plural form of '**status**', neither in english, nor in latin or elsewhere. So I plead to change it to **$statuses**. While there seems to be no decent rule for variable names, so technically the variable could be named $stsii or whatever, still we are called to not
{{{
""abbreviate variable names unnecessarily; let the code be unambiguous and self-documenting.""
}}}
see https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/
Also, as we all know, ""**Code is Poetry**"", isn't it? Now you could argue poetry has some freedoms, but I strongly believe it should use correct grammar, at least in this case.
So I may have convinced you finally of that one, but there's one more issue:
There's also a function
{{{
get_post_stati()
}}}
see https://developer.wordpress.org/reference/functions/get_post_stati/
c'mon, let's rename it to **get_post_statuses**, while we're on it.
You may think this is petty, but it gave me some confusion and after all it's just wrong. Let's get rid of an usage of a plural form which doesn't exist.
" Presskopp needs-patch
Enhancements Awaiting Review 47256 Use composer to install and update external PHP libraries Build/Test Tools normal enhancement new 2019-05-13T18:23:42Z 2019-09-17T14:04:26Z "As of WordPress 5.2, the minimum version of PHP requires was changed to 5.6. This opens up some options around how PHP dependencies can be managed. [https://getcomposer.org/ Composer] is a popular PHP dependency manager similar to npm or yarn for javascript. WordPress core has support already got [https://github.com/WordPress/wordpress-develop/commit/39a145e0e1e442b4bed8921029c86800a804af60#diff-b5d0ee8c97c7abd7e3fa29b9a27d1780 support for composer] since 4.7. Since 5.0, many of the javascript dependancies are now loaded in using npm, php should have a similar build step.
Here are a list of dependancies that could be loaded in using composer.
- [https://github.com/JamesHeinrich/getID3 ID3]
- [https://github.com/rmccue/Requests Requests]
- [https://github.com/LeoColomb/pomo Pomo]
- [https://github.com/simplepie/simplepie SimplePie]
- [https://github.com/paragonie/sodium_compat sodium_compat]
- [https://github.com/paragonie/random_compat random_compat]
- [https://github.com/pear/Text_Diff Text_Diff]
If there are modification to these library in core, these libraries should be forked and maintained outside of core. Composer has a custom install path feature, that may allow us to maintain the current file structure. However, it may mean creating a new vendor directory (wp_vendor) and use autoloading.
Loading composer these via composer will remove a lot of the bloat of the code case, will make it easier for the core to manage updates in the future. " spacedmonkey 5.2 has-patch
Defects Awaiting Review, reported against no version 38098 Use common naming for context switching functions / classes General normal defect (bug) new 2016-09-19T17:13:08Z 2017-04-04T16:12:55Z "I'm creating this ticket after discussions in #26511 and #25293. A quick overview:
As we all know, there are `switch_to_blog()` and `restore_current_blog()` to switch between different sites by adding the sites to the global `$_wp_switched_stack` and doing a bunch of other stuff.
Now, #26511 aims to introduce `switch_to_locale()` to do the same for the site's locale. To avoid using (too many) global variables, a `WP_Locale_Switcher` class was suggested. The locale names are stored in a stack as well
#25293 is about improving `switch_to_blog()` and introducing `switch_to_site()` as well as `switch_to_network()`. #37958 suggests using `Network_Sate` objects for the stack instead of simply the blog IDs.
#19572 is somewhat related as well, though I don't think a `switch_to_post()` function makes sense. Fun fact: `WP_Query` was once named `WP_Query_State`, see [1449].
----
Now, I want to suggest using some kind of naming convention for new `WP_Locale_State` and `WP_Site_State` / `WP_Network_State` classes to make things easier for developers. Those essentially do the same thing:
* Switch to a new state
* Add this state to a stack
* Pop an item off the stack
* Pop all items off the stack (#37958)
Solid naming is very important to avoid confusion. As mentioned, there are `switch_to_blog()` and `restore_current_blog()`. #26511 suggests adding `switch_to_locale()` & `restore_previous_locale()`. #19572 suggests `switch_to_post()` and `restore_post()`. Ugh.
The simplest solution for that is to introduce an interface that these new classes would need to implement. Basically something along the lines of this:
{{{#!php
true
) );
/** Create a post */
$post_id = wp_insert_post( array( 'post_type' => 'findme', 'post_status' => 'publish' ) );
$findme = get_permalink( $post_id );
$found = url_to_postid( $findme );
/** Guess it */
printf( ""%s (%s) == %s (%s)"", $post_id, $findme, $found, get_permalink( $found ) );
exit;
} );
}}}
{{{30 (http://localhost:8080/?findme=30) == 0 ()}}} and {{{30 (http://localhost:8080/?findme=30) == 2 (http://localhost:8080/)}}} if the frontpage is setup to point ot a post.
Why is it not working? Why is the frontpage post being returned? Let's see how the {{url_to_postid}} function works:
{{{
// First, check to see if there is a 'p=N' or 'page_id=N' to match against
if ( preg_match('#[?&](p|page_id|attachment_id)=(\d+)#', $url, $values) ) {
$id = absint($values[2]);
if ( $id )
return $id;
}
}}}
Then?
{{{
if ( trim( $url, '/' ) === home_url() && 'page' == get_option( 'show_on_front' ) ) {
$page_on_front = get_option( 'page_on_front' );
if ( $page_on_front && get_post( $page_on_front ) instanceof WP_Post ) {
return (int) $page_on_front;
}
}
}}}
Uh, wait what... already? So a short-circuit without checking the custom post types. And that's understandable, since there is inherently no support for custom post type ID mappings as pointed out by:
{{{
// Check to see if we are using rewrite rules
$rewrite = $wp_rewrite->wp_rewrite_rules();
// Not using rewrite rules, and 'p=N' and 'page_id=N' methods failed, so we're out of options
if ( empty($rewrite) )
return 0;
}}}
What stands in our way to find the URL earlier?
1. The query var is not one of p, page_id, attachment_id
2. The query var value for CPTs is not necessarily, and most often not numeric (the post_title)
A proposed solution would be to look at the query parameters much higher, maybe by injecting the custom ones, ones that support slugs as well, since WordPress sets the {{{page_title}}} for a CPT itself, so that {{{\d+}}} check would fail.
Use case? Well, this was encountered when trying to paste plain oEmbed URLs for a custom post type (https://github.com/gravityview/GravityView/issues/927)." soulseekah 1.0 needs-unit-tests
Defects Awaiting Review 43881 url_to_postid doesn't works with custom post type in PhpUnit Test Rewrite Rules normal defect (bug) new 2018-04-27T14:10:38Z 2018-12-21T02:32:13Z "In the {{{functions.php}}} I have the following code:
{{{#!php
[
'name' => 'products',
'singular_name' => 'products',
'add_new' => 'Add New',
'add_new_item' => 'Add New Product',
'edit_item' => 'Edit Product',
'new_item' => 'New Product',
'all_items' => 'All Product',
'view_item' => 'View Product',
'search_items' => 'Search for Product',
'not_found' => 'No product found',
'not_found_in_trash' => 'No product found in the Trash',
'menu_name' => 'products',
'parent_item_colon' => '',
],
'description' => 'Product description',
'public' => true,
'rewrite' => ['slug' => 'products'],
'menu_position' => 5,
'supports' => ['title', 'editor', 'excerpt'],
'has_archive' => true,
'menu_icon' => 'dashicons-id-alt',
]
);
}
add_action('init', 'post_type_products');
}}}
Then I need to test it. And for this test I create the test record via factory class:
{{{#!php
'Test Post',
'post_content' => 'Test Post Content',
'post_excerpt' => 'Test Post excerpt',
'post_type' => 'products'
];
$this->factory->post->create($post_data);
}}}
The problem is when I got URL from following code:
{{{$url = get_permalink($this->factory->post->create($post_data));}}}
The function {{{url_to_postid}}} return {{{0}}}
{{{#!php
use_verbose_page_rules differs Rewrite Rules normal defect (bug) new 2023-06-14T11:18:44Z 2023-10-29T06:02:12Z "In a multisite installation, where there are blogs with mixed permastruct of some have the `$wp_rewrite->use_verbose_page_rules` set to `true` and some to `false`, the `url_to_postid` fails to find a post, since it's queried as a page, [https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rewrite.php?rev=54364#L609 due to a falsey check].
As the rewrites rules are untouched upon `switch_to_blog` action and as the `url_to_postid` function works directly with the `rewrite_rules` option ([https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rewrite.php?rev=54364#L563 via `WP_Rewrite::wp_rewrite_rules()` function] ), IMHO the best way to fix such a case would be to not rely on the property, but perform the same check as when the `use_verbose_page_rules` property is being set (see the attached patch)." david.binda
Defects Awaiting Review 58516 url_to_postid does not return post id for static Posts page Rewrite Rules normal defect (bug) new 2023-06-12T13:29:36Z 2023-06-12T13:38:13Z "Steps to reproduce:
- Create a page called ""Blog"", slug: blog. ID: 10 permalink: https://a.com/blog/
- Go to WordPress->Settings->Reading-> Your homepage displays -> A static page -> Posts page -> set the previously created ""Blog"" page.
- Call ->
{{{#!php
is_singular will return false.
The following code would solve this issue:
{{{#!php
posts) && $query->is_singular) {
return $query->post->ID;
} else {
if ($query->get_queried_object() instanceof WP_POST) {
return $query->queried_object_id;
}
return 0;
}
}}}
" nextendweb has-patch
Reporter Feedback / Close 47941 URL with umlaut is sanitized in user-edit.php form Users normal defect (bug) new 2019-08-27T23:53:17Z 2019-08-29T03:08:51Z "I'm trying to add the LinkedIn URL to a user whose URL is `https://www.linkedin.com/in/frank-rösner-83736/`
When I copy that URL from the browser, the ö in the url becomes `https://www.linkedin.com/in/frank-r%C3%B6sner-83736/`
Pasting that in the LinkedIn url makes `%C3%B6` disappear." smaffulli reporter-feedback
Defects Awaiting Review 52373 URL returned by get_attachment_link() can 404. Media normal defect (bug) new 2021-01-25T23:51:23Z 2021-02-02T00:52:54Z "The permalink returned by `get_attachment_link()` and `get_permalink( /* attachment */ )` can result in a file not found page in the following circumstances:
* The attachment's post parent has been deleted but `post_parent` is set (ie, post parent is pointing to an invalid ID).
* The attachment's post parent is an unregistered post type.
In both cases `get_permalink()` will return a URL in the format `w.org/attachment-name` that will 404 when visited on the front end of the website.
If pretty URLs are enabled, the URL should return `w.org/attachment/attachment-name` as the permalink.
Adding the following unit test will demonstrate the bug:
{{{#!php
set_permalink_structure( '/%year%/%monthnum%/%day%/%postname%/' );
flush_rewrite_rules();
// Create temporay post type.
register_post_type( 'not_a_post_type', array( 'public' => true ) );
$post_id = self::factory()->post->create( array( 'post_type' => 'not_a_post_type' ) );
// Attach media to post of post type.
$attachment_id = self::factory()->attachment->create_object(
'image.jpg',
$post_id,
array(
'post_mime_type' => 'image/jpeg',
'post_type' => 'attachment',
'post_title' => 'An Attachment!',
'post_status' => 'inherit',
)
);
// Unregister post type.
foreach ( $wp_post_types as $id => $pt ) {
if ( 'not_a_post_type' === $pt->name ) {
unset( $wp_post_types[ $id ] );
break;
}
}
// Visit permalink.
$this->go_to( get_permalink( $attachment_id ) );
$this->assertQueryTrue( 'is_attachment' );
}
}}}
This looks to have been introduced in #1914
" peterwilsoncc 4.4 has-patch
Defects Awaiting Review 45687 URL params get lost because of canonical redirect on static front page Canonical minor defect (bug) assigned 2018-12-18T12:13:31Z 2018-12-18T12:24:43Z "Please see #25143.
A shortcode that changes its output via (prettified) URL params, i.e. `/test/1/`.
Use the shortcode on a **static front page**.
The params are added either with `add_rewrite_rule()` or `add_rewrite_endpoint()`, but **without adding query vars**.
This is basically what the patch in #25143 fixed (3rd param ''false''):
{{{
add_rewrite_endpoint( 'test', EP_PERMALINK | EP_ROOT | EP_PAGES, false );
}}}
However, the later change on line 175 in changeset [36237] causes a request such as `/test/1/` to redirect to `/` **and the shortcode can't work with the param**.
On a side note, adding the params as query vars causes the intended static front page to use the posts template because `is_home()` is ''true''.\\
I understand that if I don't want URL params to modify the query, I should not register them as query vars (see [ticket:25143#comment:21 boonebgorges]). However, the template change feels rather wrong to me, too (see [ticket:25143#comment:20 mordauk]).
Thanks for listening." captain.crash 5.0.1 needs-patch
Defects Awaiting Review 51141 URL parameters are altered on static homepage after unneeded 301 redirect General normal defect (bug) reopened 2020-08-25T16:39:39Z 2022-12-13T14:04:51Z "It seems as though all WordPress sites that I’m supporting for various clients has this same functionality — if the site is using a static homepage, and you visit the homepage with a query string containing `+` signs — the page is redirected (301) and the plus signs are turned into `%20` — Interior pages and posts do NOT suffer this same effect.
For example (I am not supporting this site, just using it as an example):
https://wpengine.com/?test=test+test (redirect occurs)
https://wpengine.com/plans/?test=test+test (no redirect occurs)
Another example:
https://wordpress.org/support/?test=test+test (redirect occurs)
https://wordpress.org/support/article/overview-of-wordpress/?test=test+test (no redirect)
Our site analyst (SEO, tracking, etc) uses plus signs in his query string data and this can be problematic. It seems that the homepage should not be doing this.
This also does not seem to affect sites that don’t use the “static homepage” option." kevindeleon 5.5
Defects Awaiting Review 60269 URL parameter filtering with 'tag' parameter Taxonomy normal defect (bug) new 2024-01-16T18:00:42Z 2024-01-16T18:00:42Z "Specifically why is the tag url filtering locked behind this check for $this->query_vars_changed. Seems like this could be removed from the condition to me.
This means post archive filtering using the tag url parameter doesn't work by default.
But if for example any query_var is changed in the 'pre_get_posts' filter it suddenly does work. Even if the query_var changed is entirely unrelated.
wp-includes/class-wp-query.php
{{{
class WP_Query {
...
public function parse_tax_query( &$q ) {
...
if ( '' !== $q['tag'] && ! $this->is_singular && $this->query_vars_changed ) {
...
}
...
}
...
}
}}}
" harolair
Enhancements Awaiting Review 54525 URL Object General normal enhancement new 2021-11-27T02:58:47Z 2021-11-27T19:11:22Z "hi
i would to suggest to wordpress to build a wordpress URL_Object who implement url distribution logic like theses.
example : this url : "" http://localhost/author/admin/ ”
{{{
{
base_url : http://localhost/author/admin/
protocol : http
root : localhost
full_path:author/admin/
template : author.php
/**...some stuff*/
{child
path:author
path_type:users_list
{child
path:admin
path_type:user_name
{user_object:WP_user
/*...data from WP_user*/
}
}
}
}
}}}
another example with this url : “ http://localhost/2021/10/20/my_comment/ ""(a comment url)
{{{
{
base_url : http://localhost/2021/10/20/my_comment/
protocol : http
root : localhost
full_path:2021/10/20/my_comment/
template : comments.php
/**...some stuff*/
{child
path:2021
path_type:date(year)
{child
path:10
path_type:date(month)
{child
path:20
path_type:date(day)
{comment_object:WP_Comment
/*...data from WP_Comment like*/
comment_ID:""""
comment_post_ID :""""
comment_author :""""
comment_author_email :""""
/***...and more */
}
}
}
}
}
}}}
another example with this url : http://localhost/vehicle/car/
{{{
{
base_url : http://localhost/vehicle/car/
protocol : http
root : localhost
full_path:vehicle/car/
template : category.php
/**...some stuff*/
{child
path:vehicle
path_type:category
parent_category:none
{child
path:car
path_type:category
parent_category:vehicle
{object_array
/*...listed object for this category*/
{object_1:car_with_4_wheels
/*object fields and data */
color:""""
wheels:""""
type:""""
motor:""""
gear_ratio:""""
/**...and more*/
}
{object_2:car_with_3_wheels}
{object_3:car_with_5_wheels}
/***...and more */
}
}
}
}
}}}
the underlying idea is to give us the possibility to know where url part come from, to make more flexible and logic routing.
to explain a little bit my purpose , we will move to : http://localhost/vehicle/car/my_black_car_with_four_wheels
we can get this object :
{{{
{
base_url : http://localhost/vehicle/car/
protocol : http
root : localhost
full_path:vehicle/car/
template : category.php
/**...some stuff*/
{child
path:vehicle
path_type:category
parent_category:none
{child
path:car
path_type:category
parent_category:vehicle
{object:car_object
/*object fields and data */
color:black
wheels:4
type:sportive
motor:950ch
gear_ratio:6
/**...and more*/
}
}
}
}
}}}
in addition, the possibilites to create wordpress routing from this object will be a good idea. i'll try to give you an example : we want to create a user car space with this url format :
http://localhost/user/vehicle/cars
{{{
/**first we will create this object*/
$my_url_object = new url_object(/${root}/${users}/${category:vehicle}/${category:cars});
}}}
this action will instantiate the url object and the routing logic at the same time, so we will get this url_object
{{{
{
base_url : http://localhost/user/vehicle/car
protocol : http (will depends form the server config)
root : localhost
template : """"
/**...some stuff*/
{child
path:user
{user_object:WP_user
/**data from WP_user */
data:""""
ID:""""
caps:""""
roles:""""
/**... and more */
}
{child
path:vehicle
{category_object : vehicle
/**data from vehicle object */
}
{child
path:car
{category_object:car
/**data from car object */
/**for example:*/
color:""""
wheels:""""
type:""""
wheels_size:""""
motor:""""
gear_ratio:""""
/**...and more*/
}
}
}
}
}
}}}
the only last thing we have to do is to decide which template will be used:
{{{
$my_url_object->set_template(user_car.php)
}}}
" grosfaignan
Defects Awaiting Review 50149 url issue on category slugs Canonical normal defect (bug) new 2020-05-12T11:09:34Z 2020-05-12T17:53:32Z "This url structure is used to split the posts of a category into pages.
{{{
.../category/{category_name}/page/2/
}}}
However, if you use /0 before the /page/2/ section, the system ignores /0 and it does not redirect to the 404 page and opens the /page/2 archive page. But in this page, the single_cat_title() function does not return a value.
{{{
.../category/{category_name}/0/page/2/
}}}
Even all parameters entered before /0 are ignored too
{{{
.../category/{category_name}/1/2/3/4/5/abc/0/page/2/
}}}
" ersinkurtdal 5.4.1
Defects Awaiting Review 59307 Urgent, Uncaught TypeError: this.activateMode is not a function Media critical defect (bug) new 2023-09-07T08:06:16Z 2023-09-07T08:06:16Z "It's very urgent. There is no response when clicking the media button on the add/edit article page.
Showing an error every click on the media button:
Uncaught TypeError: this.activateMode is not a function
at media-views.min.js?ver=6.3.1:2:59604
at It (provider.js:2:586804)
at Function.ma (provider.js:2:621991)
at n._createModes (media-views.min.js?ver=6.3.1:2:59564)
at n.initialize (media-views.min.js?ver=6.3.1:2:58973)
at n.initialize (media-views.min.js?ver=6.3.1:2:79857)
at n.initialize (media-views.min.js?ver=6.3.1:2:73432)
at n.initialize (media-views.min.js?ver=6.3.1:2:63143)
at h.View (load-scripts.php?c=1&load%5Bchunk_0%5D=wp-polyfill-inert,regenerator-runtime,wp-polyfill,wp-hooks,jquery-core,jquery-migrate,utils,jquery-ui-core,jquery-ui-mouse,jquer&load%5Bchunk_1%5D=y-ui-sortable,underscore,backbone,wp-util,wp-backbone,media-models,moxiejs,plupload&ver=6.3.1:151:14648)
at n.constructor (load-scripts.php?c=1&load%5Bchunk_0%5D=wp-polyfill-inert,regenerator-runtime,wp-polyfill,wp-hooks,jquery-core,jquery-migrate,utils,jquery-ui-core,jquery-ui-mouse,jquer&load%5Bchunk_1%5D=y-ui-sortable,underscore,backbone,wp-util,wp-backbone,media-models,moxiejs,plupload&ver=6.3.1:155:2602)" jjproitech 6.3.1
Defects Awaiting Review 59259 URGENT BUG ON NEW UPDATE Editor normal defect (bug) new 2023-08-31T21:46:05Z 2023-09-01T01:29:30Z "The latest WordPress update has slowed down editing pages/posts as well as creating new posts and pages.
Prior to the new update their were no issues. Now productivity has plunged due to this bug. Pages become nonresponsive when editing.
" franknez888 6.3.1
Defects Awaiting Review 49664 Uppercase Greek letters are getting accents on iPhone mobile devices General normal defect (bug) reopened 2020-03-18T09:41:28Z 2020-03-18T11:01:33Z "Hi,
On my client's under development e-shop made with WP & WooCommerce, all of the uppercase letters appeared at various purchase steps via ""text-transform: uppercase;"" are getting accents. The shop is in Greek language and uppercase letters shouldn't have accents because this is wrong in Greek grammar.
Is there maybe a way to fix this?
The issue appears only at iPhone mobile devices and not at the rest.
Please check my screenshots below to better understand the issue:
[https://imgur.com/JxwrGaF]
[https://imgur.com/4FmMiur]
[https://imgur.com/rTiyiz4]
[https://imgur.com/T5KVrSb]
[https://imgur.com/XLisjrg]
I would like to inform you that I have found a relevant plugin on wordpress.org which seems to fix the issue with the uppercase accents on Greek letters:
[https://wordpress.org/plugins/remove-uppercase-accents/#description]
In addition, I have found a conversation on [https://stackoverflow.com/] regarding the issue:
[https://stackoverflow.com/questions/28783259/how-do-i-make-text-transformuppercase-work-properly-with-greek]
I would prefer to avoid adding an extra plugin for fixing the issue. WooCommerce official support also recommended me to report the issue here as the fix should be implemented in WordPress core itself (as it affects WordPress users as well).
