diff -r 48c4eec2b7e6 -r 8c2e4d02f4ef wp/wp-includes/link-template.php
--- a/wp/wp-includes/link-template.php Fri Sep 05 18:40:08 2025 +0200
+++ b/wp/wp-includes/link-template.php Fri Sep 05 18:52:52 2025 +0200
@@ -1092,7 +1092,7 @@
}
$args = array(
- 'taxonomy' => $taxonomy,
+ 'taxonomy' => $tax->name,
'tag_ID' => $term_id,
);
@@ -1595,27 +1595,43 @@
* Retrieves the edit comment link.
*
* @since 2.3.0
+ * @since 6.7.0 The $context parameter was added.
*
* @param int|WP_Comment $comment_id Optional. Comment ID or WP_Comment object.
- * @return string|void The edit comment link URL for the given comment.
+ * @param string $context Optional. Context in which the URL should be used. Either 'display',
+ * to include HTML entities, or 'url'. Default 'display'.
+ * @return string|void The edit comment link URL for the given comment, or void if the comment id does not exist or
+ * the current user is not allowed to edit it.
*/
-function get_edit_comment_link( $comment_id = 0 ) {
+function get_edit_comment_link( $comment_id = 0, $context = 'display' ) {
$comment = get_comment( $comment_id );
- if ( ! current_user_can( 'edit_comment', $comment->comment_ID ) ) {
+ if ( ! is_object( $comment ) || ! current_user_can( 'edit_comment', $comment->comment_ID ) ) {
return;
}
- $location = admin_url( 'comment.php?action=editcomment&c=' ) . $comment->comment_ID;
+ if ( 'display' === $context ) {
+ $action = 'comment.php?action=editcomment&c=';
+ } else {
+ $action = 'comment.php?action=editcomment&c=';
+ }
+
+ $location = admin_url( $action ) . $comment->comment_ID;
+
+ // Ensure the $comment_id variable passed to the filter is always an ID.
+ $comment_id = (int) $comment->comment_ID;
/**
* Filters the comment edit link.
*
* @since 2.3.0
+ * @since 6.7.0 The $comment_id and $context parameters are now being passed to the filter.
*
- * @param string $location The edit link.
+ * @param string $location The edit link.
+ * @param int $comment_id Unique ID of the comment to generate an edit link.
+ * @param string $context Context to include HTML entities in link. Default 'display'.
*/
- return apply_filters( 'get_edit_comment_link', $location );
+ return apply_filters( 'get_edit_comment_link', $location, $comment_id, $context );
}
/**
@@ -2915,8 +2931,8 @@
* Optional. Default pagination arguments, see paginate_links().
*
* @type string $screen_reader_text Screen reader text for navigation element.
- * Default 'Posts navigation'.
- * @type string $aria_label ARIA label text for the nav element. Default 'Posts'.
+ * Default 'Posts pagination'.
+ * @type string $aria_label ARIA label text for the nav element. Default 'Posts pagination'.
* @type string $class Custom class for the nav element. Default 'pagination'.
* }
* @return string Markup for pagination links.
@@ -2939,8 +2955,8 @@
'mid_size' => 1,
'prev_text' => _x( 'Previous', 'previous set of posts' ),
'next_text' => _x( 'Next', 'next set of posts' ),
- 'screen_reader_text' => __( 'Posts navigation' ),
- 'aria_label' => __( 'Posts' ),
+ 'screen_reader_text' => __( 'Posts pagination' ),
+ 'aria_label' => __( 'Posts pagination' ),
'class' => 'pagination',
)
);
@@ -3035,7 +3051,6 @@
*
* @param string $template The default template.
* @param string $css_class The class passed by the calling function.
- * @return string Navigation template.
*/
$template = apply_filters( 'navigation_markup_template', $template, $css_class );
@@ -3093,21 +3108,25 @@
* Retrieves the link to the next comments page.
*
* @since 2.7.1
+ * @since 6.7.0 Added the `page` parameter.
*
* @global WP_Query $wp_query WordPress Query object.
*
- * @param string $label Optional. Label for link text. Default empty.
- * @param int $max_page Optional. Max page. Default 0.
+ * @param string $label Optional. Label for link text. Default empty.
+ * @param int $max_page Optional. Max page. Default 0.
+ * @param int|null $page Optional. Page number. Default null.
