Commit Graph

398 Commits

Author SHA1 Message Date
Andrew Nacin 654e46f03d Tie cookies and nonces to user sessions so they may be invalidated upon logout.
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.

Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().

This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.

props duck_, nacin, mdawaffe.
see .

Built from https://develop.svn.wordpress.org/trunk@29221


git-svn-id: http://core.svn.wordpress.org/trunk@29005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 09:13:15 +00:00
Scott Taylor ef436cb6e0 Revert [28563]. See .
Built from https://develop.svn.wordpress.org/trunk@29044


git-svn-id: http://core.svn.wordpress.org/trunk@28832 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-09 18:07:16 +00:00
Sergey Biryukov 7a47b7585d Move ms-load.php and ms-default-constants.php inclusion back to ms-settings.php to avoid breaking WP-CLI.
Use require_once() to allow for ms-settings.php to be included multiple times while testing.

props jeremyfelt.
see .
Built from https://develop.svn.wordpress.org/trunk@28934


git-svn-id: http://core.svn.wordpress.org/trunk@28732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-30 23:50:15 +00:00
Andrew Nacin 4695573f51 Add initial unit tests for multisite's bootstrap.
props jeremyfelt.
fixes .

Built from https://develop.svn.wordpress.org/trunk@28910


git-svn-id: http://core.svn.wordpress.org/trunk@28709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 22:51:16 +00:00
Scott Taylor b75c79500b Replaces all uses of `TEMPLATEPATH` and `STYLESHEETPATH` in core with `get_template_directory()` and `get_stylesheet_directory()`.
Add `@deprecated` annotations to `TEMPLATEPATH` and `STYLESHEETPATH` definitions.

Props obenland, aaroncampbell. 
Fixes .

Built from https://develop.svn.wordpress.org/trunk@28563


git-svn-id: http://core.svn.wordpress.org/trunk@28389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-23 20:12:15 +00:00
Andrew Nacin 0b5729216d Don't try to resolve symlinks for single-file plugins. plugins_url() should not be used in this context anyway.
props rmccue.
fixes .

Built from https://develop.svn.wordpress.org/trunk@27999


git-svn-id: http://core.svn.wordpress.org/trunk@27829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-07 20:15:15 +00:00
Andrew Nacin 5f0981788d Detect and handle symlinking of plugins in plugin_basename().
props rmccue, MikeSchinkel, jdgrimes.
see .

Built from https://develop.svn.wordpress.org/trunk@27158


git-svn-id: http://core.svn.wordpress.org/trunk@27024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-10 23:00:15 +00:00
Nikolay Bachiyski 74ace0517c Excplitcly globalized call to $wp later in wp-settings.php
Props xknown, fixes .

Built from https://develop.svn.wordpress.org/trunk@26997


git-svn-id: http://core.svn.wordpress.org/trunk@26874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-22 14:48:11 +00:00
Nikolay Bachiyski 80af25060b Explicitly globalize some missing query globals in wp-settings.php
When WordPress is loaded in a function (e.g. unit tests) the variables initialized at the top level aren't globals, but we expect them to be.

Fixes 

Built from https://develop.svn.wordpress.org/trunk@26996


git-svn-id: http://core.svn.wordpress.org/trunk@26873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-22 08:25:12 +00:00
Scott Taylor 92ba8748aa When WordPress is loaded in a function (e.g. unit tests) the variables initialized at the top level aren't globals, but we expect them to be. Explicitly make the version variables global.
Props nbachiyski.
Fixes .


Built from https://develop.svn.wordpress.org/trunk@26008


git-svn-id: http://core.svn.wordpress.org/trunk@25939 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-05 00:24:10 +00:00
Andrew Nacin d0cfa40983 Add jshintrc to qunit.
props jorbin.
see .

Built from https://develop.svn.wordpress.org/trunk@25992


git-svn-id: http://core.svn.wordpress.org/trunk@25925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-30 14:39:10 +00:00
Andrew Nacin de7977d66c Move upgrader_process_complete for core to its proper place in Core_Upgrader.
This means it will be firing as a JS redirect is taking place if the update is from pre-3.4. Acceptable.

props dd32.
fixes .

