plugin updates

2024-10-24 12:57:16 -04:00
parent 8217f0dbed
commit 5e040c9234
399 changed files with 3377 additions and 46318 deletions
--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/admin/views/acf-post-type/advanced-settings.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/admin/views/acf-post-type/advanced-settings.php
@@ -846,7 +846,7 @@ foreach ( acf_get_combined_post_type_settings_tabs() as $tab_key => $tab_label )
 					'prefix'       => 'acf_post_type',
 					'value'        => $acf_post_type['register_meta_box_cb'],
 					'label'        => __( 'Custom Meta Box Callback', 'acf' ),
-					'instructions' => __( 'A PHP function name to be called when setting up the meta boxes for the edit screen.', 'acf' ),
+					'instructions' => __( 'A PHP function name to be called when setting up the meta boxes for the edit screen. For security, this callback will be executed in a special context without access to any superglobals like $_POST or $_GET.', 'acf' ),
 					'conditions'   => array(
 						'field'    => 'show_ui',
 						'operator' => '==',
--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/admin/views/acf-taxonomy/advanced-settings.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/admin/views/acf-taxonomy/advanced-settings.php
@@ -802,7 +802,7 @@ foreach ( acf_get_combined_taxonomy_settings_tabs() as $tab_key => $tab_label )
 					'prefix'       => 'acf_taxonomy',
 					'value'        => $acf_taxonomy['meta_box_cb'],
 					'label'        => __( 'Register Meta Box Callback', 'acf' ),
-					'instructions' => __( 'A PHP function name to be called to handle the content of a meta box on your taxonomy.', 'acf' ),
+					'instructions' => __( 'A PHP function name to be called to handle the content of a meta box on your taxonomy. For security, this callback will be executed in a special context without access to any superglobals like $_POST or $_GET.', 'acf' ),
 					'conditions'   => array(
 						'field'    => 'meta_box',
 						'operator' => '==',
--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/assets.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/assets.php
@@ -107,7 +107,7 @@ if ( ! class_exists( 'ACF_Assets' ) ) :
 		 */
 		public function register_scripts() {
 			// Extract vars.
-			$suffix  = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
+			$suffix  = defined( 'ACF_DEVELOPMENT_MODE' ) && ACF_DEVELOPMENT_MODE ? '' : '.min';
 			$version = acf_get_setting( 'version' );

 			// Register scripts.
@@ -118,9 +118,9 @@ if ( ! class_exists( 'ACF_Assets' ) ) :
 			wp_register_script( 'acf-escaped-html-notice', acf_get_url( 'assets/build/js/acf-escaped-html-notice' . $suffix . '.js' ), array( 'jquery' ), $version, true );

 			// Register styles.
-			wp_register_style( 'acf-global', acf_get_url( 'assets/build/css/acf-global.css' ), array( 'dashicons' ), $version );
-			wp_register_style( 'acf-input', acf_get_url( 'assets/build/css/acf-input.css' ), array( 'acf-global' ), $version );
-			wp_register_style( 'acf-field-group', acf_get_url( 'assets/build/css/acf-field-group.css' ), array( 'acf-input' ), $version );
+			wp_register_style( 'acf-global', acf_get_url( 'assets/build/css/acf-global' . $suffix . '.css' ), array( 'dashicons' ), $version );
+			wp_register_style( 'acf-input', acf_get_url( 'assets/build/css/acf-input' . $suffix . '.css' ), array( 'acf-global' ), $version );
+			wp_register_style( 'acf-field-group', acf_get_url( 'assets/build/css/acf-field-group' . $suffix . '.css' ), array( 'acf-input' ), $version );

 			/**
 			 * Fires after core scripts and styles have been registered.
@@ -475,7 +475,7 @@ if ( ! class_exists( 'ACF_Assets' ) ) :
 				'validation'  => acf_get_form_data( 'validation' ),
 				'editor'      => acf_is_block_editor() ? 'block' : 'classic',
 				'is_pro'      => acf_is_pro(),
-				'debug'       => acf_is_beta() || ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ),
+				'debug'       => acf_is_beta() || ( defined( 'ACF_DEVELOPMENT_MODE' ) && ACF_DEVELOPMENT_MODE ),
 			);

 			acf_localize_data( $data_to_localize );
--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/fields/class-acf-field-color_picker.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/fields/class-acf-field-color_picker.php
@@ -47,7 +47,7 @@ if ( ! class_exists( 'acf_field_color_picker' ) ) :
 			// Register scripts for non-admin.
 			// Applies logic from wp_default_scripts() function defined in "wp-includes/script-loader.php".
 			if ( ! is_admin() ) {
-				$suffix  = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
+				$suffix  = defined( 'ACF_DEVELOPMENT_MODE' ) && ACF_DEVELOPMENT_MODE ? '' : '.min';
 				$scripts = wp_scripts();
 				$scripts->add( 'iris', '/wp-admin/js/iris.min.js', array( 'jquery-ui-draggable', 'jquery-ui-slider', 'jquery-touch-punch' ), '1.0.7', 1 );
 				$scripts->add( 'wp-color-picker', "/wp-admin/js/color-picker$suffix.js", array( 'iris' ), false, 1 );
--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/fields/class-acf-field-select.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/fields/class-acf-field-select.php
@@ -56,7 +56,7 @@ if ( ! class_exists( 'acf_field_select' ) ) :

 			global $wp_scripts;

-			$min   = defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ? '' : '.min';
+			$min   = defined( 'ACF_DEVELOPMENT_MODE' ) && ACF_DEVELOPMENT_MODE ? '' : '.min';
 			$major = acf_get_setting( 'select2_version' );

