Merge branch 'WordPress:trunk' into docs/fix-return-tag-documentation-standards

Author: huzaifaalmesbah

src/wp-admin/about.php

@@ -138,7 +138,7 @@
 					</svg>
 				</div>
 				<h3><?php _e( 'Performance updates' ); ?></h3>
-				<p><?php _e( 'WordPress 6.9 includes a broad set of performance updates, including a faster way of browsing and selecting styles, optimizations of the navigation link, fixes the layout shifts caused by the Video block, quicker load of the terms selector, no extra network request for retrieving feature media, and optimization in the Editor.' ); ?></p>
+				<p><?php _e( 'WordPress 6.9 includes a broad set of performance enhancements. A better <abbr title="Largest Contentful Paint">LCP</abbr> metric is achieved through improved loading of conditional and inlined stylesheets, script loading with fetchpriority support, and additional core optimizations. Editor advances include fixes for layout shifts caused by the Video block and faster loading of the terms selector.' ); ?></p>
 			</div>
 			<div class="column">
 				<div class="about__image">

src/wp-admin/css/about.css

@@ -437,7 +437,7 @@ protected function get_bulk_actions() {
 			if ( $this->is_trash ) {
 				$actions['untrash'] = __( 'Restore' );
 			} else {
-				$actions['edit'] = __( 'Edit' );
+				$actions['edit'] = __( 'Bulk edit' );
 			}
 		}
 

src/wp-admin/images/about-release-badge.svg

@@ -11,8 +11,8 @@
 //                                                            ///
 /////////////////////////////////////////////////////////////////
 
-if(!defined('GETID3_LIBXML_OPTIONS') && defined('LIBXML_VERSION')) {
-	if(LIBXML_VERSION >= 20621) {
+if (!defined('GETID3_LIBXML_OPTIONS') && defined('LIBXML_VERSION')) {
+	if (LIBXML_VERSION >= 20621) {
 		define('GETID3_LIBXML_OPTIONS', LIBXML_NOENT | LIBXML_NONET | LIBXML_NOWARNING | LIBXML_COMPACT);
 	} else {
 		define('GETID3_LIBXML_OPTIONS', LIBXML_NOENT | LIBXML_NONET | LIBXML_NOWARNING);
@@ -73,7 +73,8 @@ public static function trunc($floatnumber) {
 
 	/**
 	 * @param int|null $variable
-	 * @param int      $increment
+	 * @param-out int  $variable
+     * @param int      $increment
 	 *
 	 * @return bool
 	 */
@@ -115,7 +116,9 @@ public static function intValueSupported($num) {
 		// check if integers are 64-bit
 		static $hasINT64 = null;
 		if ($hasINT64 === null) { // 10x faster than is_null()
-			$hasINT64 = is_int(pow(2, 31)); // 32-bit int are limited to (2^31)-1
+			/** @var int|float|object $bigInt */
+			$bigInt = pow(2, 31);
+			$hasINT64 = is_int($bigInt); // 32-bit int are limited to (2^31)-1
 			if (!$hasINT64 && !defined('PHP_INT_MIN')) {
 				define('PHP_INT_MIN', ~PHP_INT_MAX);
 			}
@@ -440,7 +443,7 @@ public static function BigEndian2String($number, $minbytes=1, $synchsafe=false,
 	}
 