* @return string|void HTML-formatted link for the next page of comments.
*/
-function get_next_comments_link( $label = '', $max_page = 0 ) {
+function get_next_comments_link( $label = '', $max_page = 0, $page = null ) {
global $wp_query;
if ( ! is_singular() ) {
return;
}
- $page = get_query_var( 'cpage' );
+ if ( is_null( $page ) ) {
+ $page = get_query_var( 'cpage' );
+ }
if ( ! $page ) {
$page = 1;
@@ -3164,16 +3183,20 @@
* Retrieves the link to the previous comments page.
*
* @since 2.7.1
- *
- * @param string $label Optional. Label for comments link text. Default empty.
+ * @since 6.7.0 Added the `page` parameter.
+ *
+ * @param string $label Optional. Label for comments link text. Default empty.
+ * @param int|null $page Optional. Page number. Default null.
* @return string|void HTML-formatted link for the previous page of comments.
*/
-function get_previous_comments_link( $label = '' ) {
+function get_previous_comments_link( $label = '', $page = null ) {
if ( ! is_singular() ) {
return;
}
- $page = get_query_var( 'cpage' );
+ if ( is_null( $page ) ) {
+ $page = get_query_var( 'cpage' );
+ }
if ( (int) $page <= 1 ) {
return;
@@ -3343,8 +3366,8 @@
* @param array $args {
* Optional. Default pagination arguments.
*
- * @type string $screen_reader_text Screen reader text for the nav element. Default 'Comments navigation'.
- * @type string $aria_label ARIA label text for the nav element. Default 'Comments'.
+ * @type string $screen_reader_text Screen reader text for the nav element. Default 'Comments pagination'.
+ * @type string $aria_label ARIA label text for the nav element. Default 'Comments pagination'.
* @type string $class Custom class for the nav element. Default 'comments-pagination'.
* }
* @return string Markup for pagination links.
@@ -3360,8 +3383,8 @@
$args = wp_parse_args(
$args,
array(
- 'screen_reader_text' => __( 'Comments navigation' ),
- 'aria_label' => __( 'Comments' ),
+ 'screen_reader_text' => __( 'Comments pagination' ),
+ 'aria_label' => __( 'Comments pagination' ),
'class' => 'comments-pagination',
)
);
@@ -4223,11 +4246,12 @@
* Call like the_shortlink( __( 'Shortlinkage FTW' ) )
*
* @since 3.0.0
- *
- * @param string $text Optional The link text or HTML to be displayed. Defaults to 'This is the short link.'
- * @param string $title Optional The tooltip for the link. Must be sanitized. Defaults to the sanitized post title.
- * @param string $before Optional HTML to display before the link. Default empty.
- * @param string $after Optional HTML to display after the link. Default empty.
+ * @since 6.8.0 Removed title attribute.
+ *
+ * @param string $text Optional. The link text or HTML to be displayed. Defaults to 'This is the short link.'
+ * @param string $title Unused.
+ * @param string $before Optional. HTML to display before the link. Default empty.
+ * @param string $after Optional. HTML to display after the link. Default empty.
*/
function the_shortlink( $text = '', $title = '', $before = '', $after = '' ) {
$post = get_post();
@@ -4236,14 +4260,10 @@
$text = __( 'This is the short link.' );
}
- if ( empty( $title ) ) {
- $title = the_title_attribute( array( 'echo' => false ) );
- }
-
$shortlink = wp_get_shortlink( $post->ID );
if ( ! empty( $shortlink ) ) {
- $link = '' . $text . '';
+ $link = '' . $text . '';
/**
* Filters the short link anchor tag for a post.
@@ -4253,7 +4273,7 @@
* @param string $link Shortlink anchor tag.
* @param string $shortlink Shortlink URL.
* @param string $text Shortlink's text.
- * @param string $title Shortlink's title attribute.
+ * @param string $title Shortlink's title attribute. Unused.
*/
$link = apply_filters( 'the_shortlink', $link, $shortlink, $text, $title );
echo $before, $link, $after;
@@ -4265,7 +4285,7 @@
*
* @since 4.2.0
*
- * @param mixed $id_or_email The avatar to retrieve a URL for. Accepts a user ID, Gravatar MD5 hash,
+ * @param mixed $id_or_email The avatar to retrieve a URL for. Accepts a user ID, Gravatar SHA-256 or MD5 hash,
* user email, WP_User object, WP_Post object, or WP_Comment object.