The problem here seems to be related with the text-transform: uppercase; CSS code. As you may read above, this is a limitation with CSS code that does not remove the accents when switched to uppercase on Greek Language (I am not sure if it happens to other languages as well).
Waiting for your further advice on this.
Kind Regards,
Dimitris" d.chatzimanolis dev-feedback
Defects Awaiting Review 27511 "Upper ""Select All"" checkbox for list of plugins to update on update-core.php does not work on first click" Upgrade/Install minor defect (bug) reopened 2014-03-25T13:41:24Z 2018-03-05T14:02:43Z "(Minor annoyance)
On the admin page:
{{{
update-core.php
}}}
when there is a list of plugins with Updates Available, the first time you click on the ""Select All"" checkbox, it does not actually affect any of the checkboxes in the list.
The first time it happened, I just thought it might be a one-time or install-specific occurrence. Then, I had to update a different WordPress install on the same cPanel server, in a different account. In both cases, I went to the equivalent ""Select All"" checkbox at the bottom of the list, and it worked on the first click.
I then had to do updates on a VPS with a multisite install of Wordpress, and again the upper box did not work at first. However, I kept clicking it, and after about clicking it on, then off, then on again, the upper checkbox started affecting all the checkboxes in the list again.
" vanjwilson 3.8.1
Defects Awaiting Review 58513 Uploading JSON file of 1MB or less fails to upload Upload normal defect (bug) new 2023-06-12T11:21:01Z 2023-06-12T11:25:04Z "When uploading a JSON file of exactly 1048577 bytes or less leads to:
{filename} has failed to upload.
Sorry, you are not allowed to upload this file type.
Even though the file type is allowed. Tested with JSON file of valid JSON of 1048578 bytes (success) and 1048577 byes (failure)." oliward@… 6.2.2
Defects Awaiting Review 47889 uploading image contains special characters will return a wrong image url Media normal defect (bug) new 2019-08-17T10:57:02Z 2019-08-18T03:46:56Z "How to reproduce this bug?
1> ready an image, make sure it contains a special character, such as `^`. In my case, this image file is `test^image.jpg`
2> goto page 'Upload New Media', that is './wp-admin/media-new.php'
3> select your image file and upload it.
4> in the completion list, you will see a thumbnail and the image that you uploaded. (see attachment )
5> the thumbnail is broken, and the URL of the thumbnail is `'.../testimage.jpg'`. actually, it's should be `'.../test^image.jpg'`
" sockscap64 5.2.2 has-patch
Defects Awaiting Review 46793 Uploading files that the filename contains LTR and RTL characters cause filename change Media major defect (bug) new 2019-04-04T11:03:32Z 2019-04-11T13:32:52Z I have uploaded some pdf files in the Media. The process goes well but when I am trying to access them the files are not found. I reviewed the uploads with ftp and I saw that the file names changed. For example a file that was uploaded with filename אילן-גל-פאר-english.pdf is changing to english.pdf-גל-פאר- with result to get 404 error. VSotiris 4.9.1
Defects Awaiting Review 40289 Uploading 2 files with the same name but different casing, overwrites existing files Media normal defect (bug) reopened 2017-03-28T22:23:44Z 2017-06-08T09:36:11Z "Problem: Under normal circumstances, if I upload a file to the media library but a file with a similar name was previously uploaded, wordpress would change the name of the new file (by adding a dash and a number).
However, If I upload 2 files with the same name, BUT WITH DIFFERENT CAPITALIZATION, wordpress won't rename the second file and will just reference the older one.
So if for example, I already had the file cover.jpg in my library and I've created a new post and uploaded the file COVER.JPG, it will show in the post the older image of (cover.jpg)." quickim 4.7.3
Defects Awaiting Review 34465 Uploader in Media Modal Not Working When Certain Library Arguments Present Media normal defect (bug) new 2015-10-27T13:32:55Z 2017-09-18T00:16:15Z "I noticed this bug while working on a plugin that deals with the media modal. I'm using the following code to create a media modal on a button view:
{{{
function frame(){
// Destroy the previous collection frame.
if ( this._frame )
{
this.stopListening( this._frame );
this._frame.dispose();
}
this._frame = wp.media( {
className: 'media-frame rwmb-media-frame',
multiple : true,
title : 'Select Media',
library : {
type : 'image',
},
frame: 'select',
} );
//Event stuff goes here
this._frame.open();
},
}}}
The issue is when uploading a file using the upload tab in the media modal. The file uploads but it never appears in the Media Library tab like it does in the core media modal used by the editor. The side Attachment Details panel shows the file information but the file itself doesn't appear on the grid. Attached is a screen cap from a user of the plugin. " Funkatronic 4.0 needs-patch
Defects Awaiting Review 48369 Uploaded media files created with incorrect permissions if directory set to 751. Upload normal defect (bug) new 2019-10-18T17:20:11Z 2021-04-22T02:23:44Z "
I discovered a very strange issue.. Files uploaded in the Media Library are having permissions set of 640 instead of 644.
I’ve tried setting a umask in the wp-config.php file, eg
define(‘FS_CHMOD_FILE’,0644);
This seems to have no effect.
Strangely, there are a number of wordpress sites on this box. Only 2 of these have this issue and the others all work fine and set the permissions to 644.
I have uploaded a simple PHP upload script to see if this is a PHP issue, but using the simple upload script the permissions are set to 644.. So I’m sure this is a wordpress issue.
I’ve then re-installed wordpress in the Admin interface, this didnt make any difference, I’m running 5.2.4 – the latest, I don’t think we had this issue before the last update but I cannot be 100% sure of that..
After digging in File.php I added some debug code:
// Set correct file permissions.
$stat = stat( dirname( $new_file ) );
error_log(“JSG: STAT MODE $stat[mode]”); // new line
$perms = $stat[‘mode’] & 0000666;
error_log(“JSG: $perms”); // new line
[18-Oct-2019 15:18:13 UTC] JSG: STAT MODE 16873
[18-Oct-2019 15:18:13 UTC] JSG: 416 <– this is bad right?
On another site which works fine with the same debug code I have:
DRT JSG: STAT MODE 16877
DRT JSG: 420
This made me look at the code and realise the issue.. If the DIR is set to 751, then the permissions on uploaded files are changed to 640.. but if the dir is 755 the permissions are set to 644..
Having permission of 751 is acceptable from a security point of view because the server does only needs to excuse permission on the dir to access the files within it. " jonathangilpin 5.2.3
Reporter Feedback / Close 44765 Uploaded image corrupted after resizing Media normal defect (bug) new 2018-08-09T13:49:17Z 2021-04-28T18:00:00Z "When I upload .jpg larger image and turn on resizing, image is corrupted after upload is done. I tried it on two websites on latest version. In v. 4.9.6 its working normally. When i Set in SETTINGS - MEDIA zeroes everywhere, its not resizing and picture is fine. Screenshots are below:
[[Image(https://ctrlv.cz/shots/2018/08/09/lnGX.png)]]
[[Image(https://ctrlv.cz/shots/2018/08/09/t6CU.png)]]
[[Image(https://ctrlv.cz/shots/2018/08/09/bb0t.png)]]" lurbanek 4.9.8 reporter-feedback
Defects Awaiting Review 32048 Uploaded file reserves a name, page can't be named it. Permalinks normal defect (bug) new 2015-04-22T03:51:57Z 2017-03-09T01:04:29Z "1) Upload a file-name.png file to media library.
2) Publish a page named ""file-name"".
3) Note that (if site is set to post-name permalink) the page is now file-name-2
4) Try to rename the attachment and then give the page the natural name, and it still doesn't work.
This might have a similar root cause as bug #13459." programmin 4.1.1
Enhancements Awaiting Review 40140 upload_url_path doesn't seem to make any effect Media normal feature request new 2017-03-13T06:53:00Z 2018-12-27T21:15:21Z "An site of mine had '''http://site.com/articlefiles/''' as the place to receive uploads, equally it was '''/site/root/articlefiles''' on the filesystem, instead of '''/site/root/wp-content/uploads'''.
Now I migrated the site into a multisite installation as site 2 and uploads are going into /site/root/articlefiles/site/2/ and all previous uploads in old posts are linked as '''http://site.com/articlefiles/site/2/something.jpg''', causing broken images and links cause they originally don't have the ""site/2"" part. Editing the post, these links and images do not have the ""site/2"" part either. WordPress is rewriting the URL dynamically when reading the posts.
I want to keep compatibility with '''http://site.com/articlefiles/''' and '''/site/root/articlefiles''' without the ""site/2"" part. I was expecting '''upload_url_path''' on options table to be the solution but it doesn't work. I put there '''http://site.com/articlefiles/'''.
How can I keep URL and path compatibility when migrating a single site to a non-primary site of multi site installation ?
Thank you in advance" avibrazil 4.7.3
Defects Awaiting Review 39492 upload_post_params and plupload_init filters are not being executed on wp_print_media_templates() Media normal defect (bug) new 2017-01-05T20:17:11Z 2018-01-04T18:38:02Z upload_post_params and plupload_init filters are not being executed on the new media upload form located in wp-includes/media-template.php => wp_print_media_templates(). llvasconcellos 4.7
Enhancements Awaiting Review 59097 Upload via link Upload minor feature request new 2023-08-13T20:47:24Z 2023-08-14T14:13:45Z In the media part of the admin panel, add a way to upload files by pasting in the link thedustry 6.3
Reporter Feedback / Close 58944 Upload to Media Library not replicating to all pod's 6.2.2 Media normal defect (bug) new 2023-07-31T10:18:52Z 2023-10-04T15:34:54Z "Hello, after updating from WP 6.1.1 to 6.2.2 the new uploaded images start to apear ""broken"" on Media Library. If we refresh the page several time's we will see the image ok, but if we refresh it again it will be broken. We are running the WP in kubernetes, so we have several pod's. This behaviour means the uploaded image is no longer been replicated to all pod's. So it only exist's in one pod.
After reverting to 6.1.1 all is ok." vitorgandra 6.2.2 reporter-feedback
Defects Awaiting Review 44710 Upload plugin and theme functionalities are not removing uploaded files after failure conditions. Administration normal defect (bug) new 2018-08-03T00:11:59Z 2020-12-25T07:25:08Z "Within wp-admin, an administrator user may upload files by using the Upload Plugin functionality (Plugins -> Add New -> Upload plugin) and the Upload Theme functionality (Appearance -> Themes -> Add New -> Upload Theme)
These processes uploads the user submitted file to /wp-content/uploads/{month} first, then attempts to extract it to the plugins or theme directory (The form expects a .zip file, yet allows any mime-type or extension for uploaded files, such as images, or .php files). If the process fails for any reason the uploaded file remains in /wp-content/uploads/ and/or /wp-content/upgrade/
It would be best if the plugin and theme upload functionalities properly clean up the uploaded files if a plugin or theme fail to properly get extracted and/or installed.
Note: On successful installations of a plugin or theme, the uploaded file is being properly removed from /wp-content/uploads/ and/or /wp-content/upgrade/ " rawrly 4.9.7 needs-patch
Defects Awaiting Review 32704 Upload path is not set correctly after switch_blog Upload normal defect (bug) new 2015-06-18T15:06:15Z 2019-05-15T21:18:59Z "When blog is switched and still using old multisite upload folders, upload
directory is not set correctly, which makes functions like
wp_get_attachment_image_src() return the wrong url." ilanco 3.0 needs-patch
Defects Awaiting Review 39864 Upload not giving back any error message when uploads directory doesn't exist. Upload normal defect (bug) new 2017-02-13T17:35:20Z 2017-02-13T17:35:20Z "[[Image(http://i.imgur.com/PLrKSNz.png)]]
When the path (upload_path in media options) set in the above image doesn't exists, no error message is displayed when uploading images. It would be great if an error message would tell you that the path is set wrong or doesn't exists, so you get an idea where to start looking to fix the error.
After you upload an image the image gets displayed like this on the media page:
[[Image(http://i.imgur.com/Euiaihl.png)]]" nahakiole 4.7.2
Reporter Feedback / Close 47978 Upload files with Media Library takes much load time to upload image Editor normal defect (bug) new 2019-09-05T13:34:08Z 2020-11-05T04:48:54Z "Theme: Twenty Nineteen
Version: 5.2.3
Steps to Reproduce:
1) Go to Gallery
2) Select Media Library
3) Go to Upload image with less than 2 mb size
4) The image will take much more time to upload and it will continue to stay in progress.
Note: Please check the screenshot link below for the same.
https://www.screencast.com/t/8nP8shWWW2UY" anjalirai 5.2.2 reporter-feedback
Reporter Feedback / Close 32318 Upload fails, wp_insert_attachment returned 0 Upload normal defect (bug) new 2015-05-08T22:34:11Z 2022-10-19T15:47:53Z "One specific mp3 file was failing to attach, and it seems wp_insert_attachment is breaking with 0 returned, breaking update-attachment-metadata:
wp-admin/includes/media.php, line 360:
{{{
// Save the data
$id = wp_insert_attachment($attachment, $file, $post_id);
if ( !is_wp_error($id) ) {
wp_update_attachment_metadata( $id, wp_generate_attachment_metadata( $id, $file ) );
}
}}}
id = 0, caused by these lines in wp-includes/post.php, around line 3351:
{{{
if ( false === $wpdb->insert( $wpdb->posts, $data ) ) {
if ( $wp_error ) {
return new WP_Error('db_insert_error', __('Could not insert post into the database'), $wpdb->last_error);
} else {
return 0;
}
}
}}}
In this case the documentation is wrong, it didn't return the post id." programmin 4.1.5 close
Enhancements Awaiting Review 45783 Upgrades Page: Improve design Upgrade/Install normal feature request new 2018-12-27T23:27:00Z 2021-06-05T12:35:41Z "I am opening a new ticket as I am not sure if there already is one available.
The following is based on initial wireframes made two years ago: https://make.wordpress.org/core/2016/06/02/proposal-more-shiny-updates/
I have broaded it. I am including two wireframes suggesting how we can handle automatic updates for Core.
I also have a blog post that I made in relation to this here: https://easywebdesigntutorials.com/automatic-updates-for-wordpress-core/
" paaljoachim
Defects Awaiting Review 51369 Upgrade via a ZIP file doesn't work if password isn't cached Upgrade/Install minor defect (bug) new 2020-09-21T18:46:55Z 2020-09-21T18:46:55Z "This is a follow-up to #9757.
Aloha, we noticed that upgrading via a ZIP file will not work if the server prompts for an FTP password via the `Connection Information` screen (e.g., if `FTP_PASS` is not defined in `wp-config.php`).
Note that this only applies if direct file I/O is not used for updates (e.g., `FS_METHOD` is `ssh2`, `ftpext`, or `ftpsockets`).
The flow is:
1. User uploads a plugin or theme ZIP file via Appearance > Themes > Upload Theme or Plugins > Installed Plugins > Add New.
2. Connection Information screen appears, asking for Hostname, FTP Username, FTP Password, and Connection Type (see screenshot: https://imgur.com/a/xl64OeL).
3. After providing credentials, the new ""This theme/plugin is already installed"" screen appears, comparing Current to Uploaded (see screenshot: https://imgur.com/a/cnntWm9).
4. If you click ""Replace current with uploaded,"" you will return to the Connection Information screen. After providing credentials again, you loop back to step 3, and are stuck in the cycle.
I've also attached a short screencast illustrating the loop (on a local vagrant set up on Ubuntu 20.01 LTS using vsftpd to perform file I/O, using `FS_METHOD = ftpext`).
" figureone 5.5.1
Defects Awaiting Review 53043 Upgrade to WP 5.7.1 fails if wp-config-sample.php not in home directory Upgrade/Install minor defect (bug) new 2021-04-15T16:45:29Z 2021-04-16T02:12:14Z "One of my WP sites (that's set to auto-upgrade to new versions) just failed to upgrade to 5.7.1. I got the following error messages when I tried to upgrade from the dashboard:
{{{#!bash
Note that the 5.2 branch is deprecated and will not receive security updates after 31st December 2018.
The same goes for WP 5.5 to 5.8
-> WordPress 5.5 (PHP Mailer 6.1.6)
-> WordPress 5.6 (PHP Mailer 6.2)
-> WordPress 5.7 (PHP Mailer 6.3)
-> WordPress 5.7.2 (PHP Mailer 6.4)
-> WordPress 5.7.3 (PHP Mailer 6.5.0)
WordPress 5.9 will contain PHP Mailer 6.5.3 as the latest version.
As version 6.4.1 and 6.5 are security releases this could be relevant too:
https://github.com/PHPMailer/PHPMailer/releases?q=security&expanded=true
Although this is related to security it seems that the other tickets about updating this library are handled in public so I created this one here too." zodiac1978 dev-feedback
Enhancements Awaiting Review 60516 Upgrade Moment.js to the latest version External Libraries normal enhancement new 2024-02-12T20:02:55Z 2024-02-19T08:46:30Z "A new version of the `moment` (2.30.1) is now available.
The [https://github.com/moment/moment/blob/develop/CHANGELOG.md changelog] and [https://github.com/moment/moment/compare/2.29.4...2.30.1 full of changes] are on [https://github.com/moment/moment GitHub]." desrosj has-patch
Defects Awaiting Review 30795 Upgrade bug affecting indexing Database normal defect (bug) reopened 2014-12-20T16:29:49Z 2019-03-22T13:46:01Z "Every time WordPress is updated I was getting an entry in my error_log as follows:
WordPress database error Duplicate key name 'type_status_date' for query ALTER TABLE wp_posts ADD KEY type_status_date (post_type,post_status,post_date,ID) made by wp_upgrade, make_db_current_silent, dbDelta
After some heavy back tracking through the code, this is coming from a mismatch between the reported indexing of my database and what WordPress is expecting. in particular to the 'post_status' part. It seems WordPress expects the 'SubPart to be NULL, only in my main site is was '1'.
So, my index was reporting as:
KEY type_status_date (post_type,post_status(1),post_date,ID)
Rather than:
KEY type_status_date (post_type,post_status,post_date,ID)
This means the upgrade code is called on every update and fails on every update also.
I've managed to force through a fixed on my own site by dropping the index and recreating it using SQL in PHPMyAdmin.
Googling for the above error message it would seem I'm not the only one affected." MattyRob 2.1
Enhancements Awaiting Review 56390 Updating WP_MEMORY_LIMIT Bootstrap/Load normal enhancement new 2022-08-16T09:04:13Z 2024-01-24T09:26:49Z "During the [https://europe.wordcamp.org/2022/contributor-day/ Contributor Day at the WordCamp Europe 2022], the Hosting Team found that {{{WP_MEMORY_LIMIT}}} is set as 40 MB (single site) and 64 MB (multisite). Furthermore, the {{{WP_MAX_MEMORY_LIMIT}}} is set as 256 MB.
{{{WP_MEMORY_LIMIT}}} is the value for the WordPress Memory Limit, usually referred to the frontend memory, and {{{WP_MAX_MEMORY_LIMIT}}} is the value for the PHP Memory Limit, usually referred to the backend memory.
== History ==
Around September 2013, the {{{WP_MEMORY_LIMIT}}} value changed from 32 MB to 40 MB (32+8). Some tests done by the Hosting Team suggest that the memory used on WordPress is around 16 MB.
The PHP {{{memory_limit}}} sets the maximum amount of memory in bytes that a script is allowed to allocate. This helps prevent poorly written scripts for eating up all available memory on a server. Note that to have no memory limit, set this directive to {{{-1}}}. Check the [https://www.php.net/manual/en/ini.core.php#ini.memory-limit PHP page for more information].
== Actual code ==
Checking the [https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/default-constants.php default-constants.php], the code for {{{WP_MEMORY_LIMIT}}} is:
{{{
#!php
$current_limit = ini_get( 'memory_limit' );
$current_limit_int = wp_convert_hr_to_bytes( $current_limit );
// Define memory limits.
if ( ! defined( 'WP_MEMORY_LIMIT' ) ) {
if ( false === wp_is_ini_value_changeable( 'memory_limit' ) ) {
define( 'WP_MEMORY_LIMIT', $current_limit );
} elseif ( is_multisite() ) {
define( 'WP_MEMORY_LIMIT', '64M' );
} else {
define( 'WP_MEMORY_LIMIT', '40M' );
}
}
// Set memory limits.
$wp_limit_int = wp_convert_hr_to_bytes( WP_MEMORY_LIMIT );
if ( -1 !== $current_limit_int && ( -1 === $wp_limit_int || $wp_limit_int > $current_limit_int ) ) {
ini_set( 'memory_limit', WP_MEMORY_LIMIT );
}
}}}
''NOTE: this code is an extrapolation of some parts to understand the values.''
For {{{WP_MAX_MEMORY_LIMIT}}}, is:
{{{
#!php
$current_limit = ini_get( 'memory_limit' );
$current_limit_int = wp_convert_hr_to_bytes( $current_limit );
if ( ! defined( 'WP_MAX_MEMORY_LIMIT' ) ) {
if ( false === wp_is_ini_value_changeable( 'memory_limit' ) ) {
define( 'WP_MAX_MEMORY_LIMIT', $current_limit );
} elseif ( -1 === $current_limit_int || $current_limit_int > 268435456 /* = 256M */ ) {
define( 'WP_MAX_MEMORY_LIMIT', $current_limit );
} else {
define( 'WP_MAX_MEMORY_LIMIT', '256M' );
}
}
}}}
''NOTE: this code is an extrapolation of some parts to understand the values.''
== PHP values ==
The first part gets the value from PHP, and if not exists, sets a default value. Thereafter, if the value is incorrect (in bytes) sets the memory limit from the constant.