 	/**
-	 * @param int $number
+	 * @param int|string $number
 	 *
 	 * @return string
 	 */
@@ -744,16 +747,36 @@ public static function array_min($arraydata, $returnkey=false) {
 	 * @return array|false
 	 */
 	public static function XML2array($XMLstring) {
-		if (function_exists('simplexml_load_string') && function_exists('libxml_disable_entity_loader')) {
-			// http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html
-			// https://core.trac.wordpress.org/changeset/29378
-			// This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is
-			// disabled by default, but is still needed when LIBXML_NOENT is used.
-			$loader = @libxml_disable_entity_loader(true);
-			$XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', GETID3_LIBXML_OPTIONS);
-			$return = self::SimpleXMLelement2array($XMLobject);
-			@libxml_disable_entity_loader($loader);
-			return $return;
+		if (function_exists('simplexml_load_string')) {
+			if (PHP_VERSION_ID < 80000) {
+				if (function_exists('libxml_disable_entity_loader')) {
+					// http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html
+					// https://core.trac.wordpress.org/changeset/29378
+					// This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is
+					// disabled by default, but is still needed when LIBXML_NOENT is used.
+					$loader = @libxml_disable_entity_loader(true);
+					$XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', GETID3_LIBXML_OPTIONS);
+					$return = self::SimpleXMLelement2array($XMLobject);
+					@libxml_disable_entity_loader($loader);
+					return $return;
+				}
+			} else {
+				$allow = false;
+				if (defined('LIBXML_VERSION') && (LIBXML_VERSION >= 20900)) {
+					// https://www.php.net/manual/en/function.libxml-disable-entity-loader.php
+					// "as of libxml 2.9.0 entity substitution is disabled by default, so there is no need to disable the loading
+					//  of external entities, unless there is the need to resolve internal entity references with LIBXML_NOENT."
+					$allow = true;
+				} elseif (function_exists('libxml_set_external_entity_loader')) {
+					libxml_set_external_entity_loader(function () { return null; }); // https://www.zend.com/blog/cve-2023-3823
+					$allow = true;
+				}
+				if ($allow) {
+					$XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', GETID3_LIBXML_OPTIONS);
+					$return = self::SimpleXMLelement2array($XMLobject);
+					return $return;
+				}
+			}
 		}
 		return false;
 	}
@@ -1497,7 +1520,7 @@ public static function RGADamplitude2dB($amplitude) {
 	public static function GetDataImageSize($imgData, &$imageinfo=array()) {
 		if (PHP_VERSION_ID >= 50400) {
 			$GetDataImageSize = @getimagesizefromstring($imgData, $imageinfo);
-			if ($GetDataImageSize === false || !isset($GetDataImageSize[0], $GetDataImageSize[1])) {
+			if ($GetDataImageSize === false) {
 				return false;
 			}
 			$GetDataImageSize['height'] = $GetDataImageSize[0];
@@ -1525,7 +1548,7 @@ public static function GetDataImageSize($imgData, &$imageinfo=array()) {
 				fwrite($tmp, $imgData);
 				fclose($tmp);
 				$GetDataImageSize = @getimagesize($tempfilename, $imageinfo);
-				if (($GetDataImageSize === false) || !isset($GetDataImageSize[0]) || !isset($GetDataImageSize[1])) {
+				if ($GetDataImageSize === false) {
 					return false;
 				}
 				$GetDataImageSize['height'] = $GetDataImageSize[0];
@@ -1719,7 +1742,7 @@ public static function EmbeddedLookup($key, $begin, $end, $file, $name) {
 			// METHOD B: cache all keys in this lookup - more memory but faster on next lookup of not-previously-looked-up key
 			//$cache[$file][$name][substr($line, 0, $keylength)] = trim(substr($line, $keylength + 1));
 			$explodedLine = explode("\t", $line, 2);
-			$ThisKey   = (isset($explodedLine[0]) ? $explodedLine[0] : '');
+			$ThisKey   = $explodedLine[0];
 			$ThisValue = (isset($explodedLine[1]) ? $explodedLine[1] : '');
 			$cache[$file][$name][$ThisKey] = trim($ThisValue);
 		}

src/wp-admin/includes/class-wp-posts-list-table.php

@@ -387,7 +387,7 @@ class getID3
 	 */
 	protected $startup_warning = '';
 
-	const VERSION           = '1.9.23-202310190849';
+	const VERSION           = '1.9.24-202509040923';
 	const FREAD_BUFFER_SIZE = 32768;
 
 	const ATTACHMENTS_NONE   = false;
@@ -409,10 +409,10 @@ public function __construct() {
 		$memoryLimit = ini_get('memory_limit');
 		if (preg_match('#([0-9]+) ?M#i', $memoryLimit, $matches)) {
 			// could be stored as "16M" rather than 16777216 for example
-			$memoryLimit = $matches[1] * 1048576;
+			$memoryLimit = (int) $matches[1] * 1048576;
 		} elseif (preg_match('#([0-9]+) ?G#i', $memoryLimit, $matches)) { // The 'G' modifier is available since PHP 5.1.0
 			// could be stored as "2G" rather than 2147483648 for example
-			$memoryLimit = $matches[1] * 1073741824;
+			$memoryLimit = (int) $matches[1] * 1073741824;
 		}
 		$this->memory_limit = $memoryLimit;
 