 			// attempt to find 3rd party Select2 version
--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/post-types/class-acf-post-type.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/post-types/class-acf-post-type.php
@@ -648,13 +648,27 @@ if ( ! class_exists( 'ACF_Post_Type' ) ) {
 				return;
 			}

-			$original_post = $_POST; //phpcs:ignore -- Only used as temporary storage to prevent CSRFs in callbacks.
-			$_POST         = array();
-			$return        = false;
+			$unset     = array( '_POST', '_GET', '_REQUEST', '_COOKIE', '_SESSION', '_FILES', '_ENV', '_SERVER' );
+			$originals = array();
+
+			foreach ( $unset as $var ) {
+				if ( isset( $GLOBALS[ $var ] ) ) {
+					$originals[ $var ] = $GLOBALS[ $var ];
+					$GLOBALS[ $var ]   = array(); //phpcs:ignore -- used for building a safe context
+				}
+			}
+
+			$return = false;
 			if ( is_callable( $original_cb ) ) {
 				$return = call_user_func( $original_cb, $post );
 			}
-			$_POST = $original_post;
+
+			foreach ( $unset as $var ) {
+				if ( isset( $originals[ $var ] ) ) {
+					$GLOBALS[ $var ] = $originals[ $var ]; //phpcs:ignore -- used for restoring the original context
+				}
+			}
+
 			return $return;
 		}

--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/post-types/class-acf-taxonomy.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/post-types/class-acf-taxonomy.php
@@ -534,13 +534,27 @@ if ( ! class_exists( 'ACF_Taxonomy' ) ) {
 				return;
 			}

-			$original_post = $_POST; //phpcs:ignore -- Only used as temporary storage to prevent CSRFs in callbacks.
-			$_POST         = array();
-			$return        = false;
+			$unset     = array( '_POST', '_GET', '_REQUEST', '_COOKIE', '_SESSION', '_FILES', '_ENV', '_SERVER' );
+			$originals = array();
+
+			foreach ( $unset as $var ) {
+				if ( isset( $GLOBALS[ $var ] ) ) {
+					$originals[ $var ] = $GLOBALS[ $var ];
+					$GLOBALS[ $var ]   = array(); //phpcs:ignore -- used for building a safe context
+				}
+			}
+
+			$return = false;
 			if ( is_callable( $original_cb ) ) {
 				$return = call_user_func( $original_cb, $post, $tax );
 			}
-			$_POST = $original_post;
+
+			foreach ( $unset as $var ) {
+				if ( isset( $originals[ $var ] ) ) {
+					$GLOBALS[ $var ] = $originals[ $var ]; //phpcs:ignore -- used for restoring the original context
+				}
+			}
+
 			return $return;
 		}

--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/third-party.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/third-party.php
@@ -143,7 +143,8 @@ if ( ! class_exists( 'acf_third_party' ) ) :
 		 * @since   5.7.3
 		 */
 		public function doing_dark_mode() {
-			wp_enqueue_style( 'acf-dark', acf_get_url( 'assets/css/acf-dark.css' ), array(), ACF_VERSION );
+			$min = defined( 'ACF_DEVELOPMENT_MODE' ) && ACF_DEVELOPMENT_MODE ? '' : '.min';
+			wp_enqueue_style( 'acf-dark', acf_get_url( 'assets/css/acf-dark' . $min . '.css' ), array(), ACF_VERSION );
 		}
 	}

--- a/wp/wp-content/plugins/advanced-custom-fields-pro/includes/upgrades.php
+++ b/wp/wp-content/plugins/advanced-custom-fields-pro/includes/upgrades.php
@@ -537,3 +537,47 @@ function acf_upgrade_550_taxonomy( $taxonomy ) {
 	// action for 3rd party
 	do_action( 'acf/upgrade_550_taxonomy', $taxonomy );
 }
+
+/**
+ * Unsets ACF from reporting back to the WP.org API.
+ *
+ * @param array  $args An array of HTTP request arguments.
+ * @param string $url  The request URL.
+ * @return array|mixed
+ */
+function acf_unset_plugin_from_org_reporting( $args, $url ) {
+	// Bail if not a plugins request.
+	if ( empty( $args['body']['plugins'] ) ) {
+		return $args;
+	}
+
+	// Bail if not a request to the wp.org API.
+	$parsed_url = wp_parse_url( $url );
+	if ( empty( $parsed_url['host'] ) || 'api.wordpress.org' !== $parsed_url['host'] ) {
+		return $args;
+	}
+
+	$plugins = json_decode( $args['body']['plugins'], true );
+	if ( empty( $plugins ) ) {
+		return $args;
+	}
+
+	// Remove ACF from reporting.
+	if ( ! empty( $plugins['plugins'][ ACF_BASENAME ] ) ) {
+		unset( $plugins['plugins'][ ACF_BASENAME ] );
+	}
+
+	if ( ! empty( $plugins['active'] ) && is_array( $plugins['active'] ) ) {
+		$is_active = array_search( ACF_BASENAME, $plugins['active'], true );
+		if ( $is_active !== false ) {
+			unset( $plugins['active'][ $is_active ] );
+			$plugins['active'] = array_values( $plugins['active'] );
+		}
+	}
+
+	// Add the plugins list (minus ACF) back to $args.
+	$args['body']['plugins'] = wp_json_encode( $plugins );
+
+	return $args;
+}
+add_filter( 'http_request_args', 'acf_unset_plugin_from_org_reporting', 10, 2 );