This PHP value has evolved:
- PHP <5.1.0 (2005-11-24): valued at 8 MB (view [https://web.archive.org/web/20051127013935/https://www.php.net/manual/en/ini.core.php archive.org page])
- PHP =5.2.0: valued at 16 MB
- PHP >5.2.0 (2008-12-12): valued at 128 MB (view [https://web.archive.org/web/20081217050654/https://www.php.net/manual/en/ini.core.php#ini.memory-limit archive.org page])
== Some questions ==
**Why change the WP_MEMORY_LIMIT value?**
To level it to the PHP standard.
If the hoster has some kind of limitation, misconfiguration, an incorrect value or does not allow changing it, the value used is the lesser, of 40 MB, which usually produces memory errors, when it should use the PHP default value, which is generally acceptable in new installations. At this time, 20 latest versions of WordPress (since WordPress 4.1 / 2014-12-17) can use PHP 5.6.40+ so it would meet the minimums set by PHP.
**Can, actually, the value be greater than the PHP value?**
Yes. That's why there is an intent to include something like:
{{{WP_MEMORY_LIMIT <= WP_MAX_MEMORY_LIMIT <= memory_limit}}}
== Premises ==
We should keep in mind some basic assumptions when incorporating PHP memory limits based on what users can do.
The memory limit set by computer systems are set for a reason. And that reason should be enforced; therefore, PHP's memory limit should not be exceeded, and in case it needs to be exceeded, it should be changed by the system administration.
Users can set the values they want from the wp-config.php configuration file. Often, extremely high values are set to hide a memory consumption problem due to bad programming. With a few visits it usually works, but it is a short-term fix.
We must be realistic about the memory limits of the WordPress Core and the normal use of a WordPress, whether it is a simple WordPress or a WordPress Multisite. Most WordPress sites install plugins and themes that make memory spikes higher.
PHP has its baseline memory limits that should serve as a reference for its use and application.
== Proposal ==
Considering that since 2008, and PHP >5.2.0 the {{{memory_limit}}} value is equal to 128 MB, should we consider an update of this value in the WordPress base configuration, or at least an update of the values?
The proposal from the WordPress Hosting team is for {{{WP_MEMORY_LIMIT}}}:
- WordPress Single: {{{define('WP_MEMORY_LIMIT', '128M');}}}
- WordPress Multisite: {{{define('WP_MEMORY_LIMIT', '192M');}}}
Another patch should be:
{{{WP_MEMORY_LIMIT <= WP_MAX_MEMORY_LIMIT <= memory_limit}}}
Users can modify the {{{WP_MEMORY_LIMIT}}} and {{{WP_MAX_MEMORY_LIMIT}}} at {{{wp-config.php}}} and should have some limitations in values, as far as WordPress cannot overflow PHP.
== Getting the values ==
When doing some calls to PHP functions and values, got this:
- php.ini: {{{memory_limit}}} -> value: {{{256M}}}
- function: {{{memory_get_usage}}} -> value: {{{2097152}}}
- updating the {{{ini_set memory_limit}}} to {{{512M}}} -> value: {{{memory_limit = 256M}}}
- function: {{{ini_get_all[memory_limit]}}}
{{{
Array (
[global_value] => 256M
[local_value] => 512M
[access] => 7
)
}}}
So, the real values are, always in the {{{ini_get_all[memory_limit]}}}.
After doing some tests, maybe hard-coding the values is a bad idea, but having some ""limits"" is cool (like now) but reading the real values.
== New code ==
This is just a proposal of code (need revision and checking by the WordPress Core Team).
{{{
#!php
$default_max_memory = 128 * MB_IN_BYTES; // this is a security limit. Should be align with the default PHP memory_limit. Now (PHP 5.3+) is 128M
$memory_default = ini_get( 'memory_limit' );
$ini_get_all = ini_get_all();
// set by global ini
if( isset( $ini_get_all['memory_limit']['global_value'] ) ) {
$max_memory_default = $ini_get_all['memory_limit']['global_value'];
} elseif( $memory_default ) {
$max_memory_default = $memory_default;
} else {
$max_memory_default = $default_max_memory;
}
// set by site / virtualhost / pool ini
if( isset( $ini_get_all['memory_limit']['local_value'] ) ) {
$max_memory_real = $ini_get_all['memory_limit']['local_value'];
} else {
$max_memory_real = $max_memory_default;
}
unset( $memory_default, $ini_get_all );
// default memory in bytes
$max_memory_default_int = wp_convert_hr_to_bytes( $max_memory_default );
if( $max_memory_default_int <= 0 ) $max_memory_default_int = $default_max_memory;
// site memory in bytes
$max_memory_real_int = wp_convert_hr_to_bytes( $max_memory_real );
if( $max_memory_real_int <= 0 ) $max_memory_real_int = $default_max_memory;
if( $max_memory_real_int < $max_memory_default_int ) $max_memory_real_int = $max_memory_default_int; // set the limit to the max memory set wherever
// user did not set the WP_MEMORY_LIMIT in wp-config.php
if ( ! defined( 'WP_MEMORY_LIMIT' ) ) {
define( 'WP_MEMORY_LIMIT', size_format( $max_memory_real_int ) );
// if the WP_MEMORY_LIMIT set by the user is greater than the real available
} elseif( $max_memory_real_int < wp_convert_hr_to_bytes( WP_MEMORY_LIMIT ) ) {
define( 'WP_MEMORY_LIMIT', size_format( $max_memory_real_int ) );
}
// user did not set the WP_MAX_MEMORY_LIMIT in wp-config.php
if ( ! defined( 'WP_MAX_MEMORY_LIMIT' ) ) {
define( 'WP_MAX_MEMORY_LIMIT', size_format( $max_memory_real_int ) );
// if the WP_MAX_MEMORY_LIMIT set by the user is greater than the real available
} elseif( $max_memory_real_int < wp_convert_hr_to_bytes( WP_MAX_MEMORY_LIMIT ) ) {
define( 'WP_MAX_MEMORY_LIMIT', size_format( $max_memory_real_int ) );
}
if ( wp_convert_hr_to_bytes( WP_MEMORY_LIMIT ) > wp_convert_hr_to_bytes( WP_MAX_MEMORY_LIMIT ) ) {
WP_MEMORY_LIMIT = WP_MAX_MEMORY_LIMIT;
}
unset( $default_max_memory, $max_memory_default, $max_memory_real, $max_memory_default_int, $max_memory_real_int );
}}}
Initial Props: @javiercasares, @crixu, @bernardzijlstra, @mikeschroder.
Original document from the Hosting team at
[https://docs.google.com/document/d/1CFMboqFnHMBifcuozqWKvUQUdxSCqCh-YcCwMOMeAl0/]" JavierCasares
Defects Awaiting Review 48855 Updating transient to remove expiration fails Options, Meta APIs normal defect (bug) new 2019-12-02T19:50:42Z 2019-12-03T14:09:21Z "When updating a transient using the set_transient method, it fails to update the transient's expiration date.
Looking at the code, it appears it's only looking for the expiration and deleting it if a new expiration date is specified. This renders it impossible to switch a transient from having an expiration date to not having one.
ex. code:
{{{#!php
determine_charset now forces utf8 when DB_CHARSET is set to utf8mb4 Database normal defect (bug) new 2016-12-14T05:05:58Z 2019-03-15T02:23:09Z "I've seen this happen several times now. `DB_CHARSET` is defined as `utf8mb4` and the columns in the database are set to `utf8mb4_unicode_ci`. However, the changes in 38581 are now forcing `utf8` causing the serialized array lengths to change when the data is queried and breaking them because the charsets don't match.
I can't say for certain because I'm debugging this issue on a site that isn't mine, but I don't think anyone explicitly set `DB_CHARSET` to `utf8mb4` in `wp-config.php`. It appears that at one point, WordPress set that define and created (or updated) those tables to `utf8mb4_unicode_ci`.
Deleting the `DB_CHARSET` define fixes the issue but that doesn't seem like an ideal solution for users who update and end up with a broken site.
I'll admit this is a bit over my head, so I'm hoping someone smarter than me might be able to chime in with some more info :) I'm definitely available to keep the conversation going. Thanks! " justinbusa 4.7 dev-feedback
Defects Awaiting Review 35529 Updating to 4.4.1 causes new pretty permalinks for media to break existing permalinks kraftbj Permalinks normal defect (bug) assigned 2016-01-19T18:43:41Z 2022-08-01T19:36:30Z "When updating a site from v4.0.9 to v4.4.1 at least one page (which is a top-level page for the site) is getting ""-2"" added on to its slug while an unattached image takes the original slug. This causes problems for SEO as well as breaking things that depend on results from functions like `is_page('slug')`." nyodulf 4.4
Defects Awaiting Review 49901 Updating plugins error messages for multiple plugins that error Plugins normal defect (bug) new 2020-04-14T02:05:08Z 2020-04-14T06:46:37Z "When updating plugins and more than 1 plugin causes an error the first error displays ok, but subsequent errors don't show correctly. They show the first plugin's error message not their own.
When I update both plugins separately they both show the correct error message.
When I update both plugins together, the first is correct but the second shows the same error message as 1st even its name....
" scole01 5.4
Enhancements Awaiting Review 52281 Updating plugin by upload and replace current should run activation hook function Plugins normal enhancement new 2021-01-12T12:46:15Z 2021-01-12T12:46:15Z "When installing a plugin by Add new -> Upload -> Replace existing, the registered activation hook function appears not to be called.
This may lead to unwanted behaviour when the activation function calls dbDelta().
The request is to run the activation hook function in this case, making this way to install a dfifferent version functionally equivalent to the regular update procedure." opajaap 5.6
Defects Awaiting Review 55380 Updating from 5.8.2 to 5.9.2 breaks default website (no additional plugins) Upgrade/Install major defect (bug) new 2022-03-11T21:14:36Z 2022-03-11T21:25:08Z "I wanted to test some plugins on my local server. I had old WordPress 5.8.2 archive. I installed it and then it automatically updated. Immediatelly after that my website broke. I didn't install any additional plugins.
Server: Apache 2.4
PHP: 7.4
MySQL: 8.0
{{{
Fatal error: Uncaught Error: Call to a member function switch_to_blog() on null in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\cache.php:239 Stack trace: #0 C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\load.php(727): wp_cache_switch_to_blog() #1 C:\OpenServer\domains\visualelementor.nodomain.me\wp-settings.php(131): wp_start_object_cache() #2 C:\OpenServer\domains\visualelementor.nodomain.me\wp-config.php(95): require_once('C:\\OpenServer\\d...') #3 C:\OpenServer\domains\visualelementor.nodomain.me\wp-load.php(50): require_once('C:\\OpenServer\\d...') #4 C:\OpenServer\domains\visualelementor.nodomain.me\wp-admin\admin.php(34): require_once('C:\\OpenServer\\d...') #5 C:\OpenServer\domains\visualelementor.nodomain.me\wp-admin\index.php(10): require_once('C:\\OpenServer\\d...') #6 {main} thrown in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\cache.php on line 239
Fatal error: Uncaught Error: Call to undefined function __() in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php:188 Stack trace: #0 C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php(152): WP_Fatal_Error_Handler->display_default_error_template() #1 C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php(57): WP_Fatal_Error_Handler->display_error_template() #2 [internal function]: WP_Fatal_Error_Handler->handle() #3 {main} thrown in C:\OpenServer\domains\visualelementor.nodomain.me\wp-includes\class-wp-fatal-error-handler.php on line 188
}}}
" rinart73 5.9.2
Defects Awaiting Review, reported against no version 41901 Updating fails for themes with style.css in sub directory. williampatton Themes normal defect (bug) assigned 2017-09-17T04:54:03Z 2019-03-18T12:54:28Z "https://github.com/WordPress/WordPress/blob/4.8-branch/wp-includes/theme.php#L466-L513
I saw this part and decided to put style.css in /themes/my-theme/subdir/
And in fact it worked. But, there was one problem. That's about updating the theme. ( I update this theme from GitHub instead of WP.org. )
In /wp-admin/update-core.php, Updating is success. At this time in site_transient_update_themes, There was a value of `my-theme/subdir` as a slug.
In /wp-admin/themes.php, Updating is failed. An error message was displayed `The theme is at the latest version.`. At that time, the response of ajax was as follows.
{{{
{
""success"":false,
""data"": {
""update"":""theme"",
""slug"":""my-themesubdir"",
....
}
}}}
That is, the slash has disappeared. When I looked it up, it was `wp_unslash()` when updating here.
I think that it is better to unify processing for slashes on either page.
" inc2734 dev-feedback
Defects Awaiting Review 53439 Updating failed. The response is not a valid JSON response. Editor major defect (bug) new 2021-06-17T10:57:16Z 2021-06-24T23:44:00Z "Hi, There seems to be a issue where when one tries to save a page you get the error ""Updating failed. The response is not a valid JSON response."" The only thing that seems to work is to set the permalink setting to plain.
I believe the issue has something to do with paths. I am running PHP 7.0.27
I have installed a fresh install of WP in wwwroot on a hosted service Hostek. Updated to 5.7.2. The only plugin I have is gutenberg using 2021 Theme. Set the permalink to Post Name. No problems with this setup.
Then I installed a test WP installation into wwwroot/_test/abc. Updated to 5.7.2. This only has gutenberg and 2021. Set the permalink to Post name. - WP throws the error and refuses to save the page - I do get offered to restore the backup so some sort of saving takes place. Following online guidance, I change the permalink to plain and then WP will save the page.
It seems that the issue has something to do with json not liking that WP is not installed at the root of the server. Possibly json is testing the slug and erroring out due to path conflict.
error site would be abc.com/_test/abc/slug.
good site is abc.com/slug
Kind Regards
Richard
" lupussolaris 5.7.2 dev-feedback
Reporter Feedback / Close 48268 Updating failed. Error message: The response is not a valid JSON response. Posts, Post Types critical defect (bug) new 2019-10-10T05:26:03Z 2021-03-31T21:52:09Z "Hi,
When i try to update the Page Template from default to full page then i am getting that error ""Updating failed. Error message: The response is not a valid JSON response."" in WordPress Version 5.3" phpdocs reporter-feedback
Defects Awaiting Review 50226 Updating block attribute meta (type array) fails if it is the only meta attribute Editor normal defect (bug) new 2020-05-22T13:26:08Z 2021-02-09T05:53:04Z "My support thread is [https://wordpress.org/support/topic/updating-block-attribute-meta-type-array/#post-12875806 here].
If I register a meta like this:
{{{#!php
object_post_type->options['type'],
'wpm_gallery_attach_ids',
[
'type' => 'array',
'description' => 'Associated Images',
'single' => true,
'show_in_rest' => [
'schema' => [
'type' => 'array',
'items' => [
'type' => 'number',
],
],
],
'auth_callback' => function() {
return current_user_can( 'edit_posts' );
},
]
);
}}}
And a block like this:
{{{#!php
[
'imgAttach' => [
'type' => 'array',
'source' => 'meta',
'meta' => 'wpm_gallery_attach_ids',
'items' => [
type' => 'number',
],
],
],
]
);
}}}
Then the array shows up correctly in my block's attributes as an array. If I update it like so:
{{{
const moveItem = ( imgId, move ) => {
const imgIndex = imgAttach.findIndex( id => id === imgId );
const newIndex = imgIndex + move;
if ( newIndex < 0 || newIndex >= imgAttach.length ) {
return;
}
imgAttach[ imgIndex ] = imgAttach[ newIndex ];
imgAttach[ newIndex ] = imgId;
const updatedImgAttach = [ ...imgAttach ];
setAttributes( {
imgAttach: updatedImgAttach,
} );
}
}}}
When I save the post, the attribute reverts to its original state and is not updated in the database.
However, if I add a second string meta to the block, everything works!
{{{#!php
object_post_type->options['type'],
'wpm_gallery_attach_ids_string',
[
'type' => 'string',
'description' => 'Associated Images String',
'single' => true,
'show_in_rest' => true,
'auth_callback' => function() {
return current_user_can( 'edit_posts' );
},
]
);
}}}
{{{#!php
[
'imgAttach' => [
'type' => 'array',
'source' => 'meta',
'meta' => 'wpm_gallery_attach_ids',
'items' => [
'type' => 'number',
],
],
'imgAttachStr' => [
'type' => 'string',
'source' => 'meta',
'meta' => 'wpm_gallery_attach_ids_string',
],
],
]
);
}}}
{{{
setAttributes( {
imgAttach: updatedImgAttach,
imgAttachStr: JSON.stringify( updatedImgAttach )
} );
}}}
(To be clear, imgAttach is never set from imgAttachStr.)
This seems like the inverse of [https://github.com/WordPress/gutenberg/issues/17384 SetAttributes does not work as expected with two or more post meta fields #17384] . It *does* work with two or more meta fields, but not one? If it is an array?
I am using WordPress 5.4.1, without the Gutenberg plugin.
" mikethicke1 5.4.1
Defects Awaiting Review 57413 Updating a user email via rest api doesn't trigger confirmation email Users normal defect (bug) new 2023-01-03T07:08:17Z 2023-01-03T07:46:30Z "When a user changes their email address through `wp-admin/profile.php` the email change is delayed until the user clicks a confirmation link in their email. This was implemented via #16470.
This doesn't happen when an administrator changes another users email address.
When a user updates their own email through the rest API (ie. `POST /wp-json/wp/v2/users/1`) the confirmation email is also not triggered, and the email change occurs instantly.
This is because the code for the email confirmation is a UI-only method, it's not attached to the user update event, simply the profile.php page submission.
The PR that will be attached to this will re-work the existing code to more generalise it and call it from the REST API.[[BR]]
As part of that, the confirmation link being changed from `wp-admin/profile.php` to `/wp-login.php?action=confirm-email-change...` makes more sense to me.
This could have unintended effects, as those using the REST API might be expecting changes to occur without any further action from the user, such as when there is a custom front-end, which this will break. Implementations would need to be updated to use a filter to remove the email confirmation step." dd32 has-patch
Reporter Feedback / Close 49900 Updates to Image Processing in WordPress 5.3 - Broken Intrinsic Sizing? Media normal defect (bug) new 2020-04-13T23:24:20Z 2020-05-14T22:46:41Z "Hello WordPress Wizards,
I am a bit late to learning about this Update - I am currently on the Latest Version of WordPress however: [https://make.wordpress.org/core/2019/10/11/updates-to-image-processing-in-wordpress-5-3/]
For months I have been talking to support teams and Developers before finding this article above. - Unfortunately I have had no luck with any ideas or information from them until finding this Post.
Since November 2019 (The first content I have added since the 5.3 Update) I have had an issue with Uploading Images.
For example I will upload an image at 250x250 pixels. However when it is displayed on the page the ""Intrinsic Sizing"" will be 624x468.
Inside of the Media Library it still says the dimensions are ""250x250"" however Right Clicking the Image > Open Image In New Tab - Displays the image at 624 x 468. - Its creating different sizings and now choosing the wrong one (e.g - not picking Original Dimensions)
I want to note. T**his is only for images uploaded SINCE this 5.3 Update**.
I can still insert previously uploaded images that are stored in the Media Library and they are the correct Dimensions on the page.
Attached Image Below showing:
[[Image(https://gmm-downloads.s3.amazonaws.com/WordPress+5.3+Intrinsic+Sizing.JPG)]]
I have disabled Themes and Plugins and the Issue still occurs.
**Note:** ''I am having this issue only on my LIVE site. My Development site with the same themes and Plugins does not get this error - so it was potentially a problem on Installing the update?''
From the timing and what the 5.3 Update included, I feel as though it is related to this 5.3 update.
Thanks!
Alex
**P.S** This is my first WordPress.org post - So I apologize if I am in the wrong area for posting this kind of question. Have a great day :)" techgmm 5.3 reporter-feedback
Defects Awaiting Review 58567 Updates inconsistently missing from Updates page and no update count bubbles in admin menu Upgrade/Install normal defect (bug) new 2023-06-18T00:50:49Z 2023-06-18T00:59:48Z "Until a few weeks ago, when there were X outstanding plugin updates, the Updates page showed them all, and the Updates and Plugins items in the admin menu showed a red bubble with X in it.
Now, when I log into WordPress, there are no red bubbles, and navigating to the Updates or Plugins page causes the bubbles to reappear, but the respective page may or may not show all the outstanding updates.
Sometimes, forcing the update check results in a full list, and sometimes, simply re-navigating to the same page completes the list. But sometimes, some updates disappear for no apparent reason.
I suspect this is related to having a premium plugin update on the list, but can't be sure. It just seems like partial lists contain a premium update, and often, it's one of those missing.
I've ruled out browser caching and there are no console errors or PHP error log message that could be related." galbaras
Defects Awaiting Review 45519 updates count differs on public area and in admin area Upgrade/Install normal defect (bug) new 2018-12-07T09:54:40Z 2018-12-07T09:54:40Z "when there are available 4 updates: 1 wp core update, 2 plugins updates ans 1 theme update -- then in public area there's a notification about 3 updates available, while in the same time in admin area -- about 4 ones.
wp version 4.9.8. i know i should upgrade before i post a ticket. but if i upgrade, there will be no updates available! this requirement contradicts with reproducing the bug!" awardpress 4.9.8
Enhancements Awaiting Review 26311 Updated (responsive) Tools -> Export admin screen Export normal enhancement new 2013-11-29T05:02:40Z 2019-02-26T02:25:27Z "Updated Tools -> Export admin screen
Switched from un-ordered lists based html to tables based HTML based on Permalinks admin screen.
''No javascript was harmed in this patch...''