* @param array $args {
* Optional. Arguments to use instead of the default arguments.
@@ -4328,8 +4348,10 @@
* Retrieves default data about the avatar.
*
* @since 4.2.0
- *
- * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash,
+ * @since 6.7.0 Gravatar URLs always use HTTPS.
+ * @since 6.8.0 Gravatar URLs use the SHA-256 hashing algorithm.
+ *
+ * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash,
* user email, WP_User object, WP_Post object, or WP_Comment object.
* @param array $args {
* Optional. Arguments to use instead of the default arguments.
@@ -4358,6 +4380,9 @@
* - 'X' (even more mature than above)
* Default is the value of the 'avatar_rating' option.
* @type string $scheme URL scheme to use. See set_url_scheme() for accepted values.
+ * For Gravatars this setting is ignored and HTTPS is used to avoid
+ * unnecessary redirects. The setting is retained for systems using
+ * the {@see 'pre_get_avatar_data'} filter to customize avatars.
* Default null.
* @type array $processed_args When the function returns, the value will be the processed/sanitized $args
* plus a "found_avatar" guess. Pass as a reference. Default null.
@@ -4446,7 +4471,7 @@
* @since 4.2.0
*
* @param array $args Arguments passed to get_avatar_data(), after processing.
- * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash,
+ * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash,
* user email, WP_User object, WP_Post object, or WP_Comment object.
*/
$args = apply_filters( 'pre_get_avatar_data', $args, $id_or_email );
@@ -4468,7 +4493,10 @@
if ( is_numeric( $id_or_email ) ) {
$user = get_user_by( 'id', absint( $id_or_email ) );
} elseif ( is_string( $id_or_email ) ) {
- if ( str_contains( $id_or_email, '@md5.gravatar.com' ) ) {
+ if ( str_contains( $id_or_email, '@sha256.gravatar.com' ) ) {
+ // SHA-256 hash.
+ list( $email_hash ) = explode( '@', $id_or_email );
+ } elseif ( str_contains( $id_or_email, '@md5.gravatar.com' ) ) {
// MD5 hash.
list( $email_hash ) = explode( '@', $id_or_email );
} else {
@@ -4502,15 +4530,12 @@
}
if ( $email ) {
- $email_hash = md5( strtolower( trim( $email ) ) );
+ $email_hash = hash( 'sha256', strtolower( trim( $email ) ) );
}
}
if ( $email_hash ) {
$args['found_avatar'] = true;
- $gravatar_server = hexdec( $email_hash[0] ) % 3;
- } else {
- $gravatar_server = rand( 0, 2 );
}
$url_args = array(
@@ -4520,15 +4545,17 @@
'r' => $args['rating'],
);
- if ( is_ssl() ) {
- $url = 'https://secure.gravatar.com/avatar/' . $email_hash;
- } else {
- $url = sprintf( 'http://%d.gravatar.com/avatar/%s', $gravatar_server, $email_hash );
- }
+ /*
+ * Gravatars are always served over HTTPS.
+ *
+ * The Gravatar website redirects HTTP requests to HTTPS URLs so always
+ * use the HTTPS scheme to avoid unnecessary redirects.
+ */
+ $url = 'https://secure.gravatar.com/avatar/' . $email_hash;
$url = add_query_arg(
rawurlencode_deep( array_filter( $url_args ) ),
- set_url_scheme( $url, $args['scheme'] )
+ $url
);
/**
@@ -4537,7 +4564,7 @@
* @since 4.2.0
*
* @param string $url The URL of the avatar.
- * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash,
+ * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash,
* user email, WP_User object, WP_Post object, or WP_Comment object.
* @param array $args Arguments passed to get_avatar_data(), after processing.
*/
@@ -4549,7 +4576,7 @@
* @since 4.2.0
*
* @param array $args Arguments passed to get_avatar_data(), after processing.
- * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar MD5 hash,
+ * @param mixed $id_or_email The avatar to retrieve. Accepts a user ID, Gravatar SHA-256 or MD5 hash,
* user email, WP_User object, WP_Post object, or WP_Comment object.
*/
return apply_filters( 'get_avatar_data', $args, $id_or_email );