Commit Graph

195 Commits

Author SHA1 Message Date
Boone Gorges 39fb7992a9 Require numeric IDs in user deletion functions.
`wp_delete_user()` and `wpmu_delete_user()` both require an `$id` parameter.
Previously, the functions did not verify that the value passed was, in fact,
a number. As such, passing an object or any other entity that would be cast
to int `1` would result in user 1 being deleted. We fix this by enforcing
the requirement that `$id` be numeric.

Props dipesh.kakadiya, utkarshpatel, juliobox.
Fixes #33800.
Built from https://develop.svn.wordpress.org/trunk@34034


git-svn-id: http://core.svn.wordpress.org/trunk@34002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 02:25:23 +00:00
Scott Taylor 5918b30cdd Move `network_settings_add_js()` from `wp-admin/network/settings.php` to `wp-admin/includes/ms.php`.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34026


git-svn-id: http://core.svn.wordpress.org/trunk@33995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:24:24 +00:00
Scott Taylor 2d2e3c911e Move `confirm_delete_users()` from `wp-admin/network/users.php` to `wp-admin/includes/ms.php`.
See #33813.

Built from https://develop.svn.wordpress.org/trunk@34025


git-svn-id: http://core.svn.wordpress.org/trunk@33994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 22:23:46 +00:00
Scott Taylor ef87172270 `foreach` is a statement, not a function.
See #33491.

Built from https://develop.svn.wordpress.org/trunk@33734


git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Dominik Schilling 198cdb1dde Multisite mails: Initialize `$current_user` before accessing `$current_user->user_login`.
props Toro_Unit.
see #31217.
fixes #33254.
Built from https://develop.svn.wordpress.org/trunk@33569


git-svn-id: http://core.svn.wordpress.org/trunk@33536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-04 11:39:25 +00:00
Jeremy Felt 0bc0b0c917 Do not allow deletion of a super admin user through `wpmu_delete_user()`.
In step with the UI provided by `wp-admin/network/users.php`, super admin privileges must be removed before a user can be deleted through the API.

Props @johnjamesjacoby, @jeremyfelt.
Fixes #32935.

Built from https://develop.svn.wordpress.org/trunk@33143


git-svn-id: http://core.svn.wordpress.org/trunk@33114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-09 16:16:25 +00:00
Jeremy Felt 767ed1e9b1 Use the full site URL in `choose_primary_blog()` when a user is a member of only one site.
Aligns with the output used when a user is a member of multiple sites.

Fixes #32884.

Built from https://develop.svn.wordpress.org/trunk@33081


git-svn-id: http://core.svn.wordpress.org/trunk@33052 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-04 04:21:24 +00:00
Scott Taylor d2a00338f6 Don't loosely compare functions that return `bool` against a literal `bool`.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32730


git-svn-id: http://core.svn.wordpress.org/trunk@32701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-12 17:19:27 +00:00
Scott Taylor a51dfa3971 In the style of #30947 and `default-filters.php`, add 2 new files to `wp-admin/includes`:
`admin-filters.php`
`ms-admin-filters.php`

There are random actions and filters littered among files like `misc.php`. These files contain functions that won't work outside of admin context and are typically only loaded in files that have already loaded the admin bootstrap.

See #32529.

Built from https://develop.svn.wordpress.org/trunk@32653


git-svn-id: http://core.svn.wordpress.org/trunk@32623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 17:04:26 +00:00
Scott Taylor b56b9b3e5c Add `@global` annotations for `wp-admin/*`.
See #32444.