" netweb 3.8
Defects Awaiting Review 50847 update_post_thumbnail_cache returns notice when get_the_post_thumbnail used with ID after setup_postdata() Post Thumbnails normal defect (bug) new 2020-08-04T17:23:43Z 2020-08-21T10:55:00Z "**Situation:**
- Inside main loop
- foreach over array of (related) post_id's,
- use ''setup_postdata($post)'' for each item
- Items call get_template_part(something)
- Template parts uses ''get_the_post_thumbnail'' which allow a post_ID
- ''get_the_post_thumbnail'' calls ''update_post_thumbnail_cache'' (because in_the_loop)
- ''update_post_thumbnail_cache'' gives **notice on line 101: Trying to get property 'ID' of non-object**
- Restore main loop with wp_reset_postdata()
**Possible fix:**
Change this
{{{#!php
posts as $post ) {
$id = get_post_thumbnail_id( $post->ID );
if ( $id ) {
$thumb_ids[] = $id;
}
}
}}}
To this
{{{#!php
posts as $post ) {
if (is_object($post)) {
$post = $post->ID;
}
$id = get_post_thumbnail_id( $post );
if ( $id ) {
$thumb_ids[] = $id;
}
}
}}}
in /wp-includes/post-thumbnail-template.php line 101
" tomcent 5.4.2 needs-patch
Defects Awaiting Review 59246 update_option returns true, even when the value didn't change, potentially adding back old data Options, Meta APIs normal defect (bug) new 2023-08-30T07:44:20Z 2024-02-07T17:56:21Z "`update_option` will inconsistently return true/false, depending on whether another update option call is made in the meantime.
While this isn't a problem per se, it creates inconsistent and unexpected behavior.
```
$a = get_option( 'a' );
$b = get_option( 'b' );
sleep( 5 ); // placeholder for code that takes some time
$b = '2';
update_option( 'b', $b );
update_option( 'a', $a ); // $a didn't change, so it shouldn't update but return false - but it will update and return true
```
Request 2:
```
$a = get_option( 'a' );
$b = get_option( 'b' );
$a = '7';
$b = '3';
update_option( 'b', $b );
update_option( 'a', $a );
```
Result:
Option 'a' will have a value of 1 instead of 7.
Why does this happen?
`update_option` uses `get_option` to get the $old_value - however the $old_value might in fact be a NEW value that was added in the meantime by another request.
This leads to unexpected behavior of `update_option` if called with unmodified data - since `update_option` sometimes behaves seemingly atomically, while in reality it doesn't - but most devs are not aware of this.
These are extremely hard to track down bugs for most developers.
Possible solution(s):
- ignore this issue, and improve documentation to make it clear that `update_option` might update an option even if the value didn't change - if the option was modified in the meantime
- add an additional parameter to `update_option` for `$old_value` to have people pass it in for comparison" malthert has-patch
Enhancements Awaiting Review 41099 update_option return value ambiguous Options, Meta APIs normal enhancement new 2017-06-19T20:58:45Z 2019-04-15T16:37:15Z "WordPress 4.8
The return value 'false' does not allow for differentiating if there was an error saving or if the option value already exists and is the same as the new value.
Consider this scenario: a plugin sends option values via AJAX to be updated. The AJAX function returns the return value of 'update_option' which determines the feedback provided to the user, such as a 'success' or 'failure' message.
Rather than returning 'false' if an option already exists and is the same as the new option, I suggest returning NULL. In this way the return value of 'update_option' can be checked as follows:
{{{#!php
if ( is_null( update_option( $option, $value, $autoload) ) ) { ... } // option exists and value is the same as existing option value
if ( false === update_option( $option, $value, $autoload) ) { ... } // an error occured when saving the option
if ( update_option( $option, $value, $autoload) ) { ... } // option updated successfully
}}}
The 'update_option' function would need line 308 changed from:
{{{#!php
return false;
}}}
to:
{{{#!php
return NULL;
}}}
" cloughit 4.8
Defects Awaiting Review, reported against no version 40007 update_option function does not work if the $value argument is false on a nonexistent option General normal defect (bug) reopened 2017-03-01T17:03:59Z 2023-10-30T23:49:08Z "If we specify a false argument in update_option function and if the database option does not exist then the option will not be saved.
I expect the option to be saved with false value if it does not exist.
If we look into the code of this function we can see that it will return false if the old value is false too, so if the option does not exists then it will return false.
It's a bug.
How to replicate? give a try:
{{{#!php
_do_query('SELECT post_id,...')
#1 /wp-includes/class-wpdb.php(3152): wpdb->query('SELECT post_id,...')
#2 /wp-includes/meta.php(1177): wpdb->get_results('SELECT post_id,...', 'ARRAY_A')
#3 /wp-includes/post.php(7421): update_meta_cache('post', Array)
#4 /wp-includes/post.php(7808): update_postmeta_cache(Array)
#5 /wp-includes/nav-menu.php(804): _prime_post_caches(Array, false)
#6 /wp-includes/class-wp-query.php(3560): update_menu_item_cache(Array)
#7 /wp-includes/class-wp-query.php(3824): WP_Query->get_posts()
#8 /wp-includes/post.php(2460): WP_Query->query(Array)
#9 /wp-includes/nav-menu.php(729): get_posts(Array)
#10 /wp-includes/nav-menu-template.php(165): wp_get_nav_menu_items(Object(WP_Term), Array)
#11 /wp-content/themes/beaverwarrior/components/CustomHeader/custom-header/includes/frontend.php(19): wp_nav_menu(Object(stdClass))
}}}
The way I'm currently fixing this problem is modifying `update_menu_item_cache`. Yes, this is corehacking, and I understand that it will be overwritten and break with the next core update.
I specifically changed this line:
{{{#!php
if ( ! empty( $post_ids ) ) {
_prime_post_caches( $post_ids, false );
}
}}}
to instead be:
{{{#!php
if ( ! empty( $post_ids ) ) {
_prime_post_caches( $post_ids, false, false );
}
}}}
This disables postmeta cache priming for linked posts in nav menus and fixes the memory limit I was running into. I would like to know if there's any further implications from doing this that I'm not aware of. If not, I can submit a pull request to have this merged in." huemordave 6.0 reporter-feedback
Enhancements Awaiting Review 55553 update_blog_option should accept autoload parameter Options, Meta APIs normal enhancement new 2022-04-10T21:22:46Z 2024-01-31T21:27:10Z The function update_blog_option doesn't accept any autoload parameter, even though it calls the function update_option that accepts an autoload parameter. giuse 5.9.3 dev-feedback
Defects Awaiting Review 36273 update_attached_file() on Windows will result in invalid image path when using native Windows directory separators Media normal defect (bug) new 2016-03-18T10:48:16Z 2018-04-30T23:34:09Z "Calling ''update_attached_file( $image->ID, $file );'' on platforms like Windows can be really bad if ''$file'' was normalized/validated using PHP's ''realpath()'' function:
{{{#!php
ID );
// Well, in real world you could have created the path manually...
// The only important thing to know is, that we call ""realpath()"" which will
// convert any directory separator into the native directory separator:
// Linux will end with /dir/subdir/basename.jpg
// Windows will end with C:\Dir\Subdir\basename.jpg
$file = realpath( $file );
// Again, this is just a demo, for real world cases see plugins like ""Force Regenerate Thumbnails""
// But this is a valid API call:
update_attached_file( $image->ID, $file );
// On Windows this will result in an update statement like
// UPDATE `postmeta` SET `meta_value` = 'C:WWWSitesdemohtdocswordpresswp-contentuploads201603example.jpg' WHERE `post_id` = 123 AND `meta_key` = '_wp_attached_file'
// when $file was set to ""C:\WWW\Sites\demo\htdocs\wordpress\wp-content\uploads\2016\03\example.jpg""
// Now imagine a plugin which is re-generating thumbnails :]
// The problem is
// $meta_value = wp_unslash($meta_value);
// in wp-includes/meta.php update_metadata().
}}}
When using ''update_attached_file()'' we should make sure that ''update_metadata()'' don't update the path value to an invalid value...
PS: After you updated all image paths to an invalid value, the media library won't work anymore:
{{{
[18-Mar-2016 07:31:10 UTC] PHP Warning: file_exists() expects parameter 1 to be a valid path, string given in C:\WWW\Sites\demo\htdocs\wordpress\wp-includes\media.php on line 3063
}}}
" Whissi 4.4.2 needs-unit-tests
Defects Awaiting Review 46364 update.php coding standards:trigger_error() function Administration normal defect (bug) new 2019-02-27T19:26:33Z 2019-04-01T18:56:43Z "Update.php in trigger_error() used three time code, but i do make one function and pass this function name and his variables.
**See the patch :**" utsav72640 has-patch
Enhancements Awaiting Review 60426 Update WP_Test_REST_TestCase::assertErrorResponse() to allow custom failure messages REST API trivial enhancement new 2024-02-02T12:21:08Z 2024-02-23T13:31:59Z "According to the WordPress coding standards, it is recommended that if there are more than 2 assertions in a single test method, these assertions should include custom failure messages to explain the nature of any failed assertions.
However, in the current state of the `WP_Test_REST_TestCase::assertErrorResponse()` helper method, it contains 2 assertions, making it impossible to add a custom message explaining the error.
To align with coding standards and improve the clarity of test failures, I propose updating the method's signature as follows:
{{{
protected function assertErrorResponse($code, $response, $status = null, $failure_message)
}}}
This change will allow developers to include a custom message when using the `WP_Test_REST_TestCase::assertErrorResponse()` method, improving the ability to diagnose issues during testing.
Furthermore, all the instances where this method is being used across the codebase need to be refactored to include the new `$failure_message` parameter, ensuring consistency." antonvlasenko needs-patch
Enhancements Awaiting Review 55922 Update wp_list_comments type parameter to allow array or string Comments normal enhancement new 2022-06-05T06:27:24Z 2022-06-05T06:27:24Z "Right now, the options here are all, or a specific comment type. This should allow for multiple comment types as allowed in WP_Comment_Query
" dshanske 2.7 needs-patch
Enhancements Awaiting Review 60514 Update whatwg-fetch library External Libraries normal enhancement new 2024-02-12T19:49:10Z 2024-02-19T09:23:11Z "A new version of the `whatwg-fetch` polyfill (3.6.20) is available.
The [https://github.com/JakeChampion/fetch/blob/main/CHANGELOG.md changelog] and [https://github.com/JakeChampion/fetch/compare/v3.6.17...v3.6.20 full of changes] are on [https://github.com/JakeChampion/fetch/ GitHub]." desrosj has-patch
Defects Awaiting Review 60318 Update URI: false - sometimes not working Plugins normal defect (bug) new 2024-01-22T14:21:01Z 2024-01-22T14:21:01Z "I've recently copied and modified a small plugin from wp-org for my own need.
I've set the {{{Update URI: false}}} header. However on the Plugins page, the View Details link still leads to the original plugin and the Enable/Disable auto-updates button link is present.
I've changed the main plugin file name to something else, but not the directory name, however the View Details link is still present.
I've removed the {{{readme.txt}}} file and that seems to do the trick.
To test this, I've then tried restoring the {{{readme.txt}}} file, removed the {{{Update URI: false}}} header and renamed the plugin file to its original wp-org name. The View Details link was NOT restored.
However, changing the plugin file name to something new again DID restore the View Details link. The experience has been very inconsistent throughout.
I'm running a LocalWP installation on Windows 10.
WordPress 6.4.2
PHP 8.2
VSCode editor.
This is not a long-term problem for me as I intend to rename the plugin file AND directory name, but thought I'd report this bug for the record." apedog
Enhancements Awaiting Review 47218 Update TinyMCE to 5.X.X or 6.X.X TinyMCE normal enhancement new 2019-05-10T17:41:21Z 2023-09-08T21:08:30Z "TinyMCE Version 5.0.5 has been released on May 9, 2019, see:
https://www.tiny.cloud/docs/release-notes/release-notes50/
https://www.tiny.cloud/docs/changelog/
Don't we want to keep it up to date?
It ''could'' break things, though, see :
https://www.tiny.cloud/docs/migration-from-4x/
related: #47205" Presskopp dev-feedback
Enhancements Awaiting Review 55541 Update the styling for invalid form fields Administration normal enhancement new 2022-04-07T10:58:42Z 2022-04-07T11:07:13Z "Splitting this out from #47018.
In a few places in the admin, a red border (actually a border and a box-shadow) are added to some form controls when submitting the form with some empty values.
The style of this red border still uses some transparency and doesn't match any longer with the new style used, for example, for the focus style which is a 'solid' border with no transparency.
For consistency, the red 'error' style should be updated. Here's a few places where the red error style can be checked:
- The Categories and Tags pages.
- The Edit Comment page, see the date and time small form under 'Submitted on'.
- Same for the Classic Editor Edit post page.
- The Menus page > create a new menu.
See attached screenshots." afercia has-patch
Defects Awaiting Review 53685 Update the `caniuse` database when running `grunt precommit:css` Build/Test Tools normal defect (bug) new 2021-07-18T23:58:00Z 2023-06-16T19:18:58Z "The `autoprefixer` dependency is responsible for applying browser specific prefixing and other changes to Core CSS generated from Sass files. It relies on the `browserslist` package, which in turn relies on the `caniuse-lite` database for determining which browser versions are supported for the project based on the `browserslist` field in the `package.json` file.
The `caniuse-lite` data is updated pretty frequently (several times a month), but unless it is manually updated, the data used is most likely outdated. This can result in unsupported browsers being considered supported due to outdated data.
When `grunt precommit:css` is run, the script should check whether `browserslist` is at the latest version to ensure the generated CSS supports the correct browsers.
The recommended way to do this is running `npx browserslist@latest --update-db`." desrosj
Defects Awaiting Review 48580 Update status in save_post hooks always true in WordPress 5.0 Posts, Post Types normal defect (bug) new 2019-11-12T21:47:58Z 2019-11-12T21:47:58Z "I think this issue shown after integration of Gutenberg editor, The {save_post} and {save_POST_TYPE} hooks always triggers {$update} as TRUE.
I made some tests, The {$update} is TRUE on saving the post for the first time and on updating also, it's always true.
{{{#!php
'No'
);
if( $update ) {
/* Saving New Post trigger this -- always {Yes} */
$db_values['is_new'] = 'Yes';
}
else {
$db_values['is_new'] = 'No';
}
/* Connect to IBM Server */
/* Update DB */
update_post_meta( $post_ID, 'postmetas_save_test', wp_unslash( $db_values ) );
}
}}}
" oxibug 5.2.4
Enhancements Awaiting Review 55410 Update spacer block markup in patterns/templates registered by Twenty Twenty-Two and Core Bundled Theme normal enhancement new 2022-03-17T09:33:16Z 2022-03-17T09:33:38Z "The Twenty Twenty-Two theme registers block patterns and templates that contain deprecated markup for core/spacer blocks. They specify height attribute as a number (""height"":50) instead of a string that includes units (""height"":""50px""). Because of that, the block parser reports depreciation messages in browser console.
The attached patch updates markup of block patterns and templates registered by modules that don't need to be compatible with pre-5.9 WordPress: the Twenty Twenty-Two theme and Core itself." jsnajdr 6.0 has-patch
Reporter Feedback / Close 55688 Update size function in WP_Filesystem_Direct Filesystem API normal defect (bug) new 2022-05-06T04:48:11Z 2022-05-06T19:21:54Z "Related: #55678
Replying to [comment:8 costdev]:
>
> [https://github.com/WordPress/wordpress-develop/pull/2677 PR2677] was discussed in the scrub. The PR patches a different function and this should be handled in a different ticket.
" mukesh27 2.5 close
Enhancements Awaiting Review 50400 Update Search Engine Visibility text following XML sitemap launch General normal enhancement new 2020-06-16T12:58:50Z 2020-06-16T22:28:01Z "#50117 adds XML sitemaps to core.
Whilst it's a non-goal of that project to add user controls for XML sitemaps, checking the '''discourage search engines from indexing the site''' option (In ''Settings'' > ''Reading'') ''does'' disable XML sitemaps entirely.
Given this, we should update the wording around this option to make this clear - and whilst we're in there, we could also do a little housekeeping.
I propose that we change the message to:
>**Search Engine Visibility**
>Discourage search engines from indexing this site (and disable WordPress' XML sitemaps)
>''Note: It is up to search engines to honor this request, and this setting won't prevent them from ''crawling'' your website.''" jonoaldersonwp
Defects Awaiting Review 29999 update post overwrites slug if current_user is contributor Posts, Post Types minor defect (bug) new 2014-10-16T08:09:04Z 2024-03-07T21:30:46Z "The [http://codex.wordpress.org/Function_Reference/wp_update_post/ wp_update_post] function calls [http://codex.wordpress.org/Function_Reference/wp_insert_post/ wp_insert_post] which is located in [https://core.trac.wordpress.org/browser/tags/4.0/src/wp-includes/post.php#L3068/ wp-includes/post.php] in posts.php at lines 3168 - 3171 there is this code:
{{{
// Don't allow contributors to set the post slug for pending review posts.
if ( 'pending' == $post_status && !current_user_can( 'publish_posts' ) ) {
$post_name = '';
}
}}}
this will remove post_name if the current user is a contributor without any message or notification. This creates an issue because scripts/plugins that uses wp_upadate_post usually don't handle this case (the documentation doesn't cover this also - I would update the documentation but I'm wondering if there's no other solution).
I don't see the issues that a contributor changing the slug would create (a contributor vs an editor) anybody does?" jnhghy 4.0 dev-feedback
Reporter Feedback / Close 41910 Update plugin/theme maintenance message Plugins normal enhancement new 2017-09-18T13:41:50Z 2019-06-20T21:06:25Z "Hey
The message that shows up when updating plugins or themes should not remove the visible site. Instead it should keep the old plugin/theme until it has finished updating and then smoothly change over to the new without disrupting the frontend of the site.
On fatal error it should automatically revert to the old and just give a message in the backend that it could not update to the new plugin/theme because of whatever reason. Then a message saying let the author of the theme/plugin know about the error.
" paaljoachim reporter-feedback
Enhancements Awaiting Review 51227 Update paginate_links dots to account for total pages General trivial enhancement new 2020-09-03T00:06:12Z 2020-09-03T00:08:51Z "Currently, under certain conditions the pagination shows dots when it would make more sense to show a number.
Example:
If you have the following variables:
{{{
Mid size: 2
End size: 1
Total pages: 5
Current page: 1
}}}
Then it will visually output as follows:
{{{
Prev 1 2 3 ... 5 Next
}}}
With current changed to 5 then it will show dots at 2 instead.
In this case, it would make more sense to show the number instead of dots.
" mikeybinns 5.5.1 has-patch
Enhancements Awaiting Review 51751 Update page header design General normal enhancement new 2020-11-10T20:40:14Z 2020-11-11T18:07:26Z "There is [https://github.com/WordPress/block-directory/issues/19 a proposal to create a block directory]. With that proposal comes an idea for a new header pattern that could be applied to all wp-admin pages.
Here is a sample of current page headers:
[[Image(https://cldup.com/-DlIcKR1yF.jpg)]]
Here is the page header pattern in the proposal:
[[Image(https://cldup.com/e3Kj4IaYHT.jpg)]]
The page header is made up of the following:
* **Title** - A short title of the page.
* **Description** - These will be both informative and inspiring. We will need some quality copywriting here.
* **Actions** - These can include search fields and button actions. In the following prototype, it is used primarily for Search, Upload, and Add New actions.
* **Help and Options buttons** - These will replace the ""Screen Options"" and ""Help"" tabs at the top of the pages.
It was initially designed in the context of a Block Directory page. In an effort to test it out, I mocked it up on a variety of pages. I made [https://www.figma.com/proto/dHtjHdh8lZm0DinGKP8MmT/Block-Directory?node-id=1885%3A456&viewport=-3514%2C1996%2C1&scaling=min-zoom a prototype] to easily move between the pages in order to get a better feel for it.
[[Image(https://cldup.com/KCiEMOq71r.gif)]]
You can also peruse [https://cloudup.com/c-n3LZwqhsP this Cloudup gallery] for static images.
In the above prototype, I made two notable changes: I made the background white and I increased the padding of the center column to `64px` instead of `20px`. The design is not contingent on these changes, but certainly looks nicer with them in my opinion. For the curious, [https://cloudup.com/cMnrdDB_SN9 here is a gallery with a grey background and no padding change].
As for implementation, I hope to use some of the styles from the relevant Gutenberg components including the toolbar buttons. I also hope to use the SVG icons. It would be a good first step in aligning the styles of wp-admin with Gutenberg.
What do you think?" michaelarestad
Defects Awaiting Review 53818 Update notification in admin bar is not updating Upgrade/Install minor defect (bug) new 2021-07-28T19:24:40Z 2021-07-29T00:00:32Z "Since I installed 5.8 the update notification continues to show what appears to be the sum of all the updates I have installed since 5.8. If I go to the update page or plugin page there are no updates needed and the update indicator returns to none.
When I log on later the indicator shows the number of updates again. Rinse Repeat.
Link to example: https://hubbelldigitalmedia.com/update-indicator.jpg
I looked to see if I could find any ticket or mention of this and did not find anything. So I thought I would, if this is a known issue, then I apologize for posting.
" andhub 5.8 needs-patch
Enhancements Awaiting Review 41934 Update load.php with wp_is_bad_request function Bootstrap/Load normal enhancement new 2017-09-20T17:42:06Z 2018-08-16T19:19:56Z "I propose adding a wp_is_bad_request function to load.php, as a way to allow plugin developers to short circuit code execution if the HTTP request that started the WordPress load process is considered a junk request. See: #17246
The existing wp_favicon_request (renamed to wp_favicon_request_x in test file) is re-written to use the proposed wp_is_bad_request function.
" rpayne7264 4.9
Defects Awaiting Review 50511 Update is not always shown live Upgrade/Install normal defect (bug) new 2020-06-29T16:18:59Z 2023-03-12T21:53:50Z "Hello,
I have several WordPress websites running. It always strikes me when I import updates that the update process is not always displayed. The page just stays gray at that moment. At the end, when everything is ready, the actual content is shown, which is otherwise always displayed live.
Why is that?
It's not just one side, sometimes all, sometimes one, then sometimes another, I don't see any system behind it. The updates work wonderfully, but this process is not always 100% the same. Does someone know the behavior?
I think it would be good if the page shows where WordPress is located step by step, because sometimes I think the system hangs, which is not the case.
Here is an example from just now, the page was gray for almost 20 seconds (1st screenshot) and then everything came with one swing (2nd screenshot).
Screenshot 1: https://ibb.co/2g8NThd
Screenshot 2: https://ibb.co/GcCWB9B
The browser doesn't seem to matter, I have already observed this with both the new Edge and Firefox.
