* Fix broken design of Single Product template in block themes and on sale badge being partially hidden
* Update changelog to mention Twenty Twenty-Two explicitly.
Co-authored-by: Albert Juhé Lluveras <contact@albertjuhe.com>
Co-authored-by: Albert Juhé Lluveras <contact@albertjuhe.com>
* Fix phpcs errors and warnings
* Fix code that throw deprecation notices in PHP 8.1
The deprecation notices are about:
- Various "passing null to parameter (...) is deprecated"
- Usage of strftime
- Using "false" as if it was an empty array
- Mismatching return type of implemented interfaces,
that's fixed by adding #[\ReturnTypeWillChange]
* Fix some more code that throw deprecation notices in PHP 8.1
* Small commenting/formatting fixes.
* Add changelog file
* Formatting.
Co-authored-by: Peter Fabian <peter.fabian.github@gmail.com>
During migration $wpdb->prepare would force null and empty values to be zero for %f placeholder. This was causing verification logic to fail, which is being addressed in this commit.
The alternative was to insert null values without running them via $wpdb->prepare, but that seemed less safer than converting to zero because it would have to done manually since $wpdb->prepare wouldn't support it.
This commit adds documentation for WooCommerce's client component commands. This should make it easier to know what commands to run to work in these components.
This commit changes it to woocommerce/client/admin. This is an invalid NPM package name and an invalid Composer package name. This will prevent conflicts but also identify it as a component of Core.
* Added event trigger for pre-releases
When a woocommece pre-release occurs, this workflow will trigger a testing event in another repo defined using project secrets.
* Set to only fire on prereleases
* Updated run condition
* Fixed run condition
In line with the fact that it's a component of WooCommerce rather than a standalone package, `woocommerce-legacy-assets` has been renamed `woocommerce/client/legacy`.
* Trigger the hook that record the track events
once the option settings are updated:navigation and analytics. Tracks do not include yes/no properties, so we record the latter as _disabled.
* Changelog
* Prevent reloading of page immediately after feature updates
* Remove feature specific code in tracks class
Co-authored-by: Joshua Flowers <joshuatf@gmail.com>
* Changes the frequency at which the Reports API cache can be invalidated via the cache version number to be at most once every 10 minutes, instead of with every change to the store.
* Changes the TTL of Reports API cache entries so that they expire after an hour instead of after a week.
The goal of these changes is to increase the chance that a request to the Reports API for store stats will result in a cache hit, thus avoiding expensive, slow queries. The reason for lowering the TTL is so that if multiple store changes are made within the new 10-minute frequency window, the cache data will only be stale for up to an hour. With #33325 users will be able to refresh entries in the cache manually if they think something is stale.
Closes#33315
Make sure payment gateway title is a string before sanitizing.
* Add changelog
* Drop type-hint in `validate_safe_text_field()`
* Update plugins/woocommerce/includes/abstracts/abstract-wc-settings-api.php
Co-authored-by: Barry Hughes <3594411+barryhughes@users.noreply.github.com>
* Add `OrdersTableDataStoreMeta` to handle metadata for orders
* Add `OrdersTableDataStoreHelper` with various helper functions used in the COT datastore
* Pass some helper classes as args to the COT datastore
* Use `OrdersTableDataStoreMeta` for meta in COT datastore
* Minor fixes to columns definition in COT datastore
* First pass at update() in the COT datastore
* PHPCS fixes
* Remove duplicate `read_meta` calls.
* Register `OrdersTableDataStore` earlier to make container happy
* Do not hardcode table metadata in `OrdersTableDataStoreMeta`
* Correctly format decimals for storing in the db
* read() shouldn’t success on non-existing orders
* Rework persisting to db in OrdersTableDataStore
* Correctly handle some props in OrdersTableDataStore
* Add changelog
* Add missing TODOs
* Remove unused variables
* No need to query db before deleting meta in `OrdersTableDataStoreMeta`
* Simplify OrdersTableDataStoreMeta::update_meta()
* Explicitly enumerate columns in OrdersTableDataStoreMeta::get_metadata_by_id()
* Make COT metadata implementation more generic
* Do not use property_exists() to determine existence of meta value
* Move some methods over to DatabaseUtil and get rid of COT datastore helper
* Rename `CustomDataStoreMeta` to `CustomMetaDataStore`
* Make PHPCS happy
* Add unit test.
* Correct arg passed to persist_order_to_db()
* Remove comment
* Split conditional on multiple lines
Co-authored-by: vedanshujain <vedanshu.jain.2012@gmail.com>
Adds a new collection parameter to all Reports API endpoints that utilize caching, `force_cache_refresh`, which will cause the current request to bypass the cache, re-run the queries for the requested data, and overwrite the previous cache entry with the new results.
Note that this doesn't invalidate the entire cache, only the entry for the particular set of collection parameters and values specified in the request.
This also adds a way to include debugging information related to the cache in the API response. Modeled after the way the Query Monitor plugin adds such information, you can get this by including an `_envelope` parameter in your API request. The debugging info includes whether the cache has been disabled via filter (`should_use_cache`), whether the `force_cache_refresh` parameter was used, whether the returned data was a `cache_hit` or not, and an array of the query parameters that were actually used to create the cache key.
Closes#33221
* Introduce a 'safe_text' field that allows a reduced subset of HTML tags.
* Escape on input as well as output; generalize sanitization function.
* Set reasonable default rules.
* Guard against invalid callbacks (escaping/sanitizing) functions.
* Update plugins/woocommerce/src/Internal/Utilities/HtmlSanitizer.php
Co-authored-by: Peter Fabian <peter.fabian.github@gmail.com>
* Allow alt (accessibility) for img tags; allow class attributes for img and span tags.
* Allow class attr for p tags.
* Use safe_text for payment gateway titles.
* Make HtmlSanitizer available through Utils service provider.
* Update settings code to pull HtmlSanitizer as a service and to use the new sanitize() method.
* Remove `style` from list of allowed attributes.
Allowing arbitrary CSS rules through style could undo the intent of this change, since that would allow a range of positioning and sizing changes to be effected.
* Remove unusued import.
* If no (KSES) rules are specifed, then strip all tags (this is a safer default strategy).
* For better safety, only apply pre-processor callbacks; remove responsibility for trimming of strings.
Applying callbacks to a string after it ahs passed through wp_kses() could (potentially) undo the work done by that function, and result in unexpected tags in the sanitizer's output.
Co-authored-by: barryhughes <3594411+barryhughes@users.noreply.github.com>
Co-authored-by: Peter Fabian <peter.fabian.github@gmail.com>
Christopher Allford
Johan de Jong
Mathias Reker ⚡️
David Marín
Michael P. Pfeiffer
Néstor Soriano
Chi-Hsuan Huang
Luigi Teschio
Brian
Kamil
saboanca
Dharmesh Patel
Vedanshu Jain
Jamel Noel Reid
Paul Sealock
Moon
jonathansadowski
Heba Fareed
Jorge A. Torres
RJ
Ilyas Foo
AnnaMag
Corey McKrill
Fernando
Joshua T Flowers
Niels Lange
Joel Thiessen
Daniel Morell