@@ -446,7 +446,7 @@ public function __construct() {
 			}
 			// Check for magic_quotes_gpc
 			if (function_exists('get_magic_quotes_gpc')) {
-				if (get_magic_quotes_gpc()) { // @phpstan-ignore-line
+				if (get_magic_quotes_gpc()) {
 					$this->startup_error .= 'magic_quotes_gpc must be disabled before running getID3(). Surround getid3 block by set_magic_quotes_gpc(0) and set_magic_quotes_gpc(1).'."\n";
 				}
 			}
@@ -529,7 +529,7 @@ public function fread_buffer_size() {
 	 * @return bool
 	 */
 	public function setOption($optArray) {
-		if (!is_array($optArray) || empty($optArray)) {
+		if (empty($optArray)) {
 			return false;
 		}
 		foreach ($optArray as $opt => $val) {
@@ -680,6 +680,8 @@ public function analyze($filename, $filesize=null, $original_filename='', $fp=nu
 					catch (getid3_exception $e) {
 						throw $e;
 					}
+				} else {
+					$this->warning('skipping check for '.$tag_name.' tags since option_tag_'.$tag_name.'=FALSE');
 				}
 			}
 			if (isset($this->info['id3v2']['tag_offset_start'])) {
@@ -1477,6 +1479,16 @@ public function GetFileFormatArray() {
 
 				// Misc other formats
 
+				// GPX - data         - GPS Exchange Format
+				'gpx' => array (
+							'pattern'   => '^<\\?xml [^>]+>[\s]*<gpx ',
+							'group'     => 'misc',
+							'module'    => 'gpx',
+							'mime_type' => 'application/gpx+xml',
+							'fail_id3'  => 'ERROR',
+							'fail_ape'  => 'ERROR',
+						),
+
 				// PAR2 - data        - Parity Volume Set Specification 2.0
 				'par2' => array (
 							'pattern'   => '^PAR2\\x00PKT',
@@ -1890,8 +1902,8 @@ public function ChannelsBitratePlaytimeCalculations() {
 
 		// Calculate combined bitrate - audio + video
 		$CombinedBitrate  = 0;
-		$CombinedBitrate += (isset($this->info['audio']['bitrate']) ? $this->info['audio']['bitrate'] : 0);
-		$CombinedBitrate += (isset($this->info['video']['bitrate']) ? $this->info['video']['bitrate'] : 0);
+		$CombinedBitrate += (isset($this->info['audio']['bitrate']) && ($this->info['audio']['bitrate'] != 'free') ? $this->info['audio']['bitrate'] : 0);
+		$CombinedBitrate += (isset($this->info['video']['bitrate'])                                                ? $this->info['video']['bitrate'] : 0);
 		if (($CombinedBitrate > 0) && empty($this->info['bitrate'])) {
 			$this->info['bitrate'] = $CombinedBitrate;
 		}
@@ -1998,7 +2010,9 @@ public function CalculateCompressionRatioAudio() {
 		if (empty($this->info['audio']['bitrate']) || empty($this->info['audio']['channels']) || empty($this->info['audio']['sample_rate']) || !is_numeric($this->info['audio']['sample_rate'])) {
 			return false;
 		}
-		$this->info['audio']['compression_ratio'] = $this->info['audio']['bitrate'] / ($this->info['audio']['channels'] * $this->info['audio']['sample_rate'] * (!empty($this->info['audio']['bits_per_sample']) ? $this->info['audio']['bits_per_sample'] : 16));
+		if ($this->info['audio']['bitrate'] != 'free') {
+			$this->info['audio']['compression_ratio'] = $this->info['audio']['bitrate'] / ($this->info['audio']['channels'] * $this->info['audio']['sample_rate'] * (!empty($this->info['audio']['bits_per_sample']) ? $this->info['audio']['bits_per_sample'] : 16));
+		}
 
 		if (!empty($this->info['audio']['streams'])) {
 			foreach ($this->info['audio']['streams'] as $streamnumber => $streamdata) {