Built from https://develop.svn.wordpress.org/trunk@32642


git-svn-id: http://core.svn.wordpress.org/trunk@32612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 21:41:30 +00:00
Sergey Biryukov 77572cf024 Multisite: Add translator comments to default email messages with non-typical placeholders.
props yoavf.
fixes #32263.
Built from https://develop.svn.wordpress.org/trunk@32381


git-svn-id: http://core.svn.wordpress.org/trunk@32351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 09:12:25 +00:00
Drew Jaynes 87e149a19f Add a missing `@return` tag to the DocBlock for `site_admin_notice()`.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32339


git-svn-id: http://core.svn.wordpress.org/trunk@32310 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-04 01:06:25 +00:00
Scott Taylor bce851dcf2 Replace `array_shift()` with `reset()` where appropriate for performance.
Props SergeyBiryukov.
Fixes #31259.

Built from https://develop.svn.wordpress.org/trunk@31829


git-svn-id: http://core.svn.wordpress.org/trunk@31811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-19 03:56:27 +00:00
Jeremy Felt 7644e68119 Provide proper label associations and descriptions throughout the network admin
* Add labels previously missing for many inputs throughout the network admin screen.
* Add proper `aria-describedby` attributes to provide better descriptions.
* Wrap grouped inputs with `fieldset` elements.
* Remove now unneeded `title` attributes when appropriate.

Props cfoellmann, afercia, rianrietveld.

Fixes #38406.

Built from https://develop.svn.wordpress.org/trunk@31517


git-svn-id: http://core.svn.wordpress.org/trunk@31498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-23 02:29:26 +00:00
Sergey Biryukov 0e65ae6176 Remove redundant string with a typo introduced in [25481].
see #31217.
Built from https://develop.svn.wordpress.org/trunk@31404


git-svn-id: http://core.svn.wordpress.org/trunk@31385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-10 07:53:28 +00:00
Sergey Biryukov 12f4004989 Replace generic "Dear user" greeting in email notifications with a more personalized one.
props Ipstenu.
fixes #31217.
Built from https://develop.svn.wordpress.org/trunk@31403


git-svn-id: http://core.svn.wordpress.org/trunk@31384 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-10 07:47:27 +00:00
Sergey Biryukov 5ac0568ee3 Switch to a 403 response code in places where it is more appropriate than a 500 due to permissions errors.
props tomdxw.
fixes #30927.
Built from https://develop.svn.wordpress.org/trunk@31300


git-svn-id: http://core.svn.wordpress.org/trunk@31281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-29 21:15:22 +00:00
Sergey Biryukov 7b04e6d4f4 Add variable type for sync_category_tag_slugs() parameters.
props tillkruess.
fixes #30718.
Built from https://develop.svn.wordpress.org/trunk@31113


git-svn-id: http://core.svn.wordpress.org/trunk@31094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 11:19:22 +00:00
Scott Taylor 60b0cd7943 The keyword `elseif` should be used instead of `else if` so that all control keywords look like single words.
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00
Scott Taylor ac4e67b82e Perl-style comments should not be used
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31079


git-svn-id: http://core.svn.wordpress.org/trunk@31060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 05:52:24 +00:00
Scott Taylor af0e5cc851 Inline `<script>`s that are only printed in the admin for pages that are served with the HTML5 doctype absolutely do not need `CDATA` comments.
Props tw2113 for the initial patch.
See #18788.

Built from https://develop.svn.wordpress.org/trunk@31034


git-svn-id: http://core.svn.wordpress.org/trunk@31015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-03 05:46:25 +00:00
Drew Jaynes bb380687fa Add missing DocBlocks for several functions in wp-admin/includes/ms.php.
Props dustyf.
See #30483.

Built from https://develop.svn.wordpress.org/trunk@30630


git-svn-id: http://core.svn.wordpress.org/trunk@30620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 05:06:23 +00:00
Jeremy Felt 3a7b5748eb Prevent wpmu_delete_blog from removing the wrong uploads directory
`wp_upload_dir()` includes some logic to fall back to the default site's upload directory if a specific directory for the requested site cannot be found. Because of this, if `wpmu_delete_blog()` is fired twice in a row for the same site, the main site's upload directory could be deleted as well.

This adds some checks in `wpmu_delete_blog()` so that we are confident in the site and it's upload directory's existence before dropping the site. Tests are added for when `ms_files_rewriting` is enabled or disabled.