Maybe someone has an idea 🙂
Thank you!
Translated from https://de.wordpress.org/support/topic/updatevorgang-wird-nicht-immer-angezeigt/" vincenz17 5.4.2
Enhancements Awaiting Review 58363 Update Hello Dolly plugin to current standards Plugins normal enhancement new 2023-05-20T09:39:46Z 2023-07-02T14:30:21Z "The Hello Dolly plugin is included with core as a demonstration of how to write a simple plugin. However, it was written 15 years ago and is no longer demonstrating the best practices that are now in use. Indeed, the plugin lacks escaping of the output and doesn't add translation for the main lyrics. And the README is so minimal it can hardly be considered a good example to those creating their first plugin.
[https://github.com/dartiss/hello-dolly-redux I've created a fork of Hello Dolly] where I've resolved all of these issues, whilst not changing what the plugin does at all. It passes PHPCS WordPress checks, as well as any other validation I can throw at it. It includes a revised README, better explaining the purpose of the plugin, as well as better quality commenting in the code itself. The CSS is no longer in-line but enqueued from a separate, minimised file. I've even compressed the assets.
Even if you don't want to use my forked version, I think a major revision of the code would be majorly beneficial if we want to retain the benefits that the plugin inclusion offers within core.
" dartiss
Defects Awaiting Review 49390 Update Grunt Patch to support saving credentials Build/Test Tools normal defect (bug) new 2020-02-09T21:38:06Z 2020-02-09T22:38:35Z "This ticket is for testing and then updating grunt patch to a new version that supports saving credentials securely. This will be version 2.1 when it is released.
" jorbin
Reporter Feedback / Close 37773 Update get_avatar() to support native and registered image sizes. Media normal enhancement new 2016-08-22T21:41:26Z 2021-03-31T16:55:15Z "The get_avatar() method currently allows developers to retrieve a user's avatar of a particular size by passing in an integer value, such as `get_avatar( 'jeremy@example.com', 80 )`.
In some cases, it might be useful to instead retrieve an avatar by passing in an image size registered with WordPress (e.g., thumbnail, medium, large).
See attached patch.
" jmichaelward 2.5 dev-feedback
Reporter Feedback / Close 46555 update fails when I have a print statement in my code. Posts, Post Types minor defect (bug) new 2019-03-18T11:38:41Z 2019-03-18T18:12:42Z "I get the the pink bar message ""update failed"", when I attempt to update a page that has an executed print statement in the code.
The file saves/updates, even though there is an error message.
Can the message be changed to ""update returned unexpected characters"" or some such.
running wordpress 5.1.1
" rweil55 5.1 reporter-feedback
Defects Awaiting Review 48698 "Update fails if there’s a ""Custom Html"" block and an Iframe inside it" Editor normal defect (bug) new 2019-11-18T12:10:39Z 2020-04-01T18:33:54Z "When creating a new post or updating an old post, If there's a ""Custom Html"" block with an Iframe inside it, save always fails - regardless of what's in that block.
It gives the following error:
Updating failed. Error message: The response is not a valid JSON response." ozgurnevres 5.3
Enhancements Awaiting Review 46305 Update emails w/ placeholders to use sprintf I18N normal enhancement new 2019-02-22T05:45:55Z 2019-02-22T06:48:49Z "In #32263 several comments for 'Do not translate...' placeholders in email content were introduced. This has been the convention it seems throughout core.
This puts the onus on translators to read those comments as well as not accidentally change them or drop one of the surrounding # characters on many of them.
Can this simply be switched to sprintf functions with numeric placeholders and the translator comments be updated to indicate the placeholders. This seems a little nicer of an approach than simply saying don't do something and hoping for the best.
Here's all the instances I've found;
https://github.com/WordPress/WordPress/blob/56c162fbc9867f923862f64f1b4570d885f1ff03/wp-admin/ms-delete-site.php#L49-L67
https://github.com/WordPress/WordPress/blob/50ddffbac37fdae9298d1f11fe1dd7b8535fc839/wp-includes/user.php#L2015-L2029
https://github.com/WordPress/WordPress/blob/50ddffbac37fdae9298d1f11fe1dd7b8535fc839/wp-includes/user.php#L3036-L3052
https://github.com/WordPress/WordPress/blob/0b15142c0bb375fee19f9576356bf2aac2a56d2a/wp-includes/ms-functions.php#L1544-L1560
https://github.com/WordPress/WordPress/blob/0b15142c0bb375fee19f9576356bf2aac2a56d2a/wp-includes/ms-functions.php#L2275-L2289
https://github.com/WordPress/WordPress/blob/dcdfd7f412cb83f43116f6e37d7bfba4b4673cde/wp-admin/includes/file.php#L2204-L2218
https://github.com/WordPress/WordPress/blob/729c8e875fd84e29cb26103ee43eec7f67a61f6e/wp-admin/includes/misc.php#L1244-L1262
https://github.com/WordPress/WordPress/blob/c204ac4bc7972c9ca1e6b354ec8fb0851e255bc5/wp-includes/functions.php#L6473-L6486" garrett-eclipse
Enhancements Awaiting Review 55260 Update Codex Page to Include Password Visibility Button and Language Switcher Login and Registration normal enhancement new 2022-02-25T16:43:24Z 2022-02-25T16:43:24Z "The Codex page, [https://codex.wordpress.org/Customizing_the_Login_Form /Customizing the Login Form], needs to be updated to include the [https://ibb.co/1dZ23W1 /login form password visibility button and the language switcher].
To assist, the following can be added to the updated page for the benefit of all WordPress users:
**Code to Disable the Password Visibility Button:**
{{{
function remove_wp_hide_pw_button() {
?>
Add New:
{{{
An error occurred in the upload. Please try again later.
}}}
I am using Twenty Nineteen theme with no plugins activated and I don't get the error when I remove the function.
https://codex.wordpress.org/Function_Reference/unzip_file
" troytempleman 5.1.1
Defects Awaiting Review, reported against latest stable branch 60747 Unwanted User Registration Security critical defect (bug) closed 2024-03-11T12:11:45Z 2024-03-11T21:58:31Z "Somehow two administrator users added to one of my WordPress website: saxonglobal.com
Username: Bury
Email: b@p.com
Username: wp-configuser
Email: wp-configuser@config.com" gauravsaxon 6.4.3
Defects Awaiting Review, reported against latest stable branch 60418 Unwanted commented code General normal defect (bug) new 2024-02-01T19:44:41Z 2024-02-06T11:28:18Z "There are unwanted PHP commented code line showing when I update the wordpress theme. Test case: I have commented html code with PHP comment syntax in theme's functions.php file and then I start the theme to update on the ""Updates"" page. But when theme is updated, that commented code showing at top (Screenshot attached). I don't know it is a bug or not." asgmehra 6.4.3 has-patch
Defects Awaiting Review 59763 unverified emails from buyers Mail major defect (bug) new 2023-10-29T09:31:16Z 2023-10-29T09:31:16Z "Hello,
Since the last update we have had trouble with emails.
Orders marked as unverified and going to junk files
Mail Chimp is broken and not sending our deals
Cart Abandonment emails are broken.
couplemate.com.au is from a Microsoft Server. We checked extensively with Microsoft and our host server.
We changed the email address in WooCOmmerce with emails still going to junk.
We have some 20 email addresses outside Woocommerce and all are acting normally.
Could you check your end please.
" couplemate 6.3.2
Defects Awaiting Review 55280 Unsupported operand types in Site Health Site Health normal defect (bug) new 2022-03-01T09:30:26Z 2024-02-27T09:04:35Z "I get the following error:
{{{
AH01071: Got error 'PHP message: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string - int in [..]/wp-admin/includes/class-wp-site-health.php:2521
Stack trace:
0 [..]/wp-admin/includes/class-wp-site-health.php(1728): WP_Site_Health->has_missed_cron()
1 [..]/wp-admin/includes/class-wp-site-health.php(192): WP_Site_Health->get_test_scheduled_events()
2 [..]/wp-admin/includes/class-wp-site-health.php(137): WP_Site_Health->perform_test()
3 [..]/wp-includes/class-wp-hook.php(307): WP_Site_Health->enqueue_scripts()
4 [..]/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters()
5 [..]/wp-includes/plugin.php(474): WP_Hook->do_action()
6 [..]/wp-admin/admin-header....', referer: https://[..]/wp-admin/
}}}
This is on a WordPress 5.9.1 multisite running on PHP 8.0.13 which was just upgraded from WP 5.5.8/PHP 7.3.33." lw5 5.9.1
Enhancements Awaiting Review 48143 Unstyled error message when activating broken plugin Plugins minor enhancement new 2019-09-26T01:52:43Z 2019-09-26T01:52:43Z The font of the error message shown in the iframe when activating a broken plugin doesn't match that of the rest of the page. See the attached image for an example. pierlo
Defects Awaiting Review 53228 Unspamming a comment should respect `comment_previously_approved` setting Comments normal defect (bug) new 2021-05-18T21:28:27Z 2021-05-18T21:32:57Z "On the ""Settings > Discussion"" page, the ""Comment author must have a previously approved comment"" setting (`comment_previously_approved`) allows a user's comments to be automatically set to `approved` status (a.k.a. `comment_approved = 1`).
However, if a comment from a previously-approved author is incorrectly-marked as spam (either internally via `check_comment()` or from an anti-spam plugin like Akismet) and later, a moderator marks the comment as ""Not spam"", this comment is not automatically approved. Instead, the comment is placed in the moderation queue (`comment_approved = 0`).
WordPress makes this determination during unspamming here: https://github.com/WordPress/WordPress/blob/f4631a98f50f6275d0284527cf9fd7009e439e55/wp-includes/comment.php#L1717-L1722
Specifically, if the comment has a previously-trashed status from the `_wp_trash_meta_status` meta value, WordPress will use it. Otherwise, an unspammed comment's status will be marked as `pending` or `0`.
Our users believe this is a UX issue. Previously-approved authors should not have their comments placed in `pending` after the comments are unspammed.
We're working around this issue at the moment, but thought we would ask if this is a bug or if this is by design." r-a-y
Defects Awaiting Review 39331 unsharpMaskImage in Imagick's thumbnail_image is not compatible with CMYK jpegs. Media normal defect (bug) new 2016-12-19T15:31:11Z 2017-05-11T14:40:11Z "This has been split off from #39216.
The use of `Imagick::unsharpMaskImage()` in `WP_Image_Editor_Imagick::thumbnail_image()` on jpegs with CMYK color spaces results in mangled images, eg black text becomes fuzzy and over-black, and colors change. The attached patch just doesn't call it if the image has a CMYK color space.
The unit test requires the attached ""test_cmyk.jpg"" to be uploaded to the test data images directory (which is actually the ""full"" jpeg produced by `WP_Image_Editor_Imagick` when processing the ""test_cmyk.pdf"" PDF uploaded to #39216).
" gitlost 4.5
Defects Awaiting Review 34913 Unscheduling cron jobs fails when original arguments were not an array. Cron API normal defect (bug) new 2015-12-08T13:31:40Z 2021-09-02T05:39:24Z "The Cron API does not check whether the cron job arguments passed are an array when scheduling a cron job. This inadvertently allows for scheduling cron jobs with string, integer or other arguments.
However when unscheduling the cron job using `wp_clear_scheduled_hook()`, the arguments are ''always'' cast to an array which leads to cron jobs which '''*can*''' be scheduled, but can't be '''''*un*'''''scheduled using `wp_clear_scheduled_hook()`.
The `wp_clear_scheduled_hook()` does throw a `deprecated` notices when non-array arguments are passed in, but this will most of the time go unnoticed as this function is most often used in a plugin deactivation routine.
The patch which I'm submitting makes sure that cron job arguments are always cast to an array.
The patch is backward compatible in that it:
* will not break the `schedule_event` filter for plugins (which are ''doing it wrong'') which expect their original non-array argument to test against.
* will schedule all newly schedule events with array arguments independently of how the arguments were passed.
* will upgrade the cron array to ensure that all arguments are arrays.
The patch includes unit tests proving the existence of the bug and the fixing of it by this patch.
As far as I can see, this bug was introduced by the changes in https://core.trac.wordpress.org/changeset/12462 and has been in WP since 3.0.
The patching of this bug also brought to my attention *another* (ancient) bug where in the cron option upgrade routine `_upgrade_cron_array()` the array structure wasn't respected properly leading to `Undefined index: args` notices and the inadvertent removal of cron events which were scheduled on the same hook for the same timestamp with different arguments.
That bug has also been fixed in this patch." jrf 3.0 dev-feedback
Defects Awaiting Review 54522 unsaved edits should consistently trigger pop-up alert Editor major defect (bug) new 2021-11-26T12:49:29Z 2023-04-30T08:01:12Z "https://wordpress.org/support/topic/unsaved-content-and-autosave/ described the steps to reproduce the bug.
Background: I use the classic editor to write posts every day. Like many users, I often forget my unsaved edits, and try to leave the edit page. This is such a common user error that WP has multiple protections. The autosave is one protection but I won't talk about it.
A second protection is a local cache in my browser. This is the (unsatisfactory) protection used in the current WP version (5.8.2). It's unsatisfactory because the forgetful user is allowed to leave the edit page with unsaved changes. When she returns to edit the same post, she may fail to notice a warning message in a banner.
This warning is triggered presumably because the local cached version differs from the latest saved version in MySQL.
I have seen (or missed) this banner warning more than 100 times. Not as good as the traditional protection that I have seen in 5.5.3.
The traditional protection is a pop-up alert whenever user attempts to ""leave"" the post-edit page.
(Leaving means Either closing the browser, or going to another website, or clicking on a link.)
Whenever the editor content differs from the last published version, the alert would ''reliably'' pop up. I would either hit cancel then save my changes, or hit Leave to discard my change **knowingly**.
Needless to say, the pop-up protection is more proactive, more preemptive than the second protection (local cache). That's why current WP version still uses this pop-up protection, but unreliable. In https://wordpress.org/support/topic/unsaved-content-and-autosave/ I discussed when the pop-up shows/doesn't show. To reproduce the bug (no pop-up) you need to be patient.
Even if you can't reproduce the bug, I can guarantee that it does exist. The attached screenshot is the banner warning in 5.8.2. It won't show up if the pop-up has always worked. In 5.5.3 I have not seen this banner." tiger40490 5.6
Reporter Feedback / Close 54621 Unsaved comment warning without any changes made when click on Publish, Update or Preview Buttons Comments major defect (bug) assigned 2021-12-14T14:42:58Z 2022-03-18T16:47:44Z "Hi Team,
I got unsaved comment changes warning without any changes made in the content of the custom post type post, here is screenshot: https://i.imgur.com/PQmirDL.png
I see new codes are added in the WordPress core file: wp-admin/js/edit-comments.js And there is some condition issue, the code is have strict equality comparison operator to undefined ID which is not present in the custom post type: #replyrow
Screenshot: https://i.imgur.com/kAHNkrs.png
Please review it.
Thanks" askaryabbas 4.6 reporter-feedback
Defects Awaiting Review 48194 "Unregistered image sizes used for IMG tag ""srcset""" Media normal defect (bug) new 2019-10-02T02:16:24Z 2020-07-21T06:25:14Z "Following design changes, previously-generated thumbnails remain on the site, along with matching post meta entries linked to the respective attachment. WordPress then uses those to produce IMG tags.
In fact, these thumbnails are referenced even when the files don't exist on the site anymore, following a cleanup.
I think WordPress should only use thumbnail URLs for registered image sizes.
For bonus points, there can be a way to remove unregistered size references from attachment meta, perhaps in a Media > Audit admin page, which lets the user decide what to remove and what to keep.
For context, I've just cleaned images on a site and found a lot of legacy references to thumbnails of previously registered sizes in IMG tags. Media management and cleanup plugins I used could only detect the redundant meta data when I re-registered the old sizes temporarily." galbaras
Defects Awaiting Review 56491 unregister_nav_menu() does not update theme mod 'nav_menu_locations' Menus normal defect (bug) new 2022-09-01T22:48:44Z 2022-09-01T22:58:18Z "When you register a menu location then attach a wp_nav menu to a that location it is added to array **''global'' $_wp_registered_nav_menus** and then another array stored in **get_theme_mod('''nav_menu_locations''')**.
{{{#!php
value pair from the **get_theme_mod('''nav_menu_locations''')** array.
Proposed Patch & update to unregister_nav_menu() in wp-admin/nav-menus.php on Line 109
{{{#!php
$id,
'post_content' => 'Hello, World!',
] );
}}}
3. Observe that a significant number of unnecessary taxonomy queries are performed" johnbillion needs-unit-tests
Defects Awaiting Review 56893 Unnecessary line breaks added by the code editor that breaks JavaScript Editor critical defect (bug) new 2022-10-23T10:22:36Z 2022-10-24T06:23:10Z "adding a simple JavaScript to the code editor and hitting the publish button just adds unnecessary
{{{
}}}
inside the Javascript which is a sufficient reason to break any JavaScript
How to reproduce: simply add a new post, paste/write any JavaScript and click the publish button to see the black magic
[[Image(https://i.imgur.com/fyrAwtI.png)]]
Regards,
Atef" sweetheatmn 6.0.3
Enhancements Awaiting Review 46835 unnecessary image size created Media normal enhancement new 2019-04-08T21:14:39Z 2019-04-09T08:38:57Z "[[Image(https://i.stack.imgur.com/JDFyd.png)]]
This is hard to explain. I have the medium size set to 640px wide.
If i upload an image that is exactly 640px wide. It creates an unnecessary copy of it that matches the original image in every sense.
The problem is that when i upload an image that's exactly 640px wide it makes a copy like so:
image.png (is 640x640 px)
image-640x640.png (is ALSO 640x640 px, so why create it?)
The medium (640px) size should only be created if the original image is Wider than that, not equal.
I hope i explained it well enough. Let me know if it needs clarification." ctrlaltdelete 5.1
Defects Awaiting Review 55215 Unknown file in WordPress core: wp-includes/SimplePie/Cache/adf416701234bb74c7b67e4f1dc6eede.spc Type: File Feeds normal defect (bug) new 2022-02-21T14:18:11Z 2022-02-21T16:03:28Z "Hi,
Just got three notices as above. Is it an issue or a leftover file causing a problem?
Thanks" marian57
Enhancements Awaiting Review 51762 Unix authentication support via unix_socket Database normal feature request new 2020-11-12T12:15:50Z 2020-11-12T12:15:50Z "Hi,
It seems WordPress supports unix_socket for the database, but not unix authentication - it would greatly increase the security of deployments (one less password is always better) and accelerate deploying speed, as you can just use the unix user for authentication.
More info here:
https://mariadb.com/kb/en/authentication-from-mariadb-104/
Cheers!" biztems
Defects Awaiting Review 57130 unittest for wp_upload_bits General normal defect (bug) new 2022-11-16T22:11:05Z 2022-11-22T19:46:02Z pbearne has-patch
Defects Awaiting Review 59009 units missing in media details Media normal defect (bug) new 2023-08-08T22:15:29Z 2023-08-09T21:47:37Z "Some units are missing which have been there before, see #39667
Length and Dimensions have no units anymore. I don't know since when, just found out using v6.3
This is the view you get after clicking a video in media gallery (Attachment Details) and then click on ""Edit more details""" Presskopp has-patch
Defects Awaiting Review, reported against no version 42714 Unit tests: Move remaining classes out of includes/utils.php into their own file Build/Test Tools normal defect (bug) new 2017-11-27T15:15:00Z 2017-12-09T01:47:28Z "The `includes/utils.php` file includes four classes:
- `MockAction`
- `testXMLParser`
- `MockClass`
- `wpdb_exposed_methods_for_testing`
The patch moves these classes into their own files, as this makes the code more transparent, and easier to add documentation.
The files are now loaded during bootstrap. Moving classes out of files can lead to issues, as seen in #37523.
Rather than continue loading these files always in `includes/utils.php`, one way to get around this is to check for these classes being loaded at the top `utils.php`. If not, they can be loaded, and an error message can be triggered, so that developers can update their code.
This backwards compatibility layer could then be removed after having it there for one major release.
" Frank Klein has-patch
Defects Awaiting Review 57201 unit tests for wp_maybe_load_widgets Build/Test Tools normal defect (bug) new 2022-11-25T00:54:19Z 2024-02-27T19:49:26Z pbearne has-patch
Defects Awaiting Review 57172 unit tests for _wp_json_sanity_check Build/Test Tools normal defect (bug) new 2022-11-22T01:12:56Z 2023-10-27T23:34:16Z pbearne
Defects Awaiting Review 43663 Unit Test test_theme_file_uri_returns_valid_uri fails on directories with spaces Build/Test Tools normal defect (bug) new 2018-03-29T22:15:47Z 2018-03-30T20:56:09Z "Setting up PHPUnit and running the unit tests for the first time produced some failures because I was running from a directory with spaces in the name (WordPress Unit Tests).
4 assertions in total failed, but all 4 of them reference the same function, here is one of the examples:
{{{
1) Test_Theme_File::test_theme_file_uri_returns_valid_uri with data set #0 ('parent-only.php', 'theme-file-parent', array('theme-file-parent'))
Failed asserting that two strings are identical.
--- Expected
+++ Actual
@@ @@
-'/Users/mattkeys/Desktop/W/WordPress%20Unit%20Tests/tests/phpunit/includes/../data/themedir1/default/parent-only.php'
+'/Users/mattkeys/Desktop/W/WordPress Unit Tests/tests/phpunit/includes/../data/themedir1/default/parent-only.php'
}}}
Looking at this test, it makes use of esc_url_raw() which encodes the spaces as %20, then compares them against the original URI which has does not have the spaces encoded, so they are not the same.