Built from https://develop.svn.wordpress.org/trunk@25861


git-svn-id: http://core.svn.wordpress.org/trunk@25861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:58:23 +00:00
Drew Jaynes 4d1482cd0d Inline documentation for the `WP_Date_Query` class in wp-includes/date.php.
- Adds a complete hash notation for the `WP_Date_Query` arguments array.
- Adds missing documentation for the `date_query_valid_columns` and `get_date_sql` filter hooks.

Props aeg0125 for the incremental patches.
Fixes .

Built from https://develop.svn.wordpress.org/trunk@25860


git-svn-id: http://core.svn.wordpress.org/trunk@25860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:58:12 +00:00
Drew Jaynes 54b569b44d Inline documentation for hooks in wp-settings.php.
Props miyauchi.
Fixes 

Built from https://develop.svn.wordpress.org/trunk@25721


git-svn-id: http://core.svn.wordpress.org/trunk@25634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-07 19:34:09 +00:00
Andrew Nacin 41f1cd687b WP_Date_Query.
props Viper007Bond.
see .

Built from https://develop.svn.wordpress.org/trunk@25139


git-svn-id: http://core.svn.wordpress.org/trunk@25119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-27 16:39:09 +00:00
Andrew Nacin b88b1c1f53 Move revisions/autosave and post format functions from wp-includes/post.php into revision.php and post-formats.php.
git-svn-id: http://core.svn.wordpress.org/trunk@23466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-21 21:24:34 +00:00
Peter Westwood f683fc7677 Tighten our braces. Fixes props evansolomon.
git-svn-id: http://core.svn.wordpress.org/trunk@23265 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-04 10:13:51 +00:00
Andrew Nacin 9120cf3375 WP_Image_Editor: the last stand.
* Have wp_get_image_editor() rather than WP_Image_Editor::get_instance(). Having static factory methods would be less confusing if there weren't also static methods tied to individual editor implementations.
 * Lazy-load the WP_Image_Editor base class and editor implementations.
 * Have WP_Image_Editor_GD::supports_mime_type() actually check which types it supports.
 * Deprecate gd_edit_image_support() in favor of wp_image_editor_supports().

props DH-Shredder, scribu, markoheijnen. fixes . see .



git-svn-id: http://core.svn.wordpress.org/trunk@22817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-22 09:52:16 +00:00
Ryan Boren 33fe750dce Don't assign wp_the_query to wp_query by reference. Removing the ref avoids accidentally stomping wp_the_query.
Props scribu, wpmuguru
fixes 


git-svn-id: http://core.svn.wordpress.org/trunk@22434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 20:03:28 +00:00
Ryan Boren b4d0be2d1a Introduce WP_Image_Editor, WP_Image_Editor_Imagick, and WP_Image_Editor_GD. Abstracts image editing API and adds support for ImageMagick.
Props DH-Shredder, kurtpayne, markoheijnen
see 


git-svn-id: http://core.svn.wordpress.org/trunk@22094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-01 20:59:06 +00:00
Andrew Nacin 4e0c89c236 Move WP_Embed into its own file. props ocean90. fixes .
git-svn-id: http://core.svn.wordpress.org/trunk@21999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 08:39:26 +00:00
Andrew Nacin 9d12d7df9c We no longer need to check function_exists() for date_default_timezone_set(). props Gary-J, j-idris. fixes .
git-svn-id: http://core.svn.wordpress.org/trunk@21544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-17 23:40:09 +00:00
ryan d286875515 switch_to_blog() and restore_current_blog() housekeeping.
wp-includes/admin-bar.php:

* Replace get_admin_url() and get_home_url() with admin_url() and home_url() and place them inside a switch/restore. Likewise replace current_user_can_for_blog() with current_user_can(). This avoids doing multiple switch restores.

wp-includes/ms-blogs.php:

* Deprecate the $validate argument to switch_to_blog(). This avoids a not very necessary call to get_blog_details(), possibly saving a few queries.
* Use $_wp_switched and $_wp_switched_stack instead of $switched and $switched_stack to make it less likely these globals will be stomped.
* Use GLOBALS to access blog_id and other globals. I've preferred this style lately since it makes it obvious a global is being used and avoids global blog_id being stomped by a local variable.
* Lose some is_object() checks. wp_get_current_user() always returns an object, for example.
* Call the new WP_Roles::reinit() method.