Fixes #30121

Built from https://develop.svn.wordpress.org/trunk@30404


git-svn-id: http://core.svn.wordpress.org/trunk@30399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 06:53:22 +00:00
Jeremy Felt 796ceebb25 Use common core syntax for checking DOING_AJAX
Our current check for a non truthy `DOING_AJAX` is `! DOING_AJAX`.

props TobiasBg
Fixes #29891

Built from https://develop.svn.wordpress.org/trunk@30177


git-svn-id: http://core.svn.wordpress.org/trunk@30177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-02 02:24:23 +00:00
Scott Taylor 60b73c589c Display error message when Media Library upload fails.
Props gcorne.
Fixes #29891.

Built from https://develop.svn.wordpress.org/trunk@30156


git-svn-id: http://core.svn.wordpress.org/trunk@30156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-01 20:25:23 +00:00
Drew Jaynes f8657d5890 Remove redundant and erroneous `@uses` tag from most core inline documentation.
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.

Fixes #30191.

Built from https://develop.svn.wordpress.org/trunk@30105


git-svn-id: http://core.svn.wordpress.org/trunk@30105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-30 01:05:24 +00:00
Scott Taylor d0a327b0b9 Make the URL output in `_thickbox_path_admin_subfolder()` use `includes_url()`.
Props voldemortensen.
Fixes #14157.

Built from https://develop.svn.wordpress.org/trunk@29741


git-svn-id: http://core.svn.wordpress.org/trunk@29515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-12 22:31:18 +00:00
Scott Taylor 85bdc64173 In `update_option_new_admin_email()`, `$email` is set and never used.
See #27882.


Built from https://develop.svn.wordpress.org/trunk@28299


git-svn-id: http://core.svn.wordpress.org/trunk@28127 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-06 16:48:14 +00:00
Drew Jaynes d77e78d685 Clean up duplicate hook notations and adjacency for calls to the `wp_signup_location` filter.
Also adds braces missed in [25535].

See #26869.

Built from https://develop.svn.wordpress.org/trunk@28215


git-svn-id: http://core.svn.wordpress.org/trunk@28045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-25 07:12:14 +00:00
Andrew Nacin c3ca81ba94 Always decode special characters for email subjects.
props tlovett1, jeremyfelt.
fixes #25346.

Built from https://develop.svn.wordpress.org/trunk@27801


git-svn-id: http://core.svn.wordpress.org/trunk@27636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-28 02:44:15 +00:00
Andrew Nacin 156a5a234f Multisite: Don't set the $super_admins global in grant_super_admin(), revoke_super_admin().
Adds tests and docs.

props jdgrimes.
see #27205.

Built from https://develop.svn.wordpress.org/trunk@27706


git-svn-id: http://core.svn.wordpress.org/trunk@27545 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-25 12:14:14 +00:00
Andrew Ozz eb1d21d782 Remove all "valign" attributes from tables in wp-admin, props MikeHansenMe, Marventus. Fixes #22712.
Built from https://develop.svn.wordpress.org/trunk@27029


git-svn-id: http://core.svn.wordpress.org/trunk@26905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-24 19:06:15 +00:00
Drew Jaynes c9077348ee Inline documentation for hooks in wp-admin/includes/user.php.
Props aaronholbrook for the initial patch.
Fixes #26099.