If this is something that we want to fix, an easy way would be to str_replace spaces > %20 before running the assertion. Patch attached." mattkeys 4.9.5 dev-feedback
Enhancements Awaiting Review 37005 Unit test for the wp_check_filetype method Media normal enhancement new 2016-06-02T18:43:14Z 2020-04-09T05:51:19Z "Improving the code coverage for the functions.php, to be more precise the `wp_check_filetype` method, this one hadn't any tests written, decreasing the overall code coverage. Now, the test covers the entire logic
" borgesbruno has-patch
Defects Awaiting Review 42058 Unit test for _autop_newline_preservation_helper() Formatting normal defect (bug) new 2017-10-01T18:49:35Z 2017-12-11T17:29:20Z just a unit test pbearne 4.9 dev-feedback
Enhancements Awaiting Review 31737 Unique identifier for Heartbeat API calls General minor enhancement new 2015-03-23T09:37:50Z 2022-07-06T18:50:48Z "''I chose ''Autosave'' as it is the most close component to the Heartbeat API.''
----
Currently it seems that the Heartbeat API call made are not differentiated as Heartbeat API calls. The AJAX URL used is the global JS `ajaxurl` variable and the user agent is the same as the user's browser user-agent.
This makes it difficult to parse them off general server access logs and so on.
----
Could it be possible to add a query variable (e.g. `admin-ajax.php?heartbeat=1`) or change/append the user-agent to `WordPress Heartbeat API` or something?
If a user logs in to `wp-admin` and leaves the session open, Apache's `access.log` files will be filled with unwanted clutter originating from the Heartbeat API requests.
With a query variable or a customized user agent server admins could redirect the Heartbeat API traffic logs to a custom log file or even `/dev/null` if they wish to. This could be possible with the following server directive in Apache for instance:
{{{
# Determine user agent, set environment variable depending on it.
SetEnvIfNoCase User-Agent "".*WordPress Heartbeat API.*"" heartbeatrequest
# Normal access log, without user-agent checked heartbeat calls.
CustomLog /path/to/access.log combined env=!heartbeatrequest
# Heartbeat calls go to another log file.
CustomLog /path/to/heartbeat.log combined env=heartbeatrequest
}}}
I know some Heartbeat API settings can be tinkered with a plugin or a theme using hooks and globals, but I think this addition should be made into the core to keep it consistent across the board." ojrask 3.6 has-patch
Defects Awaiting Review 54339 unique $keys array when add custom key from Several places with postmeta_form_keys General normal defect (bug) new 2021-10-29T09:11:47Z 2021-10-29T09:11:47Z "I added two similar custom key from my theme and a plugin with postmeta_form_keys filter.
but now display both of theme in custom-fields name's select box (custom-fields metabox - post.php or post-new.php)
I think is better to unique $keys before options are printed.
wp-admin/includes/template.php
line ~730
before:
foreach ( $keys as $key ) {
after:
$keys = array_unique($keys);
foreach ( $keys as $key ) {" myousefi08 5.8.1
Enhancements Awaiting Review 58987 Unify usage of die(), die( '-1' ), exit(); General minor enhancement new 2023-08-06T09:46:23Z 2023-08-06T12:46:51Z "like mentioned [[https://core.trac.wordpress.org/ticket/58420#comment:6|here]] I'd like to know if we want to unify the different die() calls we use:
{{{#!php
// Don't load directly.
if ( ! defined( 'ABSPATH' ) ) {
die( '-1' );
}
}}}
(mostly used, having a comment)
{{{#!php
if ( ! defined( 'ABSPATH' ) ) {
die();
}
}}}
(**not** having a comment), like seen in **\wp-admin\link-parse-opml.php**, **\wp-admin\site-health-info.php**
or even
{{{#!php
if ( ! defined( 'ABSPATH' ) ) {
exit();
}
}}}
like seen in **\wp-includes\rss-functions.php**" Presskopp
Reporter Feedback / Close 44423 Unicode characters in get string breaks pagination Posts, Post Types normal defect (bug) reopened 2018-06-21T11:59:20Z 2018-06-25T12:11:41Z "This was found when working with this plugin: [Ajax-Enabled Enhanced Layered Navigation](https://woocommerce.com/products/ajax-layered-navigation/) .
If there are unicode characters used in a parameter in a get string, then it breaks pagination by not allowing access to page 2+.
1. Set your blog posts to display 1 per page
2. View blog
3. Append this to the url in address bar and hit enter: `?dddd%D7%99%D7%A6%D7%A8%D7%9F=metabo`
4. Once page reloads, try to go to page 2
5. You should receive a too many redirects error
" jessepearson 4.9.6 reporter-feedback
Defects Awaiting Review 30495 Unicode character U+000B is not removed by sanitize_file_name Formatting normal defect (bug) new 2014-11-25T11:37:08Z 2018-08-27T15:59:22Z "It seems that the following expression is true:
{{{
json_encode(sanitize_file_name(json_decode('""\u000B""'))) == ""\u000b""
}}}
On Google App Engine, for example, a file name with a U+000B character cannot be saved.
Since the description of the function states:
Removes special characters that are illegal in filenames on certain
operating systems and special characters requiring special escaping
to manipulate at the command line.
... then I think this is a bug.
Thanks!" Craxic 4.0.1 has-patch
Defects Awaiting Review 41791 Unicode + add_permastruct breaks rewrite rules Rewrite Rules normal defect (bug) new 2017-09-04T11:15:57Z 2017-09-15T13:14:58Z "This was reported here https://github.com/woocommerce/woocommerce/issues/16673
To recreate the issue, create a taxonomy with a cyrillic name such as Сертификат. View the taxonomy archive. You'll see no results; it will go to the homepage rather than an archive.
In WooCommerce you can recreate this by creating an attribute (Product > Attributes) with a cyrillic name, and enabling the 'archive', assigning a term from this taxonomy to a product, and trying to view products by that term.
I managed to trace it back to the `add_permastruct`. The `struct` is added with unicode % encoded characters. When the rewrite rules are processed, it thinks these are placeholders so the `matches` variables do not align. See this screenshot for clarity:
https://www.dropbox.com/s/5vztnfm6895488a/query%20is%20wrong.png?dl=0
Notice all the $matches? Compare to a working taxonomy:
https://www.dropbox.com/s/24zyr5v7taw7b60/correct.png?dl=0
This can be fixed by using `urldecode` when adding the permastruct. I don't know if this has side effects but it worked in testing.
Patch to follow.
" mikejolley 4.9 needs-unit-tests
Defects Awaiting Review 53390 Unfreeze the code of is_serialized() General normal defect (bug) new 2021-06-12T17:14:18Z 2021-06-29T05:32:36Z "The code of [https://github.com/WordPress/wordpress-develop/blob/24a70204db8d9ca5c6ddfc2c22247418fa0af5a1/src/wp-includes/functions.php#L642 `is_serialized()`] is frozen [https://core.trac.wordpress.org/ticket/17375#comment:37 since 2016] as a security measure to protect WordPress and its plugins against PHP Object Injection vulnerabilities, linking to the [https://www.owasp.org/index.php/PHP_Object_Injection OWASP website] as a reference.
The initial idea was that the `is_serialized()` function should return `true` only for safe serialized strings, and `false` for unsafe ones to prevent their deserialization by the caller.
However, the current implementation completely fails to achieve that and does not bring any protection at all against the aforementioned threat.
Not only it doesn't add any security, but the fact that the code has been flagged as ""frozen in time"" is nefarious as it blocks any further developments (both [https://core.trac.wordpress.org/ticket/53299 functionally] and [https://core.trac.wordpress.org/ticket/53295 security] wise).
== Standard objects ==
Let's take all three examples from the [https://owasp.org/www-community/vulnerabilities/PHP_Object_Injection#examples OWASP page] used to support and document this choice.
The input string being malicious, `is_serialized()` is expected to return `false` for each of the following examples, as per documented in the original [https://core.trac.wordpress.org/ticket/17375#comment:37 ticket 17375].
**''I highlight that these are the exact examples used to support and document the choice of freezing `is_serialized()`''**, nothing has been changed.
=== Example 1 ===
Malicious payload:
{{{
http://testsite.com/vuln.php?data=O:8:""Example1"":1:{s:10:""cache_file"";s:15:""../../index.php"";}
}}}
Returned value:
{{{
var_dump(is_serialized('O:8:""Example1"":1:{s:10:""cache_file"";s:15:""../../index.php"";}'));
# Output: bool(true)
}}}
The function **failed** to properly detect and block the malicious serialized object.
=== Example 2 ===
Malicious payload:
{{{
Cookie: data=O%3A8%3A%22Example2%22%3A1%3A%7Bs%3A14%3A%22%00Example2%00hook%22%3Bs%3A10%3A%22phpinfo%28%29%3B%22%3B%7D
}}}
Returned value:
{{{
var_dump(is_serialized(urldecode('O%3A8%3A%22Example2%22%3A1%3A%7Bs%3A14%3A%22%00Example2%00hook%22%3Bs%3A10%3A%22phpinfo%28%29%3B%22%3B%7D')));
# Output: bool(true)
}}}
The function **failed** to properly detect and block the malicious serialized object.
=== Example 3 ===
Malicious payload generation:
{{{
class SQL_Row_Value
{
private $_table = ""SQL Injection"";
}
class Example3
{
protected $obj;
function __construct()
{
$this->obj = new SQL_Row_Value;
}
}
print urlencode(serialize(new Example3));
# Output: O%3A8%3A%22Example3%22%3A1%3A%7Bs%3A6%3A%22%00%2A%00obj%22%3BO%3A13%3A%22SQL_Row_Value%22%3A1%3A%7Bs%3A21%3A%22%00SQL_Row_Value%00_table%22%3Bs%3A13%3A%22SQL+Injection%22%3B%7D%7D
}}}
Returned value:
{{{
var_dump(is_serialized(urldecode('O%3A8%3A%22Example3%22%3A1%3A%7Bs%3A6%3A%22%00%2A%00obj%22%3BO%3A13%3A%22SQL_Row_Value%22%3A1%3A%7Bs%3A21%3A%22%00SQL_Row_Value%00_table%22%
3Bs%3A13%3A%22SQL+Injection%22%3B%7D%7D')));
# Output: bool(true)
}}}
The function **failed** to properly detect and block the malicious serialized object.
== Serializable classes ==
In addition to the standard serialized objects seen above, PHP also offers [https://www.php.net/manual/en/class.serializable.php an alternate mechanism] which basically replaces the call to the magic function `_wakeup()` by a call to the Serializable interface function `deserialize()`.
A specific attention has been given to prevent the deserialization of such objects, notably by the addition of a [https://github.com/WordPress/wordpress-develop/blob/376840b83cb11167d5fe545e929b37d41ce58d6e/tests/phpunit/tests/functions.php#L367 dedicated test case]. In particular, `is_serialized()` ensures that the first character of the serialized string must not be a 'C'.
Nevertheless, here again, if we take all OWASP examples and replace the standard objects by a Serializable object embedded within an array, `is_serialized()` systematically fails to detect and block the malicious payload:
- Example 1:
{{{
var_dump(is_serialized('a:1:{i:0;C:8:""Example1"":23:{s:15:""../../index.php"";}}'));
# Output: bool(true)
}}}
- Example 2:
{{{
var_dump(is_serialized(urldecode('a%3A1%3A%7Bi%3A0%3BC%3A8%3A%22Example2%22%3A18%3A%7Bs%3A10%3A%22phpinfo%28%29%3B%22%3B%7D%7D')));
# Output: bool(true)
}}}
- Example 3:
{{{
var_dump(is_serialized(urldecode('a%3A1%3A%7Bi%3A0%3BC%3A8%3A%22Example3%22%3A72%3A%7BO%3A13%3A%22SQL_Row_Value%22%3A1%3A%7Bs%3A21%3A%22SQL_Row_Value_table%22%3Bs%3A13%3A%22S
QL+Injection%22%3B%7D%7D%7D')));
# Output: bool(true)
}}}
== Conclusion ==
Freezing `is_serialized()` code as a security measure to block malicious payloads proves to be a totally ineffective measure as it fails to block any single one of the examples linked when this decision was taken and did not prevent WordPress from being vulnerable to any Insecure Deserialization vulnerabilities since then (a very quick search shows CVE-2020-36326, CVE-2020-28032, CVE-2019-12240, CVE-2018-20148, etc.).
This freeze should therefore be lifted to allow further developments, notably the implementation of more efficient protections against such threats." whitewinterwolf
Defects Awaiting Review 56724 unexpected sudden change in the site without any intervention from my side General blocker defect (bug) new 2022-10-03T23:55:12Z 2022-10-03T23:55:12Z "suddenly i found the website has changed but i did not do any change , i found 18 pages has been published since 2015, i did not add any of them and i just opened my website from a month
the homepage itself it's completely changed
i am still using the same theme but my change does not appear on the website after publishing it .
how can i return my website as it was?" mainoffice
Defects Awaiting Review 43100 Unexpected results from wpautop General normal defect (bug) new 2018-01-16T19:01:25Z 2019-01-17T01:25:57Z "An empty paragraph will result in invalid HTML
To reproduce using default theme add `echo wpautop( '
' );` into a template file.
Expected result `
`
Actual result ` `" pross
Defects Awaiting Review 48015 Unexpected results from wp_nav_menu() Menus major defect (bug) new 2019-09-11T13:01:16Z 2019-10-03T08:44:11Z "I'm using wp_nav_menu() in a shortcode. That is, I'm creating / placing a menu within a page (or post) and using a shortcode to that (as opposed to hardcoding it into the theme in a specific place). Specifically, I'm placing that shortcode via the core Gutenberg block for such things, but I don't believe that matters.
- If I pass in an empty array - wp_nav_menu([]) - it **echos** (?) a random menu, and return null.
- If I start with the default args for the function and unset both 'theme_location' and 'menu' and then pass that array in - wp_nav_menu([$args]) - , a random menu (same as the one echo'ed) is returned. How can it return an menu when none were specified.
- If I specify an invalid menu name / location (i.e., it's not registered), it returns a random array.
- For the menu it is returning, Admin > Appearance > Menus, I've unchecked all the Display Locations. That is, the menu does exit, but it's not associated with any locations. Still, wp_nav_menu() returns this menu.
I've done some other variations on the above trying to get empty or null back and I get a menu.
Long to short, I'm getting results when - afaik - I shouldn't be getting anything at all.
I'm going to add a check against the global $_wp_registered_nav_menus before I do anything with wp_nav_menu(), perhaps wp_nav_menu() should do similar?
I assigned a Severity = major mainly because this is a common function that gets used A LOT. I would think / hope it should, at this point, work flawlessly. " ChiefAlchemist 5.2.3
Defects Awaiting Review 58806 Unexpected ordering result when ordering based on multiple clauses Query normal defect (bug) new 2023-07-14T08:17:52Z 2023-07-14T08:17:52Z "I am not sure if this is a bug or this is a mis-understanding from my side on how the ordering works but
Consider the following `WP_Query`:
{{{#!php
'ids',
'post_type' => 'post',
'post_status' => 'publish',
'posts_per_page' => -1,
'meta_query' => [
'relation' => 'OR',
'sticky_clause' => [
'key' => '_sticky',
'type' => 'UNSIGNED',
],
[
'key' => '_sticky',
'compare' => 'NOT EXISTS',
],
],
'orderby' => [
'sticky_clause' => 'desc',
'title' => 'asc',
],
]
);
}}}
The expected behavior is that the query should show posts that have a `_sticky` meta first, then shows the rest of the posts sorted by their title alphabetically.
However it doesn't happen.
{{{
array(7) {
[0]=>
string(20) ""A guide to WordPress""
[1]=>
string(27) ""Brotherhood of creativeness""
[2]=>
string(30) ""Gather all information you can""
[3]=>
string(16) ""Yet another post""
[4]=>
string(12) ""Hello world!""
[5]=>
string(36) ""Opera browser released a new version""
[6]=>
string(27) ""Zebras are cool and relaxed""
}
}}}
In the above output of post titles, the `""Hello World!""` has `_sticky` meta, but the sorting isn't correct (nor alphabetically and nor by `_sticky` meta first)
This is the SQL query generated by this query:
{{{#!php
SELECT
wp_posts.ID
FROM
wp_posts
LEFT JOIN wp_postmeta ON (
wp_posts.ID = wp_postmeta.post_id
)
LEFT JOIN wp_postmeta AS mt1 ON (
wp_posts.ID = mt1.post_id
AND mt1.meta_key = '_sticky'
)
WHERE
1 = 1
AND (
wp_postmeta.meta_key = '_sticky'
OR mt1.post_id IS NULL
)
AND wp_posts.post_type = 'post'
AND (
(wp_posts.post_status = 'publish')
)
GROUP BY
wp_posts.ID
ORDER BY
CAST(
wp_postmeta.meta_value AS UNSIGNED
) DESC,
wp_posts.post_title ASC
}}}
If I am not wrong the issue happens at the position `ORDER BY CAST(wp_postmeta.meta_value AS UNSIGNED) DESC`, it should use the alias instead of the table name here (should be `mt1.meta_value`)" pelentak 6.2.2
Defects Awaiting Review 56682 Unexpected cut of the HTML title and the slug General normal defect (bug) new 2022-09-29T00:04:36Z 2023-02-13T02:54:30Z "WordPress cuts part of the HTML title and the slug after ""<="" sequence.
Example that is OK (compared with one that IS NOT after that):
- if the title entered is ""some >= word"" the HTML title would e ""some >= word"" and the slug - ""some-word"" (as expected)
- however if the title entered is ""some <= word"" then the HTML title is unexpectedly CUT and becomes ""some"" as well the slug is just ""some"".
The second example should perform exactly as the first one.
Note that the problematic sequence is ""<="" not just ""<""." dingdang 6.0.2
Defects Awaiting Review 47988 Unexpected behaviour when draft post has the same page_name as published post Posts, Post Types normal defect (bug) new 2019-09-06T02:49:20Z 2019-09-06T06:35:15Z "> What steps should be taken to consistently reproduce the problem?
{{{
wp rewrite structure '/%postname%/'
wp post create --post_title=""Example post title"" --post_status=publish --post_name=my-chosen-post-name
wp post create --post_title=""A draft post"" --post_status=draft --post_name=my-chosen-post-name
}}}
Visit http://www.example.com/my-chosen-post-name
> In case it's relevant to the ticket, what is the expected output or result?
We're expecting the published post to be displayed.
> What did you see instead?
If you're authenticated and have permission to view drafts, the draft post will populate the `Global $post` object and be displayed.
Anonymous users will get a 404 page or the browser will throw a `Too many redirects` error.
> Does the problem occur even when you deactivate all plugins and use the default theme?
Yes.
> Please provide any additional information that you think we'd find useful. (OS and browser for UI defects, server environment for crashes, etc.)
The core behaviour of the WP Admin post edit screen doesn't allow us to get into this state because `post_name` values are not stored for a post until it transitions to the `publish` post status. When this transition does happen `wp_unique_post_slug()` ensures the `post_name` being saved unique.
We first encountered this issue via the Yoast SEO plugin metabox which allows a ''Slug'' to be saved for draft posts. As you can see with the WP-CLI commands above, however, there are other ways of getting to this state.
The draft post is loaded for authenticated requests because the default query vars `order_by => post_date` and `order => DESC` means the draft post created after the published post populates the `WP_Query->post` property.
Anonymous requests are not able to view the draft post, so before returning a 404, `redirect_canonical()` calls `redirect_guess_404_permalink()` which builds a query for a published post where `page_name` is `LIKE` the post name and finds the published post and redirects to it... and the loop continues." ajfleming
Reporter Feedback / Close 56171 Unexpected behaviour and data loss with a post type called 'link' and Link Manager plugin active Taxonomy critical defect (bug) new 2022-07-08T00:07:32Z 2022-07-08T12:52:48Z "Steps to reproduce:
0. Install a fresh site (this will be easier to reproduce if the posts table has a low `auto_increment` value)
1. Install the Link Manager plugin (prior to version 3.5 this plugin was not required)
2. Register a post type called `link` (you can use the default args)
**3. Observe that ""Link Categories"" is added under the newly registered post type in the admin menu**
4. Publish a post through the `link` post type and take note of its numeric ID
5. Add enough links through the Link Manager until you reach the same numeric ID observed in step 4 (if it's a fresh site it shouldn't be too many)
6. Assign a link category to the link with the same numeric ID observed in step 4
**7. Go back to the `link` post type and observe that the published post has received the link category that was assigned to the link in step 6**
8. Now delete the post permanently
**9. Go back to the Link Manager and observe that the link has lost its category that was assigned in step 6**
This bug is caused because the taxonomy `link_category` is registered for the string `link`. [https://github.com/WordPress/WordPress/blob/6.0/wp-includes/taxonomy.php#L136 (See code)]
Interestingly, the function `register_taxonomy_for_object_type` [https://github.com/WordPress/WordPress/blob/6.0/wp-includes/taxonomy.php#L734 rejects any string that is not registered as a post type.] Of course, if the same check were included for immediate registration through `register_taxonomy`, link categories could not exist at all.
I discovered this while trying to get a clear answer on whether taxonomies were actually supported for non-post entities. I was nearly convinced they were not, until I noticed that link categories exist, and now it looks to me that no one knows the answer." manfcarlo close
Defects Awaiting Review 56627 Underscores are not allowed in block names; error message is misleading. Editor normal defect (bug) new 2022-09-22T17:11:45Z 2022-10-12T19:32:42Z "
The error when activating a plugin containing a register block whose name contains an underscore is vague and misleading.
If you do not have WP_DEBUG set to true in your site's wp-config.php file; there are no errors in the browser's javascript console while in the editor.
When you have WP_DEBUG set to true; and activate the plugin that contains the block, the error message displayed is misleading; the message, included verbatim below, states that a namespace prefix must be used and in my test case block, a name space was used; create-block
{{{
""Notice: Function WP_Block_Type_Registry::register was called incorrectly . Block type names must contain a namespace prefix. Example: my-plugin/my-custom-block-type Please see Debugging in WordPress for more information. (This message was added in version 5.0.0.) in /srv/www/case/public_html/wp-includes/functions.php on line 5831""
}}}
A testcase for a block named 'my_test_case' is available at https://gitlab.com/skorasaurus/my_test_case
The block does has a namespace, create-block.