wp-includes/class-wp-xmlrpc-server.php:

* Replace current_user_can_for_blog() with current_user_can() and move it inside the switch/restore pair. This eliminates a switch/restore.

wp-includes/capabilities.php:

* Use array_keys() instead of $role => $data since $data is unused. I *think* this is a bit faster.
* Introduce WP_Roles::reinit(). This reinitializes WP_Roles and is used after switch_to_blog() has already update the blog ID in the wpdb object. If a global roles array is being used instead of the db, reinit is skipped.
* current_user_can_for_blog() now does a switch/restore. It didn't before meaning it could be reinitializing the user with the wrong role information for the current blog.

wp-includes/ms-settings.php:

* Define $_wp_switched_stack and $_wp_switched. This way switch_to_blog() and restore_current_blog() can rely on it being set.

wp-settings.php:

* Instantiate the WP_Roles global. This was it is always defined during init. To remove the WP_Roles checks from WP_Role and WP_User this would probably have to move before plugins are loaded, which might not be a good thing.

wp-includes/functions.php:

* Update wp_upload_dir() to reference _wp_switched.



git-svn-id: http://core.svn.wordpress.org/trunk@21485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-09 16:28:15 +00:00
nacin 9dca2c6876 Remove old code unsetting a few variables in wp-settings.php. fixes .
git-svn-id: http://core.svn.wordpress.org/trunk@21186 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-29 20:57:09 +00:00
nacin ace51e5f6d Deprecate require_if_theme_supports(). Always require post-thumbnail-template.php. fixes . fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@20610 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-27 04:54:36 +00:00
nacin d130a63e25 Introduce WP_Theme, wp_get_themes(), and wp_get_theme() to replace get_themes(), get_theme(), get_theme_data(), current_theme_info(), and others.
* Getters and Helpers: Introduces a series of methods to allow for easy generation of headers for display, and other theme metadata, including page templates.
 * Screenshots: Handles support for multiple screenshots. (see # Additional screenshots must be PNG and start with screenshot-2.png, and be sequential to be counted. see .
 * Error Handling: Broken themes have a WP_Error object attached to them.
 * Caching: Introduces a wp_cache_themes_persistently filter (also in [20020]) to enable persistent caching of all filesystem and sanitization operations normally handled by WP_Theme (and formerly get_file_data() and get_themes()). Themes are cached individually and across five different cache keys for different data pieces.
 * Compatibility: A WP_Theme object is backwards compatible with a theme's array formerly returned by get_themes() and get_theme(), and an stdClass object formerly returned by current_theme_info().
 * i18n/L10n: Theme headers are now localizable with proper Text Domain and Domain Path headers, like plugins. (Language packs may remove the requirement for headers.) For page templates, see  (not fixed yet, but will be easy now). For headers, fixes .
 * PHP and CSS files: New methods that fetch a list of theme files (for the theme editor) only on demand, rather than only loading them into memory. fixes .

Functions deprecated:
 * get_themes(), get_allowed_themes() and get_broken_themes() -- use wp_get_themes()
 * get_theme() and current_theme_info() -- use wp_get_theme()
 * get_site_allowed_themes() -- use WP_Theme::get_allowed_on_network()
 * wpmu_get_blog_allowedthemes() -- use WP_theme::get_allowed_on_site()

see also [20016], [20018], [20019], [20020], [20021], [20022], [20025], [20026], [20027]. also fixes .

see .



git-svn-id: http://svn.automattic.com/wordpress/trunk@20029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-28 21:24:44 +00:00
nacin e4bfd6ecc1 Move the template loading functions from wp-includes/theme.php to wp-includes/template.php. This includes get_query_template(), locate_template(), and friends. see .
git-svn-id: http://svn.automattic.com/wordpress/trunk@20002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-28 01:49:49 +00:00
nacin bf68de769e WP_LANG_DIR is trusted, just need to check $locale. props SergeyBiryukov, fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@19824 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-04 00:32:34 +00:00
nacin ecedc9152f Only set text_direction based on a locale being RTL if we successfully loaded a locale.mo file. Otherwise we may be in RTL land based on a WPLANG constant but nothing else. fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@19797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-31 14:30:36 +00:00
nacin 81ed9a7563 Introduce wp_load_translations_early(), which can be used before the locale is properly loaded in order to translate early error strings. Internationalize setup-config.php -- translators no longer have a reason to modify this file. fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@19760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-26 20:34:27 +00:00
nacin e76ff1769e It's L10n (or i18n). Not too sure what l18n stands for. (Typo from [12762].)
git-svn-id: http://svn.automattic.com/wordpress/trunk@19758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-26 00:16:01 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
ryan 616c35e71c One newline is enough.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
nacin e7a3480e61 Globalize wp_rewrite in wp-settings. props mrtorrent, fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@19603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-20 20:43:15 +00:00
nacin 97f9966f3a Explicitly globalize $table_prefix in wp-settings.php in case WordPress isn't loaded in global scope. Use $_SERVER['PHP_SELF'], not $PHP_SELF. We need to keep $PHP_SELF for backwards compatibility reasons (many, many plugins rely on it). props mrtorrent, fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@18993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-18 19:37:07 +00:00
nacin 39d6c8e659 Explicitly globalize wp_locale for the UT framework. props scribu, fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@18756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-22 22:49:30 +00:00
nacin 1fd123aa40 Use ini_set instead of set_magic_quotes_runtime() to prevent silenced E_DEPRECATED notice. props wonderboymusic.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18549 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-15 06:42:43 +00:00
nbachiyski abe8b47351 Explicitly globalize some variables, so that unit tests can run WordPress inside a function. Fixes
git-svn-id: http://svn.automattic.com/wordpress/trunk@18532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-11 04:45:14 +00:00
ryan db8c49d886 Call register_shutdown_function() for SHORTINIT. Props jtclarke. fixes
git-svn-id: http://svn.automattic.com/wordpress/trunk@18450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-21 19:37:47 +00:00
nacin db78833264 Mark a few files as needing to be parsable by PHP4 in order to show the proper error messages. Non-exhaustive. see .
git-svn-id: http://svn.automattic.com/wordpress/trunk@18375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-29 16:50:07 +00:00
nacin ad1e1df0f2 wp_check_php_mysql_versions() during setup and install. see .
git-svn-id: http://svn.automattic.com/wordpress/trunk@18374 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-29 16:46:46 +00:00
ryan 593659b8d0 Hardening. Santizers for WPLANG and new_admin_email. Prevent stomping ID and filter. Validate locale filename. Props westi.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-27 15:56:42 +00:00
ryan b863511166 Load the theme's functions.php for wp-activate.php. Props nacin, frumph. fixes
git-svn-id: http://svn.automattic.com/wordpress/trunk@18263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-11 03:04:04 +00:00
westi 80f4e83a8c Introduce WP_MAX_MEMORY_LIMIT constant for the high memory limit we set when image processing and unzipping.
Ensure it is always filterable by plugins as well as configurable in wp-config
Fixes  props hakre


git-svn-id: http://svn.automattic.com/wordpress/trunk@17749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-28 16:25:36 +00:00
ryan ff9610e36d Don't load themes functions.php for upgrades. Props greuben. fixes
git-svn-id: http://svn.automattic.com/wordpress/trunk@17727 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-27 21:16:49 +00:00
markjaquith b1f3de70e7 Restore compat.php includes. see
git-svn-id: http://svn.automattic.com/wordpress/trunk@17622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-07 15:47:04 +00:00
ryan 91dc365567 Take out unnecessary compat functions from compat.php. Props hakre, ptahdunbar. see
git-svn-id: http://svn.automattic.com/wordpress/trunk@17603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-05 17:13:04 +00:00
ryan 7baf775b85 Assigning the return value of new by reference is deprecated. Props hakre. see
git-svn-id: http://svn.automattic.com/wordpress/trunk@17573 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-03-30 20:50:05 +00:00
nacin 540eaaff22 I before E, except after C. props jkudish, fixes .
git-svn-id: http://svn.automattic.com/wordpress/trunk@17524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-03-21 23:44:30 +00:00
ryan 86c173262f Load network plugins for wp-activate.php. Restore MU load order. Props blamenacin. fixes
git-svn-id: http://svn.automattic.com/wordpress/trunk@16558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-24 00:19:38 +00:00