Built from https://develop.svn.wordpress.org/trunk@26503


git-svn-id: http://core.svn.wordpress.org/trunk@26397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-01 17:54:10 +00:00
Sergey Biryukov 74f77b85a6 Use get_current_site() instead of the $current_site global when possible.
props jeremyfelt.
fixes #25158.
Built from https://develop.svn.wordpress.org/trunk@26120


git-svn-id: http://core.svn.wordpress.org/trunk@26032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 03:23:10 +00:00
Sergey Biryukov eae4e5936f Use case-insensitive comparison for email addresses. fixes #25779.
Built from https://develop.svn.wordpress.org/trunk@26115


git-svn-id: http://core.svn.wordpress.org/trunk@26027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 02:41:09 +00:00
Andrew Nacin 70fd806759 Revert r25824:25875 from the core.svn.wordpress.org repository.
These commits were accidentally re-synced commits from develop.svn.wordpress.org due to a race condition. Thankfully, the history of this repository matters fairly little. It also happened only for trunk.


git-svn-id: http://core.svn.wordpress.org/trunk@25876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-25 02:29:52 +00:00
Andrew Nacin 5361a8abca Spell out duplicate hook locations.
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:59:20 +00:00
Andrew Nacin 8ae8e01b67 Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
see #27704.

Built from https://develop.svn.wordpress.org/trunk@25825


git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Ryan Boren b87d4b77e5 Pinking shears
Built from https://develop.svn.wordpress.org/trunk@25880


git-svn-id: http://core.svn.wordpress.org/trunk@25792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-23 14:38:10 +00:00
Andrew Nacin 74488bdcb0 Spell out duplicate hook locations.
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-22 17:22:11 +00:00
Sergey Biryukov 8595facd73 Some more tweaks for the documentation in wp-admin/includes/ms.php. see #25229.
Built from https://develop.svn.wordpress.org/trunk@25497


git-svn-id: http://core.svn.wordpress.org/trunk@25418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-19 16:06:12 +00:00
Sergey Biryukov 27a75e12ad Update inline documentation for hooks in wp-admin/includes/ms.php.
props jamescollins.
see #25229.
Built from https://develop.svn.wordpress.org/trunk@25486


git-svn-id: http://core.svn.wordpress.org/trunk@25407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-19 00:05:09 +00:00
Sergey Biryukov 37e3b91285 Inline documentation for hooks in wp-admin/includes/ms.php.
props enej, DrewAPicture.
see #25229.
Built from https://develop.svn.wordpress.org/trunk@25481


git-svn-id: http://core.svn.wordpress.org/trunk@25402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-18 18:22:09 +00:00
Jon Cave 5c57c78afa Fix potential SQLi through improper use of API functions.
git-svn-id: http://core.svn.wordpress.org/trunk@24875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 18:16:47 +00:00
Jon Cave 3999883feb Remove unnecessary secret_salt_warning().
If salts/keys are not defined in wp-config.php then they will be generated
automatically and stored in the database. [19771] also deals with values
that are duplicated or set to default.

Fixes #14803.


git-svn-id: http://core.svn.wordpress.org/trunk@24813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-28 19:45:57 +00:00
Andrew Nacin 46097dec37 Pass blog_id to the wpmu_drop_tables filter. props mitchoyoshitaka. see #24320.
git-svn-id: http://core.svn.wordpress.org/trunk@24245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-11 21:58:40 +00:00
Sergey Biryukov f86b1502a0 Fix fatal error in WP_User_Query when searching users by URL. Move wp_is_large_network() to wp-includes. fixes #23683 for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@23664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-12 09:19:55 +00:00
Ryan Boren da7db424de Call them network upgrades rather than network updates to better indicate that they are DB upgrades rather than code/file upgrades.
Improve the contextual help for the Network Upgrade screen.

Props DrewAPicture
fixes #23540


git-svn-id: http://core.svn.wordpress.org/trunk@23619 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-05 17:02:31 +00:00
Andrew Nacin 55ba72f46e Confirm a user exists before deleting them in wp_delete_user() and wpmu_delete_user(). props scribu, fixes #23067.
git-svn-id: http://core.svn.wordpress.org/trunk@23380 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-02 04:41:02 +00:00
Ryan Boren 8dc401468e Make is_upload_space_available() available for front end page loads. Fixes fatal error when calling wp_editor() from the front end.
Props scribu, itworx
fixes #22585


git-svn-id: http://core.svn.wordpress.org/trunk@22840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-26 14:42:43 +00:00