The full stacktrace for the error is at
https://gist.github.com/skorasaurus/6506770a49bedff53876b962c1d29b16
This has happened to me in the past, has been reported in the [gutenberg issue tracker]https://github.com/WordPress/gutenberg/issues/13074 (issue was closed and directed to report here)" skorasaurus
Defects Awaiting Review 54078 Underscore appended to media file on upload Upload normal defect (bug) new 2021-09-06T14:02:07Z 2021-09-07T14:35:04Z "I noticed that a random underscore is appended to media files, when uploading them in an article. Im using the Classic Editor.
The original file name was:
**AB-LET.2018.133.AXH1.jpg**
Once uploaded, it became:
**AB-LET.2018.133.AXH1_.jpg**
There was no prior file uploaded with that name (at least the media gallery does not find any)." spielautomat4 5.8 dev-feedback
Reporter Feedback / Close 49153 Undefined Variable Warning Posts, Post Types normal defect (bug) new 2020-01-08T18:25:24Z 2020-01-09T19:21:08Z "Notice: Undefined property: WP_Post::$filter in wp-includes/class-wp-post.php on line 342
The fix is simple change the if statement to:
if ( !empty( $this->filter ) ) {" tweidman reporter-feedback
Defects Awaiting Review 55638 Undefined property: WP_Post_Type::$post_type Posts, Post Types normal defect (bug) new 2022-04-28T08:38:11Z 2022-05-13T08:48:12Z "
PHP 8.1.5
PHP Warning: Undefined property: WP_Post_Type::$post_type in wp-includes/post-template.php on line 649" pienoz 5.9.3
Reporter Feedback / Close 43804 Undefined offset: 0 in ../wp-includes/taxonomy.php on line 1903 Taxonomy normal defect (bug) new 2018-04-19T00:39:50Z 2019-01-17T01:13:20Z "The issue is pretty trivial. When there are no terms assigned to a post, the condition on 1894 will return false and this immediately will cause PHP error because $taxonomies array does not have any records inside.
To reproduce the issue, simply call wp_get_object_terms function with post, page or custom post type that does not have a single hierarchical term assigned to." vasyltech reporter-feedback
Defects Awaiting Review 41933 Undefined offset -1 in $pages array when post without pages is requested General normal defect (bug) new 2017-09-20T17:14:36Z 2018-10-15T15:42:22Z This patch fixes an undefined index -1 notice generated in post-template.php when a request is made without a page number. ComputerGuru 4.8.2 has-patch
Defects Awaiting Review 57518 Undefined array key in widgets.php on line 919 Widgets normal defect (bug) new 2023-01-20T21:22:37Z 2024-01-02T21:53:48Z "If you enable a plugin with a widget and then go to a page which does not display the widget (e.g. a Jetpack sitemap), you will receive an error similar to:
PHP message: PHP Warning: Undefined array key ""jetpack-search-filters-1"" in /wp-includes/widgets.php on line 918
PHP message: PHP Warning: Trying to access array offset on value of type null in /wp-includes/widgets.php on line 918"" while reading response header from upstream, ...,
request: ""GET /attachment-sitemap4.xml HTTP/2.0"", ...,
referrer: ""/sitemap_index.xml""
The issue appears to occur with some plugins, but not all and adding a check to see if the variable is set first seems to address the issue. There is no identified front-end impact, however, this can quickly fill up logs depending on your site traffic and configuration.
Testing can be completed by using Jetpack Search and Rank Math Sitemap xml files, though other combinations exist." sageth has-patch
Enhancements Awaiting Review 57925 Unclear message when URL for non-existing admin page is called Administration normal enhancement new 2023-03-15T01:07:55Z 2023-03-15T17:47:14Z "If you try to visit the admin page of a plugin that is currently inactive, then currently (WordPress 6.2) the error message given is:
{{{Sorry, you are not allowed to access this page.}}}
Even though in this case there may not even be such a page defined.
I got this message when I followed a link to the settings page of a plugin that had automatically disabled itself.
A user misunderstood this message in https://wordpress.org/support/topic/after-plugin-disabled-sorry-you-are-not-allowed-to-access-this-page/
One may reach this message if following an outdated bookmark to a plugin's admin page.
If possible, this particular case ""There is currently no such admin page defined in this system."" would be a better, and more actionable message." tobifjellner 4.6
Defects Awaiting Review 59585 Unchecked variable creates fatal error in wp-includes/class-wp-user-query.php Role/Capability normal defect (bug) new 2023-10-10T13:32:17Z 2023-10-10T21:12:27Z "Hello!
I've ran into a bug that had me need to modify core.
I have no clue why this bug happens in this setup in particular, i've got other WP websites running on the same server with no problem, but this one crashes with no plugins and twenty twenty two active.
Here is what I found; at line 483 there is an array_filter that passes a variable to the function... without verifying the variable is actually what is expected.
Bug is present in 6.3.2
{{{#!php
$role_data ) {
$role_caps = array_keys( array_filter( $role_data['capabilities'] ) );
foreach ( $capabilities as $cap ) { [...]
}}}
I fixed it by checking the variable is something before doing the array_filter
{{{#!php
$role_data ) {
$role_caps = '';
if(isset($role_data['capabilities'])){
$role_caps = array_keys( array_filter( $role_data['capabilities'] ) );
}else{
return false;
}
foreach ( $capabilities as $cap ) {
}}}
I would like this to be added to core, so it doesnt crash anymore and wont crash when I update WordPress next time." Frederic Pilon 6.3.2 needs-unit-tests
Defects Awaiting Review 55548 "Unchecked ""Uncategorized"" checkbox re-checks itself upon publish or update of a post" Editor normal defect (bug) new 2022-04-08T21:02:10Z 2022-04-08T21:02:10Z "A WordPress-based news website's editorial team has problems with the ""Uncategorized"" category.
1. They create a post and check the desired category and uncheck the default ""Uncategorized"" category.
2. Then they click ""Publish"".
3. At the last second during the Publish operation, the Block Editor unchecks the user-selected category and re-checks ""Uncategorized"".
4. Then they have to go back into the post and attempt to uncheck ""Uncategorized"" and recheck the desired category.
They have to do step 4 three or four times to get the result they want. Or they just use ""Quick Edit"" to change it in the post list.
It doesn't happen every time and is sometimes difficult to reproduce. But it happens often enough to be a problem. I cannot find a way to consistently reproduce it. Nor can I find any indication that this is a known issue with WordPress. It will happen with or without plugins enabled.
If there's no easy way to investigate or fix this in core, is there a way to add a script somewhere in the theme's functions.php or a jQuery script somewhere to ensure that ""Uncategorized"" *never* gets checked and that the originally-intended category remains checked? All the searches I do on Google for this topic ironically just reveal a bunch of posts on peoples' blogs that are set to ""Uncategorized""." rcwatson 5.9.3 dev-feedback
Defects Awaiting Review 57412 Uncaught TypeError: Cannot read properties of undefined (reading 'length'): jquery migrate Query critical defect (bug) new 2023-01-03T01:14:50Z 2023-01-03T01:16:13Z "Hi everyone!
I've been trying to fix this for days, but no change.
i tried to install different jquery migration plugins, but none solve the error on my site.
probably a plugin needed for the theme to work is in conflict. this plugin is helvig core.
if I go to the web page the problem does not exist, but when I enter the menu and try to go to one of the menu pages it doesn't work and gives me the following error:
Uncaught TypeError: Cannot read properties of undefined (reading 'length')
at init. (jquery-migrate-3.4.0.min.js?ver=3.4.0:2:8491)
at e. [as run] (jquery-migrate-3.4.0.min.js?ver=3.4.0:2:1566)
at u (jquery-3.6.2.min.js?ver=3.6.2:2:59974)
at E.fx.tick (jquery-3.6.2.min.js?ver=3.6.2:2:65017)
at st (jquery-3.6.2.min.js?ver=3.6.2:2:59376)
(anonymous) @ jquery-migrate-3.4.0.min.js?ver=3.4.0:2
e. @ jquery-migrate-3.4.0.min.js?ver=3.4.0:2
u @ jquery-3.6.2.min.js?ver=3.6.2:2
E.fx.tick @ jquery-3.6.2.min.js?ver=3.6.2:2
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
requestAnimationFrame (async)
st @ jquery-3.6.2.min.js?ver=3.6.2:2
I tried uninstalling themes and plugins. i downloaded the latest version directly on the theme forest purchase page, but no change.
i have tried different plugins to try to use other versions of jquery migrated, but the problem persists.
I also tried downgrading wordpress and completely uninstalled and reinstalled it.
the same problem of the site, I also find it locally.
how can i solve?" russellperez399 6.1.1
Defects Awaiting Review 42440 Uncaught TypeError: $(...).wpColorPicker is not a function Script Loader normal defect (bug) new 2017-11-05T23:30:56Z 2017-11-06T00:56:47Z "I can't edit my page using Page Builder because the next Error
{{{
gdlr-admin-panel-html.js?ver=f63693efb5b9a5e10ac3abbd57323a6b:192 Uncaught TypeError: $(...).wpColorPicker is not a function
at HTMLDocument. (gdlr-admin-panel-html.js?ver=f63693efb5b9a5e10ac3abbd57323a6b:192)
at i (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2)
at Object.fireWith [as resolveWith] (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2)
at Function.ready (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2)
at HTMLDocument.K (load-scripts.php?c=1&load[]=jquery-core,jquery-migrate,utils,plupload&ver=f63693efb5b9a5e10ac3abbd57323a6b:2)
}}}
Can you help please?" shamstarek 4.8.3
Defects Awaiting Review 54046 Uncaught SyntaxError: Invalid regular expression Editor normal defect (bug) new 2021-08-31T22:34:14Z 2021-09-11T23:50:56Z "Hi
I am trying to install a fresh version of WordPress on my server
but the problem is, on the add new post page, I am getting this error:
{{{
Uncaught SyntaxError: Invalid regular expression: /[!-/:-@[-`{-~б─-б©ц≈ц╥Б──-Б╞©Б╦─-Б╧©]/: Range out of order in character class
at new RegExp ()
at Module.pC98 (wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2)
at t (wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2)
at wp.wordcount.YLtl (wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2)
at wordcount.min.js?ver=61ab1af9326f4d5fda7ed01990e1be70:2
}}}
however everything is fine even with this error until I try to install SEO plugins, like Yoast SEO and Rank Math SEO, but the cause of the problem is WordPress
I tried everything to see if this problem will gone away or not
Tested with php 7.4 and 8.0
Tested with chrome, firefox and opera
Tested with mysql and mariadb, also tested with different charset
" mmakenzi 5.8
Defects Awaiting Review 56688 Uncaught Requests_Exception using Requests::request_multiple General normal defect (bug) new 2022-09-29T10:17:52Z 2022-09-29T10:17:52Z "If a remote website does not respond to a request in Requests::request_multiple then CURL timeout is unhandled in the process.
{{{
PHP Fatal error: Uncaught Requests_Exception: cURL error 28: Operation timed out after 10001 milliseconds with 0 out of 0 bytes received in /ggg/tg-plugin-development-local/app/public/wp-includes/Requests/Transport/cURL.php:443
Stack trace:
#0 /ggg/tg-plugin-development-local/app/public/wp-includes/Requests/Transport/cURL.php(179): Requests_Transport_cURL->process_response('', Array)
#1 /ggg/tg-plugin-development-local/app/public/wp-includes/class-requests.php(381): Requests_Transport_cURL->request('https://api.dyn...', Array, NULL, Array)
#2 /ggg/tg-plugin-development-local/app/public/wp-includes/class-requests.php(233): Requests::request('https://api.dyn...', Array, NULL, 'GET', Array)
#3 /ggg/tg-plugin-development-local/app/public/wp-content/plugins/tg-dynamic-dns-updater/public/class-tg-dynamic-dns-updater-public.php(149): Requests::get('https://api.dyn...', Array)
#4 /ggg/tg-plugin-development-local/app/public/wp-content/plugins/tg-dynamic-dns-updater/public/class-tg-dynamic-dns-updater-public.php(131): Tg_Dynamic_Dns_Updater_Public->tg_get_bearer_token('70f4>
#5 /ggg/tg-plugin-development-local/app/public/wp-includes/class-wp-hook.php(307): Tg_Dynamic_Dns_Updater_Public->tg_post_dynamic_dns('RHMgWcS1V5ybPtY...')
#6 /ggg/tg-plugin-development-local/app/public/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters('', Array)
#7 /ggg/tg-plugin-development-local/app/public/wp-includes/plugin.php(476): WP_Hook->do_action(Array)
#8 /ggg/tg-plugin-development-local/app/public/wp-content/plugins/tg-dynamic-dns-updater/includes/class-tg-dynamic-dns-updater-async-api-task.php(34): do_action('wp_async_tg_inv...', 'RHMgWcS1V5ybPt>
#9 /ggg/tg-plugin-development-local/app/public/wp-content/plugins/tg-dynamic-dns-updater/includes/wp-async-task.php(164): tg_async_dns_api_task->run_action()
#10 /ggg/tg-plugin-development-local/app/public/wp-includes/class-wp-hook.php(307): WP_Async_Task->handle_postback('')
#11 /ggg/tg-plugin-development-local/app/public/wp-includes/class-wp-hook.php(331): WP_Hook->apply_filters('', Array)
#12 /ggg/tg-plugin-development-local/app/public/wp-includes/plugin.php(476): WP_Hook->do_action(Array)
#13 /ggg/tg-plugin-development-local/app/public/wp-admin/admin-post.php(85): do_action('admin_post_wp_a...')
#14 {main}
}}}
To reproduce simply add non-responsive url to the requests array or reduce the timeout value to an unreasonable value to force a CURL timeout.
This issue is a bit beyond my understanding but has to do with the hook system calling other functions where the timeout occurs as best I can tell.... this creates a fault where it can't be caught by the calling code.
I also admit to not knowing what ""Component"" this belongs to.
" clutch2sft 6.0.2
Defects Awaiting Review 41745 Uncaught Error in get_query_var when $wp_query is null Query normal defect (bug) new 2017-08-28T16:24:01Z 2021-10-01T22:58:19Z When `get_query_var()` is called without the global $wp_query being set an Uncaught Exception is thrown. kbjohnson90 4.8.1 has-patch
Defects Awaiting Review 56694 Uncached database read for logged in users when Privacy Policy Page is deleted Privacy normal defect (bug) new 2022-09-29T20:47:20Z 2022-09-29T21:24:19Z "As a logged in WordPress user navigating around WordPress Admin, a hook fires on every admin page that attempts to notify you whether or not the suggested Privacy Policy text (in WordPress) has changed, sourced from the ""Privacy Policy Guide"" settings page.
The Privacy Policy itself is a Page, and the numeric ID of that page is saved as a Setting.
If the WordPress Page (that matches the ID that is set as the Privacy Policy Page setting) is permanently deleted, WordPress still attempts to query the database to look for this Page.
This results in a single database read query that will never find what it is looking for, and is not cached because it does not exist, causing it to happen again on every subsequent page that any logged in user navigates to inside of WordPress Admin.
* This user would normally never know this database chatter is happening because it isn't anything they are intentionally looking for
* I discovered this misbehavior while using the Query Monitor plugin on a dev site, and noticed that there was always 1 uncached database read
Screenshot of the query & call stack will be attached below." johnjamesjacoby 5.7 needs-unit-tests
Defects Awaiting Review, reported against no version 41272 Unattached media URLs broken for anything over 1000 Permalinks normal defect (bug) new 2017-07-07T23:09:21Z 2017-07-08T16:26:17Z "'''Steps to reproduce'''
1. On your local computer, rename a file to {{{1180.jpg}}}
2. Upload the file to the Media Library
3. Visit {{{example.com/1180}}}
You will get a 404 broken link.
If you do the same for a 1, 2 or 3 digit filename, you won't see the issue.
{{{
example.com/31.jpg // Works
example.com/872.jpg // Works
}}}
The problem isn't just related to images.
{{{
example.com/1871.mp3 // 404
}}}
" henry.wright
Enhancements Awaiting Review 45725 Unable to use the UPLOADS constant with WordPress in a different directory Upload normal enhancement new 2018-12-20T13:07:46Z 2019-01-16T06:50:09Z "=== The problem ===
When WordPress is installed in a different directory (you can achieve that by following [[https://codex.wordpress.org/Giving_WordPress_Its_Own_Directory|these instructions]]), the **UPLOADS** constant is unable to function correctly in some cases according to the **wp_upload_dir()**'s output. Occasionally the constant accepts a relative path what will be appended to the **ABSPATH** constant to determine the **basedir** and to the **site_url()** function to determine the **baseurl** for the uploads location.
Although WordPress does let you move the CMS (it actually can be anywhere on the filesystem), however the uploads directory will always be relative to the CMS directory (**ABSPATH** constant) when using the **UPLOADS** constant.
=== The use case ===
There are multiple use cases which will be affected by this but let's consider the next few parameters:
* Website URL: example.com
* Website DIR: /foo/bar
* WordPress URL: example.com/wordpress
* WordPress DIR: /foo/bar/wordpress
Our goal is to store uploads at:
* Uploads URL: example.com/uploads
* Uploads DIR: /foo/bar/uploads
However when we defining the UPLOADS constant as 'uploads', will result in the following:
* Uploads URL: example.com/wordpress/uploads
* Uploads DIR: /foo/bar/wordpress/uploads
You might wonder what will happen when we use an absolute value for the constant instead, in this case '/foo/bar/uploads' is used:
* Uploads URL: example.com/wordpress//foo/bar/uploads
* Uploads DIR: /foo/bar/wordpress//foo/bar/uploads
=== The solution ===
Possible solutions where I could came up with are, the two following:
* Add another constant like **ABSPATH** to the index.php, this could be tricky for some people to update but the benefits of it are very useful. It will allow you to use one WordPress installation for all your WordPress websites. How you might wonder? [[https://stackoverflow.com/a/39195424/3157038|This is how]], I've been using this already for years!
* Another solution could be to introduce a new constant specifically for the uploads directory path and only use the current **UPLOADS** constant for the url.
Both of these solutions require to be implemented into the **_wp_upload_dir()** function [[https://core.trac.wordpress.org/browser/tags/5.0/src/wp-includes/functions.php#L1972|on line 1972 in wp-includes/functions.php]]
Have a look at the patch attached to this ticket, with the patch WordPress will introduce both the **UPLOADS_DIR** and **INDEX_ABSPATH** constant. According to some tests I did it should also be backward compatible." Fleuv needs-docs
Enhancements Awaiting Review 56368 Unable to use enum with array data type - REST API REST API normal enhancement new 2022-08-12T08:16:14Z 2022-09-04T19:08:23Z "I would like to be able to specify enums when creating a REST schema property that accepts an array of values.
**For example:**
{{{#!php
__( 'Sort collection by object attribute.' ),
'type' => array( 'string', 'array' ),
'default' => 'id',
'items' => array(
'type' => 'string',
),
'enum' => array( 'id', 'title', 'date', 'include' ),
'validate_callback' => 'rest_validate_request_arg',
);
}}}
" picocodes
Defects Awaiting Review 53100 Unable to upload SVGs even if ALLOW_UNFILTERED_UPLOADS set Upload minor defect (bug) new 2021-04-27T15:17:10Z 2024-03-05T09:23:07Z "I have several sites where wp-config.php includes the line
{{{
define('ALLOW_UNFILTERED_UPLOADS', true);
}}}
I would expect that to permit all file types to be uploaded. However, SVG files are not allowed, displaying the message ""Sorry, this file type is not permitted for security reasons.""
I have tested this on a site using the default Twenty Twenty One theme, and no enabled plugins, and on that same site with Twenty Nineteen. I've tested it on several other sites, with a fairly broad collection of themes and plugins, as well. I am fairly confident the only code in common here is Core.
I know that there are several plugins that ""enable"" SVG upload support, but I would expect the ALLOW_UNFILTERED_UPLOADS define to take care of that for me. Unfiltered should mean unfiltered, including SVGs. Is this an oversight or bug in the upload handlers, or an intentional (and perhaps not-well-documented) choice?" desmith 5.7.1
Defects Awaiting Review 52531 Unable to upload .ico with PHP 7.4 Upload normal defect (bug) new 2021-02-15T16:41:43Z 2021-08-09T16:40:24Z "Hello,
I found the following related ticket: #11824
You can find attached an example file.
On PHP 7.3.21 libmagic is shown as 533 in phpinfo under ""fileinfo"" section.
On PHP 7.4.9 libmagic is shown as 537 in phpinfo under ""fileinfo"" section.
I tried to upload the same file as an admin on a fresh WP install on both versions on PHP, and it works with 7.3 while it doesn't with 7.4.
The error is ""Sorry, this file type is not permitted for security reasons."".
What I found is that `finfo_file` function returns either ""image/x-icon"" or ""image/vnd.microsoft.icon"" depending on the PHP version I'm using.
In the first case, this will be allowed because it matches WP's internal mime types array. But in the second case, it will simply return an invalid type error (empty `$type` and `$ext` variables).
I used the following workaround:
{{{#!php
v18.16.1
`npm -v` -> 9.5.1
docker is up and running
when I launch
`wp-env start`
I get the error below
Can someone help me?
Thanks in advance
Vito
✖ Error while running docker compose command.
{{{
#0 building with ""desktop-linux"" instance using docker driver
#1 [wordpress internal] load .dockerignore
#1 transferring context:
#1 transferring context: 2B 10.0s done
#1 DONE 10.1s
#2 [tests-wordpress internal] load .dockerignore
#2 transferring context: 2B 10.0s done
#2 DONE 10.1s
#3 [wordpress internal] load build definition from WordPress.Dockerfile
#3 transferring dockerfile: 2.02kB 10.0s done
#3 DONE 10.1s
#4 [tests-wordpress internal] load build definition from Tests-WordPress.Dockerfile
#4 transferring dockerfile: 2.03kB 10.0s done
#4 DONE 10.1s
#5 [tests-wordpress internal] load metadata for docker.io/library/wordpress:latest
#5 DONE 0.0s
#6 [wordpress 1/19] FROM docker.io/library/wordpress
#6 DONE 0.0s
#7 [wordpress 5/19] RUN sed -i '/stretch-updates/d' /etc/apt/sources.list
#7 CACHED
#8 [wordpress 6/19] RUN groupadd -o -g 20 v.chiarello || true
#8 CACHED
#9 [wordpress 7/19] RUN useradd -mlo -u 502 -g 20 v.chiarello || true
#9 CACHED
#10 [wordpress 2/19] RUN touch /etc/apt/sources.list
#10 CACHED
#11 [wordpress 4/19] RUN sed -i 's|security.debian.org/debian-security stretch|archive.debian.org/debian-security stretch|g' /etc/apt/sources.list
#11 CACHED
#12 [wordpress 3/19] RUN sed -i 's|deb.debian.org/debian stretch|archive.debian.org/debian stretch|g' /etc/apt/sources.list
#12 CACHED
#13 [wordpress 8/19] RUN apt-get -qy update
#13 CACHED
#14 [wordpress 9/19] RUN apt-get -qy install $PHPIZE_DEPS && touch /usr/local/etc/php/php.ini
#14 0.635 Reading package lists...
#14 1.544 Building dependency tree...
#14 1.634 Reading state information...
#14 1.850 0 upgraded, 0 newly installed, 0 to remove and 89 not upgraded.
#14 1.854 touch: cannot touch '/usr/local/etc/php/php.ini': No such file or directory
#14 ERROR: process ""/bin/sh -c apt-get -qy install $PHPIZE_DEPS && touch /usr/local/etc/php/php.ini"" did not complete successfully: exit code: 1
------
> [wordpress 9/19] RUN apt-get -qy install $PHPIZE_DEPS && touch /usr/local/etc/php/php.ini:
1.544 Building dependency tree...
1.634 Reading state information...
1.850 0 upgraded, 0 newly installed, 0 to remove and 89 not upgraded.
1.854 touch: cannot touch '/usr/local/etc/php/php.ini': No such file or directory
------
failed to solve: process ""/bin/sh -c apt-get -qy install $PHPIZE_DEPS && touch /usr/local/etc/php/php.ini"" did not complete successfully: exit code: 1
}}}" vchiarello
Enhancements Awaiting Review 44358 Unable to search a user if username is an email address Users normal enhancement new 2018-06-13T14:43:41Z 2019-01-16T06:50:09Z "If a user has an email address in his username, that user is not searched in admin user list page.
Steps to reproduce:
- Create a new user and use an email address as the username, e.g. `abc@gmail.com`
- Make sure no user on the system has an email address which contains `abc@` in it
- Search a user with `abc@` keyword. No user will be returned.
I think since WordPress does not restrict the character `@` in username, the search should include username field even when there is `@` in search keyword.
Does this make any sense?
" subrataemfluence dev-feedback
Reporter Feedback / Close 56136 Unable to move panels from below post editor content section to sidebar Posts, Post Types normal defect (bug) new 2022-07-04T08:32:21Z 2022-07-20T18:20:41Z "I am having the same problem reported here https://wordpress.org/support/topic/additional-panels-appear-at-foot-of-page-edit-area-rather-than-in-tool-bar/. The ""Additional"" panels in the WordPress editor are appearing at the bottom of the page. When I try to drag and drop to the sidebar, an infinitely long horizontal scrollbar appears and keeps scrolling right.
Screen capture video: https://drive.google.com/file/d/1Iy0G1I2OMgnOv4-grMApbY5V2W_l1kQs/view?usp=sharing" wpdev8195 5.0 reporter-feedback
Defects Awaiting Review 46016 Unable to move blocks in editor Editor normal defect (bug) new 2019-01-16T21:08:39Z 2019-01-17T17:50:01Z "As I understand it: an active block can be moved up or down with arrows at the left of the block, which appear with mouse pointer hover.
Arrows do not appear with hover.
When I highlight two blocks (click & drag), I can see the arrows and moving works. However, there is no handle for dragging.
OS: windows 10
Browser: chrome
wp: v. 5.0.3
Theme: Twenty Seventeen (version is up-to-date)
- Jon
" Sophie_Kath 5.0.3
Enhancements Awaiting Review 40705 Unable to login to admin backend from a wordpress login modal window Login and Registration normal enhancement new 2017-05-09T19:48:11Z 2017-05-09T21:15:38Z "Hello,
I am unable to login to WordPress backend from the login modal. Always get 'ERROR: The password field is empty.' error but if I login through this link https://yourwebsite.com/wp-admin/ or https://yourwebsite.com/wp-login.php it works.
I believe the modal login should work irrespective of where you are?
Have experienced this on more than five sites.
See the attached screenshot.
http://prnt.sc/f5xwb8
Thanks" dickensayieko 4.7.3
Defects Awaiting Review 48459 Unable to list users with 'No role for this site' Users normal defect (bug) new 2019-10-29T17:07:37Z 2019-10-30T09:26:54Z "I noticed that I had one user registered on my site with 'No role' in the summary. However, clicking on 'No Role' lists all [?] users, rather than the one I wanted [so I could remove it]. The only way to find it was to page through all the users (in my case the 3rd) until I found one with a role of 'None'.
To reproduce: Create a user; Edit the user and set role to 'No role for this site'; List all users; Click on 'No role' in the summary. This **should** display just the one user?
[Is it significant the summary shows as 'No role' but the listing shows 'None']
" ahall41 5.2.4
Reporter Feedback / Close 44516 Unable to edit theme's file on multisite from default editor Administration normal defect (bug) new 2018-07-04T21:38:12Z 2019-12-21T19:50:24Z "I am using WP 4.9.6 and on multisite when I tried editing theme's files from the editor it shows that it generated some fatal error. The actual message is 'Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You will need to upload your PHP file change by some other means, such as by using SFTP.'
Please see: https://prnt.sc/k2mshy" prashantvatsh 4.9.6 reporter-feedback
Defects Awaiting Review 57173 Unable to edit Main Menu Menus normal defect (bug) new 2022-11-22T04:09:06Z 2022-11-22T16:06:02Z "Steps to reproduce the issue:
1. Edit a website with a main menu.
2. Select the navigation block in the block editor and click on ""Manage menu""
3. Step 2 takes you to the page where you can edit menus.
4. Expected: hitting ""edit"" on the Menu entry should allow adding Pages/Posts to the navigation menu
Actual: Seeing a blank page with no ability to modify the contents of the navigation menu" vpalepu 6.1.1
Defects Awaiting Review 60248 Unable to delete theme placed in subdirectory Themes normal defect (bug) new 2024-01-14T08:38:53Z 2024-01-14T08:38:53Z "Originally reported in the Create Block Theme plugin repository: https://github.com/WordPress/create-block-theme/issues/500
Themes located in the subdirectory are recognized as installed themes and can be activated. On the other hand, themes located in the subdirectory will fail to be deleted. For example, if you delete the Twenrty Twenrty-three theme placed in the `wp-content/test` directory, the following response will be returned.
{{{
{
""success"": false,
""data"": {
""delete"": ""theme"",
""slug"": ""testtwentytwentythree"",
""errorMessage"": ""The requested theme does not exist.""
}
}
}}}
On the other hand, plugins placed in the subdirectory are not displayed as installed plugins.
My question is whether a theme placed in the subdirectory should be recognized as a valid theme in the first place.
The Create Block Theme plugin allows you to clone a theme by specifying the subdirectory. Also, in the PR below, there seems to be a case where the theme is placed in a subfolder.
https://github.com/WordPress/create-block-theme/pull/368
One of the items in the ""Edit"" screen is now 'Theme Subfolder'. This was one of the primary things that I needed to add in order to work with themes with Revisr. When a theme is installed from a .zip file it's installed at the top-level of wp-content/themes. However to manage themes in a git repo (such as our /pub free themes) that theme needs to be in a subfolder. This new functionality lets a user move the theme from a top-level into a subfolder (or move it around into another subfolder, etc). This works my simply moving the folder and then re-activating the theme with the new location information" wildworks
Defects Awaiting Review 60576 Unable to change contact email Users normal defect (bug) new 2024-02-19T19:04:05Z 2024-02-20T12:03:04Z Under users profile, I have been unable to have pending email change approved. I have looked at all the possible reasons this can happen but nothing has helped. douglas447 has-patch
Defects Awaiting Review 58398 "Unable to add blocks on WP 6.1 - ""+"" button does not work (it seems disabled)" General normal defect (bug) new 2023-05-25T00:59:03Z 2023-05-30T15:14:54Z I know that others have reported similar issues and some seem to be resolved - but not for me. I disabled all plugins and changed to the current theme but issue remains. Only if I roll back to 6.0.5 does the functionality return. jawhalen 6.1
Defects Awaiting Review 38595 Unable to access wp-admin/options-permalink.php when .htaccess file is on NFS Permalinks normal defect (bug) new 2016-10-31T19:03:14Z 2017-05-03T05:59:25Z "After nearly a week of troubleshooting, we have identified an issue with wordpress which is preventing us from storing our .htaccess file on an NFS mount.
This issue exists as far back as 4.4
In order to reproduce:
install wordpress in a directory where .htaccess is located on a mounted nfs share. Once wordpress is installed, navigate to yoursite.com/wp-admin/options-permalink.php - the page should fail to load.
This issue appears to be caused by the function ""flock();"" in the function ""insert_with_markers();"" in wp-admin/includes/misc.php
Per PHPs documentation, flock(); is only acceptable for use on local filesystems.
I found an existing ticket regarding this function - #31767 - if I understand correctly, flock(); was added to the ""insert_with_markers(); function to resolve a concurrent write issue on shared filesystems.
Disclaimer: I am not a PHP developer, and only understand the basic concepts. The testing for the above bug consisted of commenting out functions till I could find the source of the issue. Commenting out the ""flock();"" function in the ""insert_with_markers();"" function resolved the issue in our environment." kicwordpress 4.4
Defects Awaiting Review 56505 Un-necessary Language Files are Installed Upgrade/Install normal defect (bug) new 2022-09-03T13:29:56Z 2023-09-01T09:54:17Z "When your WordPress installation is set to a language other than ""English (United States)"", each time a core update is installed (or re-installed), several language files are added to `/wp-content/languages/` whether they are required or not ...
{{{
/wp-content/languages/plugins/akismet-en GB.mo
/wp-content/languages/plugins/akismet-en GB.po
/wp-content/languages/themes/twentvtwenty-enGB.mo
/wp-content/languages/themes/twentytwenty-enGB.po
/wp-content/languages/themes/twentvtwentvone-enGB.mo
/wp-content/languages/themes/twentytwentyone-enGB.po
/wp-content/languages/themes/twentytwentytwo-enGB.mo
/wp-content/languages/themes/twentytwentytwo-enGB.po
}}}
I believe that these files should **only** be installed if the relevant plugin or theme is installed.
Oliver" domainsupport 6.0.2
Reporter Feedback / Close 58491 UI problem when search for block while adding a post Editor normal defect (bug) new 2023-06-08T12:35:02Z 2023-11-28T16:15:27Z "**Precondition:**
- Gutenberg version 15.9.1
- WP 6.2.2
- PHP 8.2.5
- Ubuntu 23.04
**Steps:**
1- Create a new post
2- Click the + icon and search for 'block'
3- The UI expands slowly with no interaction
Expected: spaces fit automatically
Screencast: https://jmp.sh/KsMTIFiM" mai21 6.2.2 close
Defects Awaiting Review 58483 UI issue in uploasd multiple media in mobile Media normal defect (bug) new 2023-06-08T07:40:16Z 2023-06-08T07:40:16Z "Hi,
We need to add padding on the right side for maintaining alignment on the right side in uploading multiple media on mobile.
The more informed nation you can see mentioned screenshot. " sumitsingh 6.2.2
Defects Awaiting Review 55945 UI Isssue on header list view Editor normal defect (bug) new 2022-06-08T05:15:28Z 2022-06-10T09:43:43Z "Hi,
I am not able to see or scroll for see remove row on editor. more information you can see SS." sumitsingh 6.0
Defects Awaiting Review 44629 UI Add scrollbars for webkit on Update Plugins Upgrade/Install normal defect (bug) new 2018-07-24T06:58:31Z 2018-07-24T06:58:31Z "Hello,
I've found with the Update Plugins iframe it often completes almost silently and it appears almost stuck as at first glance there's no indication there's more hidden in the fold of the iframe.
For instance my recent update left the last visible line as 'Disabling Maintenance mode...' but then it seemed to go silent and even though lines were written below they were hidden from view. This made me sit thinking I'd have to go remove the .maintenance file.
*Screen to come.
I'm on chrome webkit and would assume safari would be the same. It would be nice to override the browser and force the scrollbar to be visible. I often find the scrollbar almost acts as a progress meter as it gets smaller the longer the content gets so having it visible would be nice.
I hope that makes sense, just wanting to improve the cognitive feedback on the iframe to avoid leaving the user assuming the execution has suddenly stopped.
Thank you
" garrett-eclipse 4.9.7
Enhancements Awaiting Review 58391 Ugly looking file editing section Media normal feature request new 2023-05-24T07:36:12Z 2023-05-25T16:03:34Z "While editing (adding title, description)a file, the view looks ugly.
Here is the screenshot: https://prnt.sc/B3XPrV9f0Rsx
If we add some border radius, it would look nice.
Thank you " ahsannayem has-patch
Defects Awaiting Review 60070 Typo in wp-includes/class-json.php General trivial defect (bug) new 2023-12-14T10:25:56Z 2024-01-27T21:12:45Z "If we go through wp-includes/class-json.php on line number 186 we can see it is mentioned: ""multibye"". It should be ""multibyte""." jayadevankbh dev-feedback
Defects Awaiting Review 59373 TypeError: str_contains() argument must be of type string, array given in wp-login.php Login and Registration normal defect (bug) new 2023-09-16T23:06:41Z 2023-10-05T01:24:43Z "This seems to affect PHP 8.0 and higher.
Downstream report at https://github.com/jquery/infrastructure-puppet/issues/34
> Seems to be an upstream issue where a `$_GET` or `$_REQUEST` key is checked for existence but not for type, thus prone to misuse when crafting query parameters in the array-form that PHP supports.
Easily reproduced, for example, at:
* HTTP 500 https://timotijhof.net/wp-login.php?redirect_to[x]=y
* HTTP 500 https://jquery.com/wp-login.php?redirect_to[x]=y
" TimoTijhof 6.3.1
Defects Awaiting Review 55139 TypeError: k is not iterable Editor normal defect (bug) new 2022-02-10T19:19:27Z 2022-02-10T19:19:27Z "When I am in the block editor and try typing something in the box search get the below error, see image 01 and 02.
[[Image(https://inqmatic.com/wp-content/uploads/2022/02/image_01.png)]]
[[Image(https://inqmatic.com/wp-content/uploads/2022/02/image_02.png)]]
The error is:
{{{
TypeError: k is not iterable
at f (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86949)
at https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86506
at Array.map ()
at m (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86496)
at p (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:26:86043)
at https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:12:14633
at Object.useMemo (https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/react-dom.min.js:220:462)
at c.useMemo (https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/react.min.js:30:236)
at Wg7J.t.a (https://c0.wp.com/c/5.9/wp-includes/js/dist/block-editor.min.js:12:14608)
at Le (https://c0.wp.com/c/5.9/wp-includes/js/dist/vendor/react-dom.min.js:100:3)
}}}
further, this error appear then update to wordpress 5.9.
Thanks." zirtrex 5.9
Defects Awaiting Review 59355 TypeError: Cannot read properties of undefined (reading 'hasClass') in wp-auth-check.min.js Security normal defect (bug) new 2023-09-15T04:00:17Z 2023-09-15T04:03:37Z "Here is the trace:
{{{
at
HTMLDocument.(.../wp-includes/js/wp-auth-check.min.js:2:655)
at
HTMLDocument.dispatch(.../wp-admin/load-scripts.php:2:39997)
at
v.handle(.../wp-admin/load-scripts.php:2:37968)
at
Object.trigger(.../wp-admin/load-scripts.php:2:70063)
at
HTMLDocument.(.../wp-admin/load-scripts.php:2:70665)
at
Function.each(.../wp-admin/load-scripts.php:2:3129)
at
e..each(.../wp-admin/load-scripts.php:2:1594)
at
e..trigger(.../wp-admin/load-scripts.php:2:70640)
at
Object.(https://wednesdaynighthop.com/wp-includes/js/heartbeat.min.js:2:2186)
at
c(.../wp-admin/load-scripts.php:2:25266)
}}}
" chamois_blanc 6.3.1
Reporter Feedback / Close 56953 TypeError: Cannot destructure property 'themeSupportsLayout' of '(0 , p.useSelect)(...)' as it is undefined Editor normal defect (bug) new 2022-11-02T10:43:03Z 2022-11-03T16:33:26Z "Hi
this morning with update of WP to 6.1 have a lot of problems. I tried to deactive all plugins and I think that is an error of Core.
TypeError: Cannot destructure property 'themeSupportsLayout' of '(0 , p.useSelect)(...)' as it is undefined.
at https://domain.com/wp-includes/js/dist/block-editor.min.js?ver=d39738cb7c1202964677:26:193469
at ct (https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:43430)
at os (https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:111136)
at Ur (https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:77643)
at Ir (https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:77571)
at Dr (https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:77434)
at Pr (https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:74429)
at https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:30173
at unstable_runWithPriority (https://domain.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1:9:7431)
at xn (https://domain.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:29950)
I tried to reinstall WP but the link is on 404:
https://downloads.wordpress.org/release/it_IT/wordpress-6.1.zip
I've bug on editor of themes, on create new content and on front-end
Please fix the problem" pigot4 6.1 reporter-feedback
Defects Awaiting Review 56590 TypeError error in get_the_content when $elements['page'] and $elements['pages'] are null Posts, Post Types normal defect (bug) new 2022-09-16T21:24:27Z 2022-09-23T01:03:57Z "`if ( $elements['page'] > count( $elements['pages'] ) )` in file `wp-includes/post-template.php` (currently on line 319) throws the following error when those array items are null:
`Fatal error: Uncaught TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in /wp-includes/post-template.php:319`
A case where they would be null is a search request with no results where a plugin like Timber is used to assign $post a non-WordPress-core value. Adding the condition `if ( ! is_null( $elements['page'] ) && ! is_null( $elements['pages'] ) )` solves the problem." cantbelieveitsnotbutter 6.0.2 has-patch
Reporter Feedback / Close 57287 Type error calling Styles > Customize > Blocks from FSE Editor normal defect (bug) new 2022-12-07T03:48:59Z 2022-12-13T16:29:10Z "From FSE, When I open Styles pane, Then click ""Blocks"" I receive an error:
{{{
TypeError: Cannot use 'in' operator to search for 'color' in
at http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:72801
at Array.forEach ()
at ll (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:72639)
at Tl (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:82514)
at Cl (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:82422)
at Xl (http://localhost:10043/wp-includes/js/dist/edit-site.min.js?ver=3ab3e2570a5c4c270c72:12:103806)
at ct (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:43430)
at os (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:111136)
at Ur (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:77643)
at Ir (http://localhost:10043/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1:9:77571)
}}}" ritterml 6.1.1 reporter-feedback
Defects Awaiting Review 58553 Two query blocks on home template (FSE) breaks the second one Query normal defect (bug) new 2023-06-16T06:47:30Z 2023-06-16T06:47:30Z "On a site we have a home.html template where we display a custom query with sticky posts before the main query (inherited). We also filter the main query to do not display sticky posts again. Since we updated to 6.1.3 the second query skips the first post (that is the most recent non-sticky post).
After some debugging I realize that the `$wp_query->current_post` value is 0 after the first loop instead of -1, causing it to skip the first item (index 0) on the `$wp_query->posts array`. Following the logic in wp-includes I cannot find any obvious change introduced on 6.1.3 to produce this error.
I’ve reproduced the issue on a fresh new installation of wp (with 6.2 version):
* I have created several posts (duplications of Hello world)
* I have crated a new category.
* I have assigned three posts to the new category
* I have modified the home template (on the site editor) to add a custom query before the main one, where I display the three posts from the new category
[[Image(https://images2.imgbox.com/3d/5c/wfm9rpvl_o.png)]]
Result with wp 6.1.2
When I update to 6.1.3, the “last one” disapears:
[[Image(https://images2.imgbox.com/43/b0/OMZDY2ba_o.png)]]
I have found a quick fix that solves it:
{{{#!php
is_home){
global $wp_query;
//sets the $wp_query->current_post to -1
$wp_query->current_post = -1;
}
});
}}}
But I assume this may potentially affect more users and should be fixd on the core.
BTW: Using two custom queries doesn’t work for us because we want to keep the default pagination settings with the `/page/2` urls" acaballerog 6.2
Defects Awaiting Review 51844 Two different automatic update emails are sent at the same time Upgrade/Install minor defect (bug) new 2020-11-22T04:58:06Z 2020-11-27T18:07:50Z "Subject 1.
> Some plugins were automatically updated
Subject 2.
> Background Update Finished
Both mentioning the same plugin(s)." knutsp
Reporter Feedback / Close 55426 Two Categories in one URL; Shows Posts that are in BOTH Categories doesn’t work Taxonomy normal defect (bug) new 2022-03-19T19:33:56Z 2022-05-17T21:23:45Z "Hey,
so usually i was able to add two categories in the URL and it would only show Posts, that are listed in BOTH categories. The Link was always domain.com/category/cat1+cat2 and worked for years. When using that link it would only show the posts that are marked in BOTH categories.
But i just tried to look for a post this way and that simply doesn’t work anymore. It only uses the first Category and ignores the Seconds. Has there been a change in the WP Core that i’m not aware of and is there a way to get back to that?" gooloode 5.9.3 reporter-feedback
Defects Awaiting Review 42258 Twitter embed link in posts generates an empty paragraph Embeds normal defect (bug) new 2017-10-18T14:32:39Z 2017-10-18T14:32:39Z "When I look into the post, below the embed tweet I see an empty paragraph, when I look inside it, in the source I see a twitter script link: