Drew Jaynes
11ab384086
Docs: Improve 4.5 changelog entries introduced in [36992] for `wp_authenticate()`, and the `authenticate` and `wp_login_failed` hooks.
...
See #9568 . See #35986 .
Built from https://develop.svn.wordpress.org/trunk@37030
git-svn-id: http://core.svn.wordpress.org/trunk@36997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-17 08:06:27 +00:00
John Blackbourn
621085a360
Users: Add `@since` entries to `wp_authenticate()` and its filters now that the `$username` parameter can also be an email address.
...
See #9568 , #35986
Built from https://develop.svn.wordpress.org/trunk@36992
git-svn-id: http://core.svn.wordpress.org/trunk@36959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-14 22:31:27 +00:00
Sergey Biryukov
ef7a559e2e
Docs: Correct filter reference in `pre_get_avatar` filter description.
...
Props henry.wright.
Fixes #36031 .
Built from https://develop.svn.wordpress.org/trunk@36800
git-svn-id: http://core.svn.wordpress.org/trunk@36767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-02 03:41:28 +00:00
Dominik Schilling
e5ea82d81a
Spelling: Standardize on "front end"/"back end" (noun) and "front-end"/"back-end" (adjective).
...
Props obrienlabs, thewanderingbrit.
Fixes #34887 .
Built from https://develop.svn.wordpress.org/trunk@36709
git-svn-id: http://core.svn.wordpress.org/trunk@36676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 12:53:27 +00:00
Drew Jaynes
f5ea3e5dac
Docs: Make a few syntactical improvements to the DocBlock for `_wp_get_current_user()`, introduced in [36651].
...
Includes a cross reference from the DocBlock for `wp_get_current_user()`, which itself is pluggable, but the new internal function is not.
See #19615 . See #32246 .
Built from https://develop.svn.wordpress.org/trunk@36705
git-svn-id: http://core.svn.wordpress.org/trunk@36672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 05:07:26 +00:00
Sergey Biryukov
f170058209
Mail: Correct `compact()` usage in `wp_mail()`.
...
Props Ankit K Gupta, maweder.
Fixes #35781 for trunk.
Built from https://develop.svn.wordpress.org/trunk@36688
git-svn-id: http://core.svn.wordpress.org/trunk@36655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 17:38:27 +00:00
Pascal Birchler
9612c26db3
Users: Introduce `_wp_get_current_user()` for improved backward compatibility.
...
This new helper function is used by the pluggable functions `wp_get_current_user()` and `get_currentuserinfo()`, which was previously being called by the former before [36311]. Without it, infinite loops could be caused when plugins implement these functions, as they are now called the other way around.
Fixes #19615 .
Built from https://develop.svn.wordpress.org/trunk@36651
git-svn-id: http://core.svn.wordpress.org/trunk@36618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 22:26:28 +00:00
Dominik Schilling
7ebe2c1e7a
Authentication: Allow users to log in using their email address.
...
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.
Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568 .
Built from https://develop.svn.wordpress.org/trunk@36617
git-svn-id: http://core.svn.wordpress.org/trunk@36584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-22 23:15:27 +00:00
Rachel Baker
06225cc394
Comments: Refresh the Moderate Comment screen for a friendlier experience with email moderation actions.
...
Brings some love to this neglected screen:
* format `comment_content`, instead of escaping in one massive block of text
* only wrap the comment date in a link if the comment permalink exists
* include link to the Edit Comment screen at the bottom of the comment_content
* update the message styles to match other screens
* append `#wpbody-content` to the comment email message links for accessibility
Props johnbillion, rachelbaker, afercia, melchoyce, karmatosed.
Fixes #34133
Built from https://develop.svn.wordpress.org/trunk@36588
git-svn-id: http://core.svn.wordpress.org/trunk@36555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-19 19:14:26 +00:00
Dominik Schilling
72c6f7f86f
Suppress possible warnings in PHP < 5.3.3 by `parse_url()` in `wp_validate_redirect()`.
...
PHP 5.3.3 removed the E_WARNING that was emitted when URL parsing failed.
Built from https://develop.svn.wordpress.org/trunk@36446
git-svn-id: http://core.svn.wordpress.org/trunk@36413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 16:34:27 +00:00
Aaron Jorbin
5c4031dd84
Revert [35792]
...
This causes a regression and causes redirects to potentially fail.
See #5114 #34028
props ocean90
Built from https://develop.svn.wordpress.org/trunk@36445
git-svn-id: http://core.svn.wordpress.org/trunk@36412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 16:24:26 +00:00
Dominik Schilling
361ed7a3d6
Better validation of the URL used in HTTP redirects.
...
Built from https://develop.svn.wordpress.org/trunk@36444
git-svn-id: http://core.svn.wordpress.org/trunk@36411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 15:11:28 +00:00
Dominik Schilling
c5e3716c11
Docs: Fix `@return` type for `wp_get_current_user()` after [36313].
...
See #19615 .
Built from https://develop.svn.wordpress.org/trunk@36314
git-svn-id: http://core.svn.wordpress.org/trunk@36281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 11:16:26 +00:00
Pascal Birchler
9cd880d356
Users: Always return `$current_user` in `wp_get_current_user()`, never a boolean.
...
Fixes unit tests affected by [36311].
See #19615 .
Built from https://develop.svn.wordpress.org/trunk@36313
git-svn-id: http://core.svn.wordpress.org/trunk@36280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 10:47:25 +00:00
Pascal Birchler
283684b616
Users: Deprecate the `get_currentuserinfo()` pluggable function.
...
It encourages an ugly pattern like `global $userdata; get_currentuserinfo();` in plugins/themes. `wp_get_current_user()` should be used instead, e.g. `$current_user = wp_get_current_user();`.
Props scribu for initial patch.
Fixes #19615 .
Built from https://develop.svn.wordpress.org/trunk@36311
git-svn-id: http://core.svn.wordpress.org/trunk@36278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 10:16:27 +00:00
Eric Lewis
c52af7470b
Login is not a verb, change "login" to "log in".
...
See #35387
Built from https://develop.svn.wordpress.org/trunk@36246
git-svn-id: http://core.svn.wordpress.org/trunk@36213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 21:08:26 +00:00
Eric Lewis
2f41867519
Users: Fix incorrect docs for user authentication and login functions.
...
Fixes #35387
Built from https://develop.svn.wordpress.org/trunk@36245
git-svn-id: http://core.svn.wordpress.org/trunk@36212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 20:52:27 +00:00
Sergey Biryukov
b0b561517d
Docs: Fix typo in a comment in `wp_rand()`.
...
Props boluda.
Fixes #35228 .
Built from https://develop.svn.wordpress.org/trunk@36102
git-svn-id: http://core.svn.wordpress.org/trunk@36067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-26 11:07:28 +00:00
Drew Jaynes
7b19006ce1
Docs: Add missing parameter and return notations to the DocBlock for `_wp_sanitize_utf8_in_redirect()`.
...
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@35980
git-svn-id: http://core.svn.wordpress.org/trunk@35945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-16 23:15:27 +00:00
John Blackbourn
593cc9abbd
Add missing `@param` docs to `wp_safe_redirect()` and `wp_sanitize_redirect()`.
...
See #32246
Built from https://develop.svn.wordpress.org/trunk@35914
git-svn-id: http://core.svn.wordpress.org/trunk@35878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-14 02:43:25 +00:00
John Blackbourn
9f7165d522
Add missing `@param` doc to `wp_hash()`.
...
See #32246
Built from https://develop.svn.wordpress.org/trunk@35913
git-svn-id: http://core.svn.wordpress.org/trunk@35877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-14 02:39:26 +00:00
John Blackbourn
48380c58a5
Add missing `@param` doc to `wp_check_password()` and update the `check_password` filter docs.
...
See #32246
Built from https://develop.svn.wordpress.org/trunk@35909
git-svn-id: http://core.svn.wordpress.org/trunk@35873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-14 02:30:26 +00:00
Aaron Campbell
894526c78d
Consider both home and site domains to be valid in `wp_validate_redirect()`.
...
Props layotte.
Fixes #34028 .
Built from https://develop.svn.wordpress.org/trunk@35792
git-svn-id: http://core.svn.wordpress.org/trunk@35756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-06 21:17:24 +00:00
Dominik Schilling
0632e4ab84
Passwords: Support the pre-4.3 behavior of `wp_new_user_notification()`.
...
Hello, it's me again. A pluggable function named `wp_new_user_notification()`. A few months ago, after [33023], I have lost my second parameter `$plaintext_pass`. But thanks to [33620] I got a new one.
Bad idea - It hasn't had the same behavior as my previous parameter.
To solve that the second parameter got deprecated and reintroduced as the third parameter in [34116]. I was happy again, for a short time.
You remember my lost friend `$plaintext_pass`? No? Well, if its value was empty no notification was sent to the user. This behavior was still lost. And that's what this change is about: Don't notify a user if a plugin uses `wp_new_user_notification( $user_id )`.
You're asking if I'm happy now? Dunno, but maybe you have learned something about pluggable functions, have you?
Props danielbachhuber.
Fixes #34377 .
Built from https://develop.svn.wordpress.org/trunk@35735
git-svn-id: http://core.svn.wordpress.org/trunk@35699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-24 23:07:26 +00:00
Scott Taylor
34a9b6e428
Mail: in `wp_notify_postauthor()` and `wp_notify_moderator()`, ensure that special chars aren't HTML-encoded in the email message body.
...
Props solarissmoke, leemon.
Fixes #12584 .
Built from https://develop.svn.wordpress.org/trunk@35415
git-svn-id: http://core.svn.wordpress.org/trunk@35379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-28 18:03:24 +00:00
Dion Hulse
53afc72ab7
Update to Random_Compat 1.0.9.
...
This update includes fixes for Windows support & libSodium support, and removes the `Throwable` Polyfill due to PHP7 incompatibilities.
Fixes #28633
Built from https://develop.svn.wordpress.org/trunk@35365
git-svn-id: http://core.svn.wordpress.org/trunk@35330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-23 04:22:26 +00:00
Drew Jaynes
f954194a1c
Comments: Introduce two new filters, `notify_moderator` and `notify_post_author`, both of which make it possible to selectively override site notification email settings for new comments.
...
The `notify_moderator` filter makes it possible to override the value for the `moderation_notify` option, which controls whether to send new comment emails to "site moderators", that is to say, the owner of the admin email for the site and the post author if they have the ability to modify the comment.
The `notify_post_author` filter likewise makes it possible to override the value for the `comments_notify` option, which controls whether to send new comment emails to the post author. If the post author is the comment author, default behavior is not to send the notification. Note: enabling or disabling notifications via this hook could also affect other recipients added via the 'comment_notification_recipients' filter in `wp_notify_postauthor()`, if hooked.
Passing a falsey value to either of the new filters will prevent notifications from being sent, regardless of their corresponding option values.
Adds tests.
Props coffee2code, adamsilverstein, DrewAPicture.
Fixes #761 .
Built from https://develop.svn.wordpress.org/trunk@35339
git-svn-id: http://core.svn.wordpress.org/trunk@35305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 18:35:31 +00:00
Drew Jaynes
217b661703
Docs: Add missing descriptions for the `$wpdb` global in DocBlocks all the places.
...
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@35170
git-svn-id: http://core.svn.wordpress.org/trunk@35136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-14 23:44:25 +00:00
Sergey Biryukov
b40e362711
Fix typo in `get_avatar()` and `get_avatar_data()` docs.
...
Props johnjamesjacoby.
Fixes #34232 .
Built from https://develop.svn.wordpress.org/trunk@34988
git-svn-id: http://core.svn.wordpress.org/trunk@34953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 15:52:24 +00:00
Sergey Biryukov
072cdf116a
Fix typo in `wp_rand()` docs.
...
See #28633 .
Built from https://develop.svn.wordpress.org/trunk@34986
git-svn-id: http://core.svn.wordpress.org/trunk@34951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 05:20:23 +00:00
Dion Hulse
4852cbf14b
Use PHP7's `random_int()` CSPRNG functionality in `wp_rand()` with a fallback to the `random_compat` library for PHP 5.x.
...
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Take Two, this was previously committed in [34922] but had an issue on PHP 5.2 which sarciszewski has now resolved.
Props sarciszewski
See #28633
Built from https://develop.svn.wordpress.org/trunk@34981
git-svn-id: http://core.svn.wordpress.org/trunk@34946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 04:28:24 +00:00
Boone Gorges
48493cdf3a
Allow a null `id` to do a `name` lookup in `wp_set_current_user()`.
...
Previously, the `name` fallback was failing in the case where the current user
was 0, due to a loose comparison between 0 (the current user) and `null` (the
value that is used to trigger the `name` fallback).
Props bobbingwide.
Fixes #20845 .
Built from https://develop.svn.wordpress.org/trunk@34947
git-svn-id: http://core.svn.wordpress.org/trunk@34912 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 17:29:24 +00:00
Dion Hulse
bb8ba86ed1
Revert [34922] pending PHP 5.2 compatibility.
...
See #28633
Built from https://develop.svn.wordpress.org/trunk@34924
git-svn-id: http://core.svn.wordpress.org/trunk@34889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:17:24 +00:00
Dion Hulse
0e322469a6
Use PHP7's `random_int()` CSPRNG functionality in `wp_rand()` with a fallback to the `random_compat` library for PHP 5.x.
...
`random_compat` offers a set of compatible functions for older versions of PHP, filling in the gap by using other PHP extensions when available.
We still include our existing `wp_rand()` functionality as a fallback for when no proper CSPRNG exists on the system.
Props sarciszewski
See #28633
Built from https://develop.svn.wordpress.org/trunk@34922
git-svn-id: http://core.svn.wordpress.org/trunk@34887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:02:24 +00:00
Jeremy Felt
9926983b66
Revert [34778], continue using `_site_option()` for the current network.
...
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.
See #28290 .
Built from https://develop.svn.wordpress.org/trunk@34912
git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:11:25 +00:00
Jeremy Felt
54512d64cb
MS: Use `*_network_option()` functions throughout core.
...
Replaces all uses of `*_site_option()` with the corresponding "network" function.
This excludes one usage in `wp-admin/admin-footer.php` that needs more investigation.
Props spacedmonkey.
See #28290 .
Built from https://develop.svn.wordpress.org/trunk@34778
git-svn-id: http://core.svn.wordpress.org/trunk@34743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 19:08:26 +00:00
Scott Taylor
84da11d918
Pass `false` as the 2nd argument to `class_exists()` to disable autoloading and to not cause problems for those who define `__autoload()`.
...
Fixes #20523 .
Built from https://develop.svn.wordpress.org/trunk@34348
git-svn-id: http://core.svn.wordpress.org/trunk@34312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-20 03:52:25 +00:00
Scott Taylor
956f076095
After [34160], also upgrade objects passed to `get_avatar()`.
...
See #32619 .
Built from https://develop.svn.wordpress.org/trunk@34244
git-svn-id: http://core.svn.wordpress.org/trunk@34208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 17:34:24 +00:00
Sergey Biryukov
15b69a0862
Docs: Fix some syntactical issues with the DocBlock for `wp_mail_failed` action, introduced in [34221].
...
Fixes #18926 .
Built from https://develop.svn.wordpress.org/trunk@34239
git-svn-id: http://core.svn.wordpress.org/trunk@34203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 15:13:26 +00:00
Aaron Jorbin
1bd52ae1aa
Fire Action when mail exception is thrown.
...
new action is wp_mail_failed which contains a WP_Error object with the phpmailerException code, message and an array with the mail information. Plugins can hook in and log when mails fail to send due to a phpmailer issue.
Props soulseekah
Fixes #18926
Built from https://develop.svn.wordpress.org/trunk@34221
git-svn-id: http://core.svn.wordpress.org/trunk@34185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 23:51:23 +00:00
Scott Taylor
b1bc8a6522
More comment functions can accept a full object instead of comment_ID to reduce cache/db lookups.
...
See ##33638.
Built from https://develop.svn.wordpress.org/trunk@34129
git-svn-id: http://core.svn.wordpress.org/trunk@34097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 21:40:24 +00:00
Boone Gorges
ef474c6970
Accept 'ID' as a valid `$field` in `get_user_by()`.
...
We already accept 'id'. `ID` more closely matches the database and
`WP_User` schemas.
Props Shelob9.
Fixes #33869 .
Built from https://develop.svn.wordpress.org/trunk@34125
git-svn-id: http://core.svn.wordpress.org/trunk@34093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 18:58:26 +00:00
Dominik Schilling
4af3a3374e
Passwords: Deprecate second parameter of `wp_new_user_notification()`.
...
The second parameter `$plaintext_pass` was removed in [33023] and restored as `$notify` in [33620] with a different behavior. If you have a plugin overriding `wp_new_user_notification()` which hasn't been updated you would get a notification with your username and the password "both".
To prevent this the second parameter is now deprecated and reintroduced as the third parameter.
Adds unit tests.
Props kraftbj, adamsilverstein, welcher, ocean90.
Fixes #33654 .
(Don't ask for new pluggables kthxbye)
Built from https://develop.svn.wordpress.org/trunk@34116
git-svn-id: http://core.svn.wordpress.org/trunk@34084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 12:43:26 +00:00
Boone Gorges
b62bcef1b1
Send password-change email notifications via hook.
...
`wp_password_change_notification()` is now called at the 'after_password_reset'
action, rather than being invoked directly from the `reset_password()` function.
In order to make it possible to call `wp_password_change_notification()` as a
`do_action()` callback, the function signature has to be changed so that the
`$user` parameter is expected to be a value rather than a reference. Since
PHP 5.0, objects are passed by reference, so `&$user` was unnecessary anyway.
Props dshanske, thomaswm.
See #33587 .
Built from https://develop.svn.wordpress.org/trunk@34107
git-svn-id: http://core.svn.wordpress.org/trunk@34075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 02:45:25 +00:00
Dominik Schilling
a03488dbf6
Users: Import the global var `$wp_hasher` in `wp_new_user_notification()`.
...
Adds `@global` entries to the DocBlock.
Fixes #33826 .
Built from https://develop.svn.wordpress.org/trunk@34052
git-svn-id: http://core.svn.wordpress.org/trunk@34020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 19:10:26 +00:00
Scott Taylor
db4f22bfb5
After [33961], pass `$comment` to `get_comment_link()` where possible to avoid extra cache/db lookups.
...
See #33638 .
Built from https://develop.svn.wordpress.org/trunk@34042
git-svn-id: http://core.svn.wordpress.org/trunk@34010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 06:21:25 +00:00
Scott Taylor
4465a83b95
After [34015], handle orphaned comments in the Dashboard comments widget. Pass full `$comment` versus just passing the comment ID when possible.
...
See #33710 .
Built from https://develop.svn.wordpress.org/trunk@34038
git-svn-id: http://core.svn.wordpress.org/trunk@34006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-11 05:56:24 +00:00
Scott Taylor
e73ee5ac98
Introduce `WP_Comment` class to model/strongly-type rows from the comments database table. Inclusion of this class is a pre-req for some more general comment cleanup and sanity.
...
* Takes inspiration from `WP_Post` and adds sanity to comment caching.
* Clarifies when the current global value for `$comment` is returned. The current implementation in `get_comment()` introduces side effects and an occasion stale global value for `$comment` when comment caches are cleaned.
* Strongly-types `@param` docs
* This class is marked `final` for now
Props wonderboymusic, nacin.
See #32619 .
Built from https://develop.svn.wordpress.org/trunk@33891
git-svn-id: http://core.svn.wordpress.org/trunk@33860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-03 18:17:24 +00:00
Drew Jaynes
cf7694717b
Docs: Clarify the DocBlock summary for `wp_create_nonce()` to mention that nonce-creation is also now dependent on user tokens, as of [29221].
...
Also adds a changelog entry for when user tokens were introduced into the nonce-creation process.
Props ericlewis
Fixes #33636 .
Built from https://develop.svn.wordpress.org/trunk@33827
git-svn-id: http://core.svn.wordpress.org/trunk@33795 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-31 20:50:20 +00:00
Helen Hou-Sandí
1f500055a6
Drop the hyphen from e-mail and standardize on email.
...
The AP Stylebook changed this in 2011, and we're woefully inconsistent, so let's go with the standard.
props morganestes, voldemortensen, niallkennedy (for patching on the previous AP style).
fixes #26156 .
Built from https://develop.svn.wordpress.org/trunk@33774
git-svn-id: http://core.svn.wordpress.org/trunk@33742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-28 03:17:21 +00:00
Sergey Biryukov
1f4ae40c03
Add `'wp_verify_nonce_failed'` action that fires when nonce verification fails.
...
props johnbillion, garza, Shelob9.
fixes #24030 .
Built from https://develop.svn.wordpress.org/trunk@33744
git-svn-id: http://core.svn.wordpress.org/trunk@33712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 00:06:21 +00:00
Sergey Biryukov
b34af5586a
Fire the `check_ajax_referer` action on failure as well as success.
...
See [33017] for `check_admin_referer`.
props egill.
fixes #33342 .
Built from https://develop.svn.wordpress.org/trunk@33743
git-svn-id: http://core.svn.wordpress.org/trunk@33711 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 23:25:21 +00:00
Scott Taylor
ef87172270
`foreach` is a statement, not a function.
...
See #33491 .
Built from https://develop.svn.wordpress.org/trunk@33734
git-svn-id: http://core.svn.wordpress.org/trunk@33702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-25 20:28:22 +00:00
Scott Taylor
5510b519f5
In `wp_sanitize_redirect()`, don't eat `@` characters. According to RFC 3986, "@" is a perfectly valid character in a URL path or query string.
...
Adds unit test.
Props markjaquith.
Fixes #18818 .
Built from https://develop.svn.wordpress.org/trunk@33707
git-svn-id: http://core.svn.wordpress.org/trunk@33674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-22 17:05:24 +00:00
Drew Jaynes
bec5bcf717
Docs: Mark the `$notify` parameter in the DocBlock for `wp_new_user_notification()` as optional, and provide additional context on the difference between the accepted values.
...
See [33620] and [33023] for background.
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@33664
git-svn-id: http://core.svn.wordpress.org/trunk@33631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-20 18:26:26 +00:00
Konstantin Obenland
e6bc6242ad
Passwords: Restore second parameter for `wp_new_user_notification()`.
...
After [33023] users would always be notified, this restores previous behavior.
Props markjaquith, ocean90.
Fixes #33358 .
Built from https://develop.svn.wordpress.org/trunk@33620
git-svn-id: http://core.svn.wordpress.org/trunk@33587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-17 14:25:27 +00:00
Konstantin Obenland
7e3f0cf45e
Passwords: New UI for install screen.
...
Also synchronises the use of `pw_weak` as an input name and removes trailing
periods from checkbox labels.
Props MikeHansenMe, adamsilverstein, obenland.
See #32589 .
Built from https://develop.svn.wordpress.org/trunk@33246
git-svn-id: http://core.svn.wordpress.org/trunk@33218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:22:24 +00:00
Drew Jaynes
92d342f0d2
Fix the parameter description syntax in the hook docs for the `wp_safe_redirect_fallback` filter, added in 4.3.
...
See #32891 .
Built from https://develop.svn.wordpress.org/trunk@33233
git-svn-id: http://core.svn.wordpress.org/trunk@33205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 21:46:25 +00:00
Mark Jaquith
423a1a7ca4
New password change/set UI.
...
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords
see #32589
props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023
git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Helen Hou-Sandí
275bff1895
Fire the `check_admin_referer` action on failure as well as success.
...
This enables things like logging nonce failures in the admin.
props markjaquith.
fixes #32207 .
Built from https://develop.svn.wordpress.org/trunk@33017
git-svn-id: http://core.svn.wordpress.org/trunk@32988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 03:37:23 +00:00
Sergey Biryukov
74c7f59bb2
Revert [32702]. The URL may not have an `s` parameter as there are filters in place so that a plugin can return a URL with a completely different structure.
...
see #32572 .
Built from https://develop.svn.wordpress.org/trunk@32969
git-svn-id: http://core.svn.wordpress.org/trunk@32940 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-27 08:35:24 +00:00
Scott Taylor
f23199caaa
Remove the `whois.arin.net` link from `wp_notify_postauthor()` and `wp_notify_moderator()`.
...
Also, remove from `edit-form-comment.php` and add a new filter: `edit_comment_misc_actions`.
Props ozh, joedolson, rachelbaker.
Fixes #15281 .
Built from https://develop.svn.wordpress.org/trunk@32929
git-svn-id: http://core.svn.wordpress.org/trunk@32900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-24 20:56:27 +00:00
Scott Taylor
5c6b63d3a6
`if` is a statment, not a function.
...
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32800
git-svn-id: http://core.svn.wordpress.org/trunk@32771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 20:01:25 +00:00
Dion Hulse
2b2368d68f
Add a filter to wp_safe_redirect() for the fallback URL.
...
Props anubisthejackle. Fixes #22612
Built from https://develop.svn.wordpress.org/trunk@32793
git-svn-id: http://core.svn.wordpress.org/trunk@32764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 05:26:26 +00:00
Scott Taylor
f888767c73
`$status` shouldn't be loosely compared to `true` in `wp_xmlrpc_server::wp_deleteComment()`.
...
`$initial` shouldn't be loosely compared to `true` in `get_calendar()`.
`current_user_can()` shouldn't be loosely compared to `false` in `kses_init()`
`$get_all` shouldn't be loosely compared to `true` in `get_blog_details()`.
`is_array()` and `in_array()` shouldn't be loosely compared in `wpmu_validate_user_signup()`.
`$result` should by strictly compared in `check_ajax_referer()`.
`wp_verify_nonce()` should by strictly compared in `_show_post_preview()`.
`is_user_logged_in()` should not be loosly compared against `false` in `wp-signup.php`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32733
git-svn-id: http://core.svn.wordpress.org/trunk@32704 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-12 17:48:26 +00:00
Sergey Biryukov
c9dd28908a
In `get_avatar()`, avoid a second `get_avatar_data()` call to get the 2x URL.
...
props ravinderk.
fixes #32572 .
Built from https://develop.svn.wordpress.org/trunk@32702
git-svn-id: http://core.svn.wordpress.org/trunk@32672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-07 14:58:26 +00:00
Boone Gorges
f88996bed7
In `wp_notify_moderator()`, don't throw notice when comment belongs to a post with no author.
...
Props Oxymoron.
Fixes #32566 .
Built from https://develop.svn.wordpress.org/trunk@32692
git-svn-id: http://core.svn.wordpress.org/trunk@32662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-04 17:29:25 +00:00
Scott Taylor
26554549c7
Add missing doc blocks for `pluggable.php`.
...
Correct some `@return` values.
`is_user_logged_in()` can simply return the `->exists()` call instead of if/else'ing true/false.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32614
git-svn-id: http://core.svn.wordpress.org/trunk@32584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 15:32:26 +00:00
John Blackbourn
bb02256966
Introduce a `$token` argument to `wp_set_auth_cookie()` so session tokens can be reused by custom authentication implementations.
...
Props rmccue
Fixes 30247
Built from https://develop.svn.wordpress.org/trunk@32465
git-svn-id: http://core.svn.wordpress.org/trunk@32435 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-09 00:28:27 +00:00
Gary Pendergast
7ca423d449
The UTF-8 regex can occasionally fail on very low memory machines. Reduce the amount of memory it uses.
...
See #32204 .
Built from https://develop.svn.wordpress.org/trunk@32375
git-svn-id: http://core.svn.wordpress.org/trunk@32345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-06 06:58:24 +00:00
Sergey Biryukov
eef2dcfccd
Merge two different translator comments for the same string.
...
props pavelevap.
fixes #31999 .
Built from https://develop.svn.wordpress.org/trunk@32210
git-svn-id: http://core.svn.wordpress.org/trunk@32183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 15:36:26 +00:00
Boone Gorges
5b629644f9
Improve handling of incomplete From and Content-Type headers in `wp_mail()`.
...
When an incomplete header is provided (eg, 'From' with an email address but no
name), ensure that the WP defaults are filled in properly.
Props valendesigns.
Fixes #30266 .
Built from https://develop.svn.wordpress.org/trunk@32070
git-svn-id: http://core.svn.wordpress.org/trunk@32049 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-07 20:10:26 +00:00
Drew Jaynes
46cf634c90
Various inline documentation syntactical fixes in wp-includes/pluggable.php for 4.2 changes.
...
See #31888 .
Built from https://develop.svn.wordpress.org/trunk@32045
git-svn-id: http://core.svn.wordpress.org/trunk@32024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-05 16:46:26 +00:00
Sergey Biryukov
a1fb0a378c
Restore line breaks before comment text in comment notification emails.
...
fixes #31508 .
Built from https://develop.svn.wordpress.org/trunk@31770
git-svn-id: http://core.svn.wordpress.org/trunk@31750 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-13 18:29:27 +00:00
Helen Hou-Sandí
0b3170fc7d
Gravatars: Remove redundant 1x srcset.
...
props miqrogroove.
see #22329 .
Built from https://develop.svn.wordpress.org/trunk@31722
git-svn-id: http://core.svn.wordpress.org/trunk@31703 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-11 16:56:27 +00:00
Helen Hou-Sandí
0bf35836c3
Gravatars: Enable HiDPI versions for browsers that support srcset.
...
props iseulde.
see #22329 .
Built from https://develop.svn.wordpress.org/trunk@31721
git-svn-id: http://core.svn.wordpress.org/trunk@31702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-11 16:32:26 +00:00
Drew Jaynes
33d9dd8066
Adjust the description for the `$extra_attr` argument in the DocBlocks for `get_avatar_data()` and `get_avatar()`.
...
See [31561]. See #31469 .
Built from https://develop.svn.wordpress.org/trunk@31591
git-svn-id: http://core.svn.wordpress.org/trunk@31572 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-01 07:19:24 +00:00
Gary Pendergast
18bb886b22
When sanitizing a URL to redirect to, UTF-8 characters can be URL encoded, instead of being removed.
...
While RFC 3986 does not specify which character sets are allowed in URIs, Section 2.5 states that octects matching UTF-8 character encoding should be percent-encoded, then unreserved octets outside of the UTF-8 range should be percent-encoded. As browsers tend to only implement support for UTF-8 in URLs, this change only implements the UTF-8 encoding part. We may revisit the second part if it becomes an issue.
Fixes #31486
Built from https://develop.svn.wordpress.org/trunk@31587
git-svn-id: http://core.svn.wordpress.org/trunk@31568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-28 02:21:26 +00:00
Scott Taylor
e899c370a4
In `get_avatar_data()` and `get_avatar()`, allow `height` and `width` to be specified separately (both default to `size`). Also allow arbitrary attributes on the `<img>` via the `extra_attr` arg.
...
Props miqrogroove.
See #31469 .
Built from https://develop.svn.wordpress.org/trunk@31561
git-svn-id: http://core.svn.wordpress.org/trunk@31542 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-26 21:17:24 +00:00
Sergey Biryukov
add5f9bdf2
Remove `src` from duplicate hook comments for `get_avatar` and `get_avatar_data`.
...
see #21195 .
Built from https://develop.svn.wordpress.org/trunk@31480
git-svn-id: http://core.svn.wordpress.org/trunk@31461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-19 14:59:26 +00:00
Sergey Biryukov
01bb8478ff
Fix a typo in duplicate hook comment.
...
see [31107], #21195 .
Built from https://develop.svn.wordpress.org/trunk@31479
git-svn-id: http://core.svn.wordpress.org/trunk@31460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-19 14:56:28 +00:00
Drew Jaynes
947d04f323
Improve return and parameter documentation for `check_admin_referer()`, `check_ajax_referer()`, and `wp_verify_nonce()`.
...
Also update and clarify docsfor the `check_admin_referer` and `check_ajax_referer` hooks.
Props johnbillion, DrewAPicture.
Fixes #31055 .
Built from https://develop.svn.wordpress.org/trunk@31381
git-svn-id: http://core.svn.wordpress.org/trunk@31362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-09 04:57:27 +00:00
Scott Taylor
fe6b5983df
In PHP 5.0.0, `is_a()` became deprecated in favour of the `instanceof` operator. Calling `is_a()` would result in an `E_STRICT` warning.
...
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes #25672 .
Built from https://develop.svn.wordpress.org/trunk@31188
git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 01:06:24 +00:00
Gary Pendergast
4bc89fef32
In `get_avatar()`, revert the `<img>` tag attributes to using single quotes, instead of double quotes. This behaviour was changed in [31107], but caused problems for code that attempted to parse the `<img>` tag.
...
See #21195
Built from https://develop.svn.wordpress.org/trunk@31152
git-svn-id: http://core.svn.wordpress.org/trunk@31133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 00:03:24 +00:00
Scott Taylor
ac654632fe
Use `PHP_SAPI` constant instead of `php_sapi_name()` in `iis7_supports_permalinks()`, `wp_fix_server_vars()`, and `wp_redirect()`.
...
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@31120
git-svn-id: http://core.svn.wordpress.org/trunk@31101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 04:59:22 +00:00
Gary Pendergast
5ee3ff435d
Add `get_avatar_url()`, for retrieving just the URL of an avatar, rather than the entire `<img>` tag that `get_avatar()` produces.
...
Unlike `get_avatar()`, `get_avatar_url()` is not pluggable. It can be extended/or modified through the new filters included.
Fixes #21195 .
Props mdawaffe, pento, pathawks, DrewAPicture
Built from https://develop.svn.wordpress.org/trunk@31107
git-svn-id: http://core.svn.wordpress.org/trunk@31088 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-09 04:43:23 +00:00
Sergey Biryukov
e253251ef4
Remove space before comma in wp_notify_postauthor() and wp_notify_moderator().
...
see #30930 .
Built from https://develop.svn.wordpress.org/trunk@31060
git-svn-id: http://core.svn.wordpress.org/trunk@31041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-06 17:17:21 +00:00
Sergey Biryukov
71d255fde1
Remove padding from the comment notification emails in wp_notify_moderator().
...
See [30015] for wp_notify_postauthor().
props pavelevap.
fixes #30930 .
Built from https://develop.svn.wordpress.org/trunk@31059
git-svn-id: http://core.svn.wordpress.org/trunk@31040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-06 17:10:35 +00:00
John Blackbourn
d614abe3a2
Allow brackets in a URL when it's sanitised for a redirect. Brackets are valid in query parameters.
...
Fixes #30308
Props voldemortensen
Built from https://develop.svn.wordpress.org/trunk@30684
git-svn-id: http://core.svn.wordpress.org/trunk@30674 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-01 03:21:22 +00:00
John Blackbourn
17ddc06287
Allow square brackets in a URL when it's sanitised for a redirect. Square brackets are valid in query parameters and IPv6 addresses.
...
Fixes #17052
Props voldemortensen
Built from https://develop.svn.wordpress.org/trunk@30683
git-svn-id: http://core.svn.wordpress.org/trunk@30673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-01 03:16:22 +00:00
Scott Taylor
04453cbe01
Improve the `@param` docs for `src/wp-includes/pluggable*`.
...
See #30224 .
Built from https://develop.svn.wordpress.org/trunk@30667
git-svn-id: http://core.svn.wordpress.org/trunk@30657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 22:19:25 +00:00
Drew Jaynes
e4f52df62c
Fix DocBlock formatting for `wp_generate_password()`.
...
Props stevegrunwell for the initial patch.
Fixes #30509 .
Built from https://develop.svn.wordpress.org/trunk@30580
git-svn-id: http://core.svn.wordpress.org/trunk@30570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-26 20:38:23 +00:00
Dominik Schilling
e002b0fc07
Type cast `$nonce` to string in `wp_verify_nonce()`.
...
props jesin.
fixes #29542 .
Built from https://develop.svn.wordpress.org/trunk@30576
git-svn-id: http://core.svn.wordpress.org/trunk@30566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-26 19:19:23 +00:00
Drew Jaynes
188e47869f
Ensure inline code is markdown-escaped as such, HTML tags are removed from summaries, and that code snippets in descriptions are properly indented.
...
Affects DocBlocks for the following core elements:
* Markdown-indent a code snippet in the description for `wp_salt()`
* Backtick-escape inline code in the return description for `get_avatar()`
* Various markdown formatting in the description for `add_filter()`
* Markdown-indent a code snippet in the description for `apply_filters()`
* Backtick-escape inline code in the `@see` description for `apply_filters_ref_array()`
* Backtick-escape inline code in the description for `do_action()`
* Backtick-escape variables in the parameter and return descriptions for `do_action_ref_array()`
* Various markdown formatting in the description for `get_plugin_data()`
Props rarst.
See #30473 .
Built from https://develop.svn.wordpress.org/trunk@30544
git-svn-id: http://core.svn.wordpress.org/trunk@30533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-24 06:05:23 +00:00
Andrew Nacin
ddb3ee5057
Use hash_equals() for old md5 hashes.
...
Built from https://develop.svn.wordpress.org/trunk@30412
git-svn-id: http://core.svn.wordpress.org/trunk@30407 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 11:49:23 +00:00
Drew Jaynes
f7648300c8
Add missing documentation for the `$password` parameter, passed to the `check_password` hook.
...
Props coffee2code.
Fixes #30311 .
Built from https://develop.svn.wordpress.org/trunk@30381
git-svn-id: http://core.svn.wordpress.org/trunk@30378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-18 18:56:21 +00:00
Drew Jaynes
66c47f29bb
Correct references of `@uses $wpdb` in core documentation to use `@global`.
...
See #30191 , [30105].
Fixes #30217 .
Built from https://develop.svn.wordpress.org/trunk@30122
git-svn-id: http://core.svn.wordpress.org/trunk@30122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-31 17:56:22 +00:00
Drew Jaynes
f8657d5890
Remove redundant and erroneous `@uses` tag from most core inline documentation.
...
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.
Fixes #30191 .
Built from https://develop.svn.wordpress.org/trunk@30105
git-svn-id: http://core.svn.wordpress.org/trunk@30105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-30 01:05:24 +00:00
John Blackbourn
823cfebeca
Remove padding from the comment notification emails which is from a bygone fixed-width font era. Prevents alignment issues in email clients which use vairable width fonts for plain text emails. Fixes #16721 . Props DrewAPicture.
...
Built from https://develop.svn.wordpress.org/trunk@30015
git-svn-id: http://core.svn.wordpress.org/trunk@30015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-24 17:08:18 +00:00
Mark Jaquith
e1f2b3b9e2
Use HTTPS URLs for trac.wordpress.org (and use core.trac.wordpress.org)
...
see #27115
Built from https://develop.svn.wordpress.org/trunk@29789
git-svn-id: http://core.svn.wordpress.org/trunk@29561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-29 13:37:16 +00:00
Andrew Nacin
75ff6ae302
Add safeguards for when ext/hash is not compiled with PHP.
...
see #29518 , for trunk.
Built from https://develop.svn.wordpress.org/trunk@29751
git-svn-id: http://core.svn.wordpress.org/trunk@29523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-20 17:28:18 +00:00
Andrew Nacin
768136c6da
Rename the public methods in the session tokens API.
...
Introduces a new get( $token ) method. get_token() would not have made sense and spurred the overall renaming. Public methods are now get, get_all, verify, create, update, destroy, destroy_others, and destroy_all.
The protected abstract methods designed for alternative implementations remain the same.
props mdawaffe.
see #20276 .
Built from https://develop.svn.wordpress.org/trunk@29635
git-svn-id: http://core.svn.wordpress.org/trunk@29409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 02:07:16 +00:00
Andrew Nacin
3951d9689c
Require a non-empty $nonce value in wp_verify_nonce().
...
props ocean90.
fixes #29217 .
Built from https://develop.svn.wordpress.org/trunk@29620
git-svn-id: http://core.svn.wordpress.org/trunk@29394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-26 07:39:19 +00:00
Drew Jaynes
a227d4ff08
s/does/does not in `wp_set_password()` docblock.
...
See [29461]. See #28316 .
Built from https://develop.svn.wordpress.org/trunk@29462
git-svn-id: http://core.svn.wordpress.org/trunk@29240 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-10 02:44:16 +00:00
Drew Jaynes
0f7d35597c
Improve the `wp_set_password()` PHPDoc with a note to guard against executing the function on every page load, such as through a theme's functions.php file.
...
See #28316 .
Built from https://develop.svn.wordpress.org/trunk@29461
git-svn-id: http://core.svn.wordpress.org/trunk@29239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-10 02:39:16 +00:00
Andrew Nacin
ee4ce8688d
Escape late in get_avatar().
...
Built from https://develop.svn.wordpress.org/trunk@29397
git-svn-id: http://core.svn.wordpress.org/trunk@29175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 07:50:18 +00:00
Andrew Nacin
7d672c38a4
Constant time for wp_verify_nonce().
...
Built from https://develop.svn.wordpress.org/trunk@29382
git-svn-id: http://core.svn.wordpress.org/trunk@29160 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 05:26:16 +00:00
Andrew Nacin
654e46f03d
Tie cookies and nonces to user sessions so they may be invalidated upon logout.
...
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.
Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().
This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.
props duck_, nacin, mdawaffe.
see #20276 .
Built from https://develop.svn.wordpress.org/trunk@29221
git-svn-id: http://core.svn.wordpress.org/trunk@29005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 09:13:15 +00:00
Sergey Biryukov
177fe21194
Asterisk is an allowed character in a URI and should not be stripped out by wp_sanitize_redirect().
...
fixes #28362 .
Built from https://develop.svn.wordpress.org/trunk@28939
git-svn-id: http://core.svn.wordpress.org/trunk@28737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-01 15:56:15 +00:00
Scott Taylor
c8852cc909
Use the `WPINC` constant when loading `class-phpass.php`
...
Props wojtek.szkutnik
See #14157 .
Built from https://develop.svn.wordpress.org/trunk@28903
git-svn-id: http://core.svn.wordpress.org/trunk@28702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 22:12:16 +00:00
Andrew Nacin
dc0aca09f5
Fix documentation for wp_create_nonce() which wrongly suggests these tokens are actually numbers used once.
...
Built from https://develop.svn.wordpress.org/trunk@28793
git-svn-id: http://core.svn.wordpress.org/trunk@28606 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-20 20:47:14 +00:00
Scott Taylor
43bf7f271f
Don't use variable variables in `wp_salt()`.
...
See #27881 .
Built from https://develop.svn.wordpress.org/trunk@28741
git-svn-id: http://core.svn.wordpress.org/trunk@28555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-11 18:36:15 +00:00
Drew Jaynes
cb0fc9c64b
Update the `$secure_logged_in_cookie` variable in the 'secure_logged_in_cookie' hook docs following [28627].
...
See #15330 .
Built from https://develop.svn.wordpress.org/trunk@28628
git-svn-id: http://core.svn.wordpress.org/trunk@28448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-30 15:20:16 +00:00
Andrew Nacin
733057e7d6
Use a secure logged_in_cookie when the home URL is forced HTTPS (see #27954 ).
...
see #15330 .
Built from https://develop.svn.wordpress.org/trunk@28627
git-svn-id: http://core.svn.wordpress.org/trunk@28447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-30 15:08:15 +00:00
Scott Taylor
8e98541d5f
Eliminate the use of `extract()` in `wp_mail()`. Check the filtered array for each value before re-setting variables.
...
See #22400 .
Built from https://develop.svn.wordpress.org/trunk@28425
git-svn-id: http://core.svn.wordpress.org/trunk@28252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 06:17:15 +00:00
Scott Taylor
f5bd0de275
Eliminate the use of `extract()` in `wp_validate_auth_cookie()`.
...
Don't do anything fancy here, just set the 4 returned properties to variables. This function is semi-important.
See #22400 .
Built from https://develop.svn.wordpress.org/trunk@28424
git-svn-id: http://core.svn.wordpress.org/trunk@28251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 06:11:13 +00:00
Andrew Nacin
7f001bfe24
Harden HMAC verification. props duck_.
...
Built from https://develop.svn.wordpress.org/trunk@28053
git-svn-id: http://core.svn.wordpress.org/trunk@27883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-08 18:06:16 +00:00
Drew Jaynes
684145ca81
Inline documentation fixes related to the `determine_current_user` filter
...
See #26706 , #27700 .
Built from https://develop.svn.wordpress.org/trunk@28007
git-svn-id: http://core.svn.wordpress.org/trunk@27837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-07 21:18:15 +00:00
Drew Jaynes
100e737eb0
Inline documentation for hooks in wp-includes/pluggable.php.
...
Props kpdesign for some cleanup.
Fixes #26888 .
Built from https://develop.svn.wordpress.org/trunk@27825
git-svn-id: http://core.svn.wordpress.org/trunk@27659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-28 21:21:15 +00:00
Andrew Nacin
c3ca81ba94
Always decode special characters for email subjects.
...
props tlovett1, jeremyfelt.
fixes #25346 .
Built from https://develop.svn.wordpress.org/trunk@27801
git-svn-id: http://core.svn.wordpress.org/trunk@27636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-28 02:44:15 +00:00
Andrew Nacin
182de5881d
Avoid notices in wp_notify_postauthor() when a post has no author.
...
props drozdz.
fixes #26659 .
Built from https://develop.svn.wordpress.org/trunk@27568
git-svn-id: http://core.svn.wordpress.org/trunk@27411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-17 20:31:14 +00:00
Andrew Nacin
e7be7a0a8d
Use get_comment_link() in wp_notify_postauthor().
...
Fixes pagination for the link directly to the moderated comment.
props eatingrules.
fixes #26133 .
Built from https://develop.svn.wordpress.org/trunk@27567
git-svn-id: http://core.svn.wordpress.org/trunk@27410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-17 20:20:15 +00:00
Andrew Nacin
acba3131d7
Allow for custom authentication handlers for all requests.
...
Turn the logic used by wp_get_current_user() into a determine_current_user filter.
props rmccue.
fixes #26706 .
Built from https://develop.svn.wordpress.org/trunk@27484
git-svn-id: http://core.svn.wordpress.org/trunk@27328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-09 15:23:15 +00:00
Drew Jaynes
db605f4767
Improve inline documentation for `wp_new_user_notification()`.
...
Props antorome for the initial patch.
Fixes #26703 .
Built from https://develop.svn.wordpress.org/trunk@27149
git-svn-id: http://core.svn.wordpress.org/trunk@27016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-09 21:07:12 +00:00
Sergey Biryukov
1f86e0c1e1
Fix typo in wp_set_auth_cookie() description.
...
props drozdz.
fixes #27046 .
Built from https://develop.svn.wordpress.org/trunk@27116
git-svn-id: http://core.svn.wordpress.org/trunk@26983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-07 09:47:12 +00:00
Drew Jaynes
cd8cedc40d
First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin.
...
Props JustinSainton, SergeyBiryukov, DrewAPicture.
Fixes #26713 .
Built from https://develop.svn.wordpress.org/trunk@26868
git-svn-id: http://core.svn.wordpress.org/trunk@26754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-24 18:57:12 +00:00
Drew Jaynes
223a2c7138
Inline documentation for the following filter hooks in wp-includes/pluggable.php:
...
* `comment_notification_recipients`
* `comment_notification_notify_author`
Also removes some generic `@uses` tags from various related doc blocks.
Props markjaquith.
Fixes #25699 .
Built from https://develop.svn.wordpress.org/trunk@26388
git-svn-id: http://core.svn.wordpress.org/trunk@26288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-26 04:10:09 +00:00
Mark Jaquith
c2cdbf9648
Fix `comment_notification_recipients` filter behavior so that it is still respected even on comments left by the post author
...
The code was bailing on this-is-a-comment-on-your-own-post detection, ignoring additional recipients. Now:
* Logic check is done within `wp_notify_postauthor()`
* Logic check is overridable via `comment_notification_notify_author` filter (default still false)
* The code doesn't bail on comment-on-own-post detection, but just removes the author from the array
* The code instead now bails if the recipients list is empty, so `comment_notification_recipients` works properly
props ethitter.
fixes #25699
Built from https://develop.svn.wordpress.org/trunk@26367
git-svn-id: http://core.svn.wordpress.org/trunk@26268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-25 01:47:10 +00:00
Peter Westwood
bca9252522
Deprecate the second argument for wp_notify_postauthor because it is unecessary. Fixes #17862 props scribu and wonderboymusic.
...
Built from https://develop.svn.wordpress.org/trunk@26358
git-svn-id: http://core.svn.wordpress.org/trunk@26259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-24 16:26:10 +00:00
Sergey Biryukov
12d10da7e6
Remove redundant cleanup of PHPMailer addresses in wp_mail().
...
props bananastalktome.
fixes #25789 .
Built from https://develop.svn.wordpress.org/trunk@26121
git-svn-id: http://core.svn.wordpress.org/trunk@26033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 03:45:11 +00:00
Sergey Biryukov
eae4e5936f
Use case-insensitive comparison for email addresses. fixes #25779 .
...
Built from https://develop.svn.wordpress.org/trunk@26115
git-svn-id: http://core.svn.wordpress.org/trunk@26027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 02:41:09 +00:00
Sergey Biryukov
9c3b98e6d3
Avoid PHP notices in wp_notify_postauthor() when using a custom comment type.
...
Use a switch statement for consistency with wp_notify_moderator().
fixes #25880 .
Built from https://develop.svn.wordpress.org/trunk@26114
git-svn-id: http://core.svn.wordpress.org/trunk@26026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 02:32:10 +00:00
Sergey Biryukov
40391f4e37
Fall back to comment author email in get_avatar() if the user who left the comment no longer exists.
...
props mauryaratan, lite3.
fixes #25803 .
Built from https://develop.svn.wordpress.org/trunk@26000
git-svn-id: http://core.svn.wordpress.org/trunk@25933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-02 12:20:11 +00:00
Andrew Nacin
70fd806759
Revert r25824:25875 from the core.svn.wordpress.org repository.
...
These commits were accidentally re-synced commits from develop.svn.wordpress.org due to a race condition. Thankfully, the history of this repository matters fairly little. It also happened only for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@25876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-25 02:29:52 +00:00
Andrew Nacin
8ae8e01b67
Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
...
see #27704 .
Built from https://develop.svn.wordpress.org/trunk@25825
git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Andrew Nacin
9c6a15ef8f
Maintain the same output for get_avatar() as 3.6. see [25895].
...
Built from https://develop.svn.wordpress.org/trunk@25899
git-svn-id: http://core.svn.wordpress.org/trunk@25811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 19:32:09 +00:00
Andrew Nacin
af4535596b
Always escape URLs at the last possible moment.
...
Built from https://develop.svn.wordpress.org/trunk@25895
git-svn-id: http://core.svn.wordpress.org/trunk@25807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 18:52:11 +00:00
Andrew Nacin
e2413462de
Move the trim() from wp_set_password() to inside wp_hash_password().
...
props rpattillo, joehoyle.
fixes #24973 . see #23494 .
Built from https://develop.svn.wordpress.org/trunk@25709
git-svn-id: http://core.svn.wordpress.org/trunk@25623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-07 13:54:10 +00:00
Scott Taylor
c2312dfe4c
Use `elseif` when slurping the `nonce` in `check_ajax_referer()` to avoid accidentally overwriting it.
...
Fail wonderboymusic in [25433].
Props ocean90.
Fixes #25369 .
See [25433].
Built from https://develop.svn.wordpress.org/trunk@25550
git-svn-id: http://core.svn.wordpress.org/trunk@25470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-21 16:26:12 +00:00
Scott Taylor
5df8338e0a
Fix some undefined index notices related to Comment unit tests:
...
* There are several places where a `$_POST` index was unchecked before setting a variable
* In `wp_notify_postauthor()`, `$comment` was being returned null, but its properties were being accessed.
* In `check_ajax_referer()`, 3 different values can be checked for nonce on `$_REQUEST`, but only 1 had an `isset()`
See #25282 .
Built from https://develop.svn.wordpress.org/trunk@25433
git-svn-id: http://core.svn.wordpress.org/trunk@25355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-13 22:18:08 +00:00
Andrew Nacin
cf3fddde96
Validate referrers to prevent off-domain redirects.
...
Built from https://develop.svn.wordpress.org/trunk@25318
git-svn-id: http://core.svn.wordpress.org/trunk@25280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 18:07:10 +00:00
Andrew Nacin
9fdfa7ef5c
Short descriptions for inline docs should end with a period, per the vast majority of core. see #25229 .
...
Built from https://develop.svn.wordpress.org/trunk@25273
git-svn-id: http://core.svn.wordpress.org/trunk@25239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-06 01:38:09 +00:00
Sergey Biryukov
9769012244
Add phpdoc for 'wp_redirect' and 'wp_redirect_status' filters. props DrewAPicture. fixes #25215 .
...
Built from https://develop.svn.wordpress.org/trunk@25230
git-svn-id: http://core.svn.wordpress.org/trunk@25200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-04 08:31:09 +00:00
Sergey Biryukov
6760d294bb
Update phpdoc for get_user_to_edit(), get_userdata(), and get_user_by(). props tivnet. fixes #24992 .
...
Built from https://develop.svn.wordpress.org/trunk@25204
git-svn-id: http://core.svn.wordpress.org/trunk@25176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-02 03:25:09 +00:00
Andrew Ozz
3c3ec6dd8c
Logging in: when the Remember Me checkbox is checked, make sure the browser continues to send the expired cookies so the "login grace period" for POST and AJAX requests works. Fixes #24735 .
...
Built from https://develop.svn.wordpress.org/trunk@25107
git-svn-id: http://core.svn.wordpress.org/trunk@25089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-23 21:27:08 +00:00
Sergey Biryukov
688ecb9fcc
Use correct variable. see #22922 .
...
Built from https://develop.svn.wordpress.org/trunk@25105
git-svn-id: http://core.svn.wordpress.org/trunk@25087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-23 20:57:11 +00:00
Andrew Nacin
0adcab1f7f
Add filters to the recipients of emails sent by wp_notify_postauthor() and wp_notify_moderator().
...
The new filters are called comment_notification_recipients and comment_moderation_recipients.
Add the context of $comment_id to the comment_moderation_headers filter, to match the comment_notification_headers filter.
props chipbennett.
fixes #22922 , #20353 .
Built from https://develop.svn.wordpress.org/trunk@25104
git-svn-id: http://core.svn.wordpress.org/trunk@25086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-23 19:36:10 +00:00
Ryan Boren
26eb1dc6ee
Return true from wp_redirect() when redirect successful. Update phpdoc.
...
Props tivnet
fixes #24969
git-svn-id: http://core.svn.wordpress.org/trunk@24996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-06 17:44:32 +00:00
Andrew Nacin
0f84b87380
Do not notify the post author about comments if they are no longer a member of the blog.
...
This updates [23294] to use capability checks to determine if the user can still edit a post, which works for super admins. Additionally, it hides Trash/Spam action links when the user is still a member of the blog but cannot (or can no longer) moderate the comment.
fixes #23136 .
git-svn-id: http://core.svn.wordpress.org/trunk@24649 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-10 22:01:12 +00:00
Sergey Biryukov
8655b33360
Make wp_mail() return the actual result of PHPMailer::Send() instead of always returning true. props chmac. fixes #23642 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-29 23:03:13 +00:00
Andrew Nacin
e27d41d8e7
Add strict check to wp_verify_nonce() to avoid issues when it is improperly called.
...
git-svn-id: http://core.svn.wordpress.org/trunk@24461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 02:11:31 +00:00
Peter Westwood
b85cb06509
Pluggable Auth: When setting new passwords for users trim any leading or trailing space to match what we do when we test passwords.
...
Fixes #23494
git-svn-id: http://core.svn.wordpress.org/trunk@23814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-27 14:15:13 +00:00
Mark Jaquith
576e487663
Minor revisions PHP reorg, code cleanup, restores _post_restored_from functionality.
...
props adamsilverstein. see #23497
git-svn-id: http://core.svn.wordpress.org/trunk@23811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-27 11:56:28 +00:00
Peter Westwood
9d6988a221
Revisions: UI Update.
...
* Refines the UI to make it clearer and easier to use
* Introduces weighted tickmarks
* Fixes comparison bugs.
See #23497 props adamsilverstein
git-svn-id: http://core.svn.wordpress.org/trunk@23769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-21 15:54:11 +00:00
Peter Westwood
51db623107
Revisions: Updates to the new Revisions UI.
...
Various Updates including:
* i18n fixes
* Added tracking of what revision ID was restored
* async fetching of diffs so that slider works sooner even with many revisions
See #23497 props adamsilverstein, ethitter
git-svn-id: http://core.svn.wordpress.org/trunk@23639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-07 15:32:26 +00:00
Ryan Boren
6c14f1a116
Remove unnecessary stripslashes().
...
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 20:55:30 +00:00
Ryan Boren
43a7e695e9
Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
...
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Peter Westwood
9bd192fab3
Revisions: First pass an implementing a new UI/UX for reviewing the revisions of posts. See #23497 props adamsilverstein for the initial patch.
...
This implements a new revisions ui using Backbone and preserves all the old methods of "integration" so the change should be transparent to plugins using revisi
ons with CPTs.
This is the first pass and so there are a number of things still to be resolved, more details in the ticket. Feedback welcomed.
git-svn-id: http://core.svn.wordpress.org/trunk@23506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-28 15:14:34 +00:00
Ryan Boren
cc5ed3a485
Change all core API to expect unslashed rather than slashed arguments.
...
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.
Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.
Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.
Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.
Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.
Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.
Plugins should use wp_unslash() on data being passed to core API.
Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.
Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.
Remove many no longer necessary calls to $wpdb->escape() and esc_sql().
In wp_get_referer() and wp_get_original_referer(), return unslashed data.
Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.
Switch several queries over to prepare().
Expect something to break.
Props alexkingorg
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
5f05d09dc2
Use a human-readable constant in wp_set_auth_cookie(). fixes #23372 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@23388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-06 03:44:43 +00:00
Mark Jaquith
2d6e677a03
Do not notify the post author about comments if they are no longer a member of the blog. props nickmomrick. fixes #23136
...
git-svn-id: http://core.svn.wordpress.org/trunk@23294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-08 04:03:16 +00:00
Mark Jaquith
3c0d96524c
Move 'endif;' to its own line instead of having it room with a right curly brace. props dimadin. fixes #22586
...
git-svn-id: http://core.svn.wordpress.org/trunk@23228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-29 18:01:41 +00:00
Andrew Nacin
ad53112897
Pass 'blank' to Gravatar rather than sending blank.gif for Gravatar to proxy. props miqrogroove, fixes #22354 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@22566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-14 05:29:56 +00:00
Andrew Nacin
557d9313a7
Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Andrew Nacin
52320dc5b3
It is 'Alternative Text', not 'Alternate Text'. props alecrust, RyanJKoehler. fixes #21176 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-19 16:55:43 +00:00
Andrew Nacin
8886eef8d9
Add nonce_user_logged_out filters to wp_create_nonce() and wp_verify_nonce() for when there is no user ID. Provides plugins the ability to tie a nonce to some other characteristic of the session. props sc0ttkclark, fixes #21111 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-13 17:17:47 +00:00
Peter Westwood
fb917e5d95
Make sure that we always generate random numbers correctly even if the PHP build is slightly broken and truncates large integers.
...
Fixes #19571 props mdawaffe.
git-svn-id: http://core.svn.wordpress.org/trunk@21685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-31 09:45:50 +00:00
Ryan Boren
c55cf716da
Use set_url_scheme(). Props johnbillion, MarcusPope. see #19037 #20759
...
git-svn-id: http://core.svn.wordpress.org/trunk@21664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-30 13:33:00 +00:00
Andrew Nacin
46eb6f0c26
Move the optimization done to get_user_by() in [21376] higher up the stack, into map_meta_cap() and is_super_admin().
...
This provides nearly the same benefits without possibly receiving a stale object from get_userdata(),
which could affect authentication, and introduce side effects for plugins.
see #21120 .
git-svn-id: http://core.svn.wordpress.org/trunk@21563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-20 21:58:34 +00:00
nacin
7127ed1197
Move most instances of new WP_User to get_userdata(). see #21120 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
nacin
174dad02bc
Optimize get_user_by( 'id', $id ) to return wp_get_current_user() when the current user ID is requested.
...
Provides for a major performance improvement by preventing repeated instantiations of WP_User in the capabilities API.
see #21120 .
git-svn-id: http://core.svn.wordpress.org/trunk@21376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-31 17:45:38 +00:00
nacin
725e0cc1df
Remove $wp_secret_key_default.
...
With the duplicate key checks, this is isn't necessary. It could also cause problems when you
temporarily update to an English translation of a new version before going back to the locale.
see #19599 .
git-svn-id: http://core.svn.wordpress.org/trunk@20691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-02 19:29:39 +00:00
duck_
0915eb5d43
Add missing "?" to gravatar_default URL in get_avatar() to set size parameter correctly. Fixes #20512 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-22 11:45:31 +00:00
duck_
b0a975512a
Don't override the $current_user global in get_currentuserinfo() on an XML-RPC request
...
if it's non-empty. Fixes capabilities checks for XML-RPC requests. See #20372 .
git-svn-id: http://svn.automattic.com/wordpress/trunk@20424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 16:19:53 +00:00
ryan
a831898020
When fetching the user in get_currentuserinfo(), make sure it is a valid WP_User object. If it is stdClass, upgrade it to WP_User. If it is WP_Error, an int, or anything else, set the current user to ID 0.
...
In wp_set_current_user(), return the current user global only if it is a WP_User object. If it is not, fall through and go about setting it up properly.
Formatting cleanups for both functions.
see #20372
git-svn-id: http://svn.automattic.com/wordpress/trunk@20410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-09 22:01:07 +00:00
nacin
2410e392b9
wp_set_current_user(0) for XMLRPC_REQUEST in get_currentuserinfo(). Ensures that wp_get_current_user() always returns a WP_User object. see #20372 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-08 01:06:44 +00:00
ryan
de41bc288b
Introduce WP_User::exists(). see #20372
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-06 19:18:45 +00:00
nacin
20f416f286
Internally cache return values of wp_salt(). Always run the filter. Big performance gains on a pageload that generates hundreds of nonces. see #19599 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@20135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-07 03:41:56 +00:00
ryan
6aedd9d0f0
Split the main WP_Query posts query into two queries to avoid temp tables. Leverage cache to avoid second query in persistent cache environments. Props scribu, cheald, prettyboymp. see #18536
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-14 15:09:35 +00:00
nacin
acd0f7c375
Re-purpose wp_die() for ajax responses.
...
* Allows unit testing of core ajax actions.
* wp_die() now has separate filters to choose a handler depending on the context (ajax, XML-RPC, else).
* wp_die) in ajax context does not need to be called with a string. Conversion takes place before die().
props kurtpayne, see #15327 .
git-svn-id: http://svn.automattic.com/wordpress/trunk@19801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-31 22:12:58 +00:00
nacin
017f5e4aeb
Provide a DB fallback for keys in wp_salt(). Fall back when any secret is used more than once. Change how we detect a localized 'put your unique phrase here' -- eliminate $wp_default_secret_key and introduce $wp_secret_key_default to be added during the localized build process, not by translators. fixes #19599 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-27 18:52:20 +00:00
duck_
81a7ad2c81
split was deprecated in PHP 5.3.0, so use explode instead. Props garyc40. Fixes #16325 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-09 21:20:51 +00:00
ryan
81283c0561
Update wp_salt() phpdoc. fixes #18696
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-09 20:52:08 +00:00
ryan
83b131f8e3
User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:50:54 +00:00
nacin
d56fe066da
s/is/if/. props ocean90.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-20 22:06:34 +00:00
nacin
2454f5b0d9
Gravatar emails should be trimmed before being lowered and hashed. props evansolomon. fixes #19614 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-20 22:00:44 +00:00
ryan
07ff8b216b
Use one space, not two, after trailing punctuation. fixes #19537
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
duck_
424cd58652
Correct @param text ordering to put "Optional." in description, see r19019 and #18958 . Also remove empty docblock tag.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19030 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-20 15:53:57 +00:00
westi
5eef6313ef
Improve the parsing of email addresses in wp_mail to re-support RFC2822 nameless "<address@tld.com>" style. Fixes #18463 props kitchin and SergeyBiryukov.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-19 14:30:50 +00:00
duck_
2f51b9be0d
Fix typos in documentation (wp-includes/[i-z]). See #18560 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-05 19:08:15 +00:00
ryan
0f06334e11
Introduce metadata_exists(), WP_User::get_data_by(), WP_User::get(), WP_User::has_prop(). Don't fill user objects with meta. Eliminate data duplication in cache and memory. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-24 19:32:59 +00:00
dd32
6fa755e68e
Harden up is_user_logged_in() against empty $current_user instances to prevent PHP Notices on XML-RPC requests. Fixes #18458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-17 08:51:36 +00:00
ryan
ec4ccf2900
Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:57:31 +00:00
ryan
6c81d023bb
Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-04 03:09:27 +00:00
markjaquith
f030e87cdc
Throw _doing_it_wrong() when nonce action not passed to check_admin_referer(). props duck_. see #16449
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-08 16:56:26 +00:00
westi
5e908c7190
Update wp_mail to correctly call the Address adding functions on PHPMailer for To, CC, BCC in a way which preserves our support for full RFC2822 address specifications.
...
Older versions of PHPMailer were not too careful about validating what we passed in to them as a plain email address - the new version expects we pass in the Name and Email address seperately.
Fixes #17305 based on a patch from dllh.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-23 11:14:05 +00:00
ryan
7f9f067e60
Use exceptions with phpmailer to avoid headers already sent errors. fixes #17228
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-28 18:16:01 +00:00
ryan
c5b47b029c
Remove setcookie() back compat. Props hakre. see#16920
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-06 17:07:59 +00:00
markjaquith
b9487742e0
Improvement to check_admin_referer() when called without first argument (PLUGIN AUTHORS: STOP DOING THAT). props indie-ulf. fixes #16449 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-03 20:42:00 +00:00
ryan
8066547be3
Add some cookie filters to allow plugins more control over SSL cookie delivery. see #15330
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-06 04:08:23 +00:00
dd32
9c4b151ba2
Restore pre-3.1 "Status:" header handling for IIS in wp_redirect. Revist in 3.2 to see if it's still required. Fixes #10187
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-14 10:15:31 +00:00
nacin
09e076b152
Remove unnecessary space. props demetris, JohnPBloch. fixes #12797 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-06 22:56:47 +00:00
nacin
de65e1f2f3
Fix arin whois link. props ozh. @todo consider its removal. see #15281 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 00:54:22 +00:00
nacin
81a8f2d3ce
Use square brackets instead of braces for string access. props hakre, fixes #13900 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 09:53:55 +00:00
nacin
d974a35fb0
Don't notify the author when they posted or moderated the comment. fixes #12774 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-11 16:28:49 +00:00
ryan
0a0d648660
Send moderation emails to post author. see #6286
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-06 15:20:50 +00:00
ryan
98c65bd2f7
Don't fire wp_notify_postauthor() when the author moderated the comment. Props mrmist. fixes #12774
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@16208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-05 15:36:04 +00:00
ryan
9c31fd7c70
First pass of user admin. Network admin and screen cleanups. see #14696
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-07 19:34:18 +00:00
dd32
9ce6d04ffb
Retire IIS 3,4,5 Set-Cookie redirection workaround. See [2436] for original implementation. See #10187
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-02 04:02:24 +00:00
ryan
b482fe4499
Link directly to comment in email notification. Props lancewillett. fixes #12797
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-08-31 18:24:41 +00:00
ryan
977102dbb1
Typo fix. Props pedger, mattsains. fixes #13740
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@15149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-06 14:44:48 +00:00
ryan
1a552dd029
Strip trailing whitespace
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-26 02:42:15 +00:00
ryan
2a99808ad2
Email messages should be plain text. Props arena. see #13488
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-22 13:48:38 +00:00
nacin
e85693b8a9
False alarm, something else is going on here. Revert [14780], restore [14695]. see #13317 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14781 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-21 15:08:07 +00:00
nacin
39af37992a
Revert [14695]. We need to be a bit less strict. see #13317 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-21 15:03:54 +00:00
westi
6881380fc0
Don't return data for user 1 when passed in junk like an array. See #13317 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-16 20:34:02 +00:00
nacin
0961da9244
Whitespace and standards in get_userdata. fixes #13317 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-12 18:59:03 +00:00
ryan
5c48b8b015
Force reauth when auth_redirect() redirects to login. see #12142
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-11 13:44:40 +00:00
wpmuguru
7c47fba666
use same salts/keys across network, see #12142
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14458 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-04 22:08:53 +00:00
nacin
e64a657575
s/blog/site/ in even more places. props PeteMall, see #11644 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-30 03:17:49 +00:00
nacin
b18ac8fcdb
Deprecate set_current_user() in favor of wp_set_current_user().
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-14 22:06:03 +00:00
dd32
442d41291a
Tweak new strings for better typography. Props demetris. Fixes #12962
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-11 10:41:54 +00:00
ryan
11dc8e15c9
Check for urls that have a scheme but no host in wp_validate_redirect().
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-29 16:47:17 +00:00
nacin
8c8bf5039f
Remove unnecessary ternary operators such as (expr) ? true : false.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-19 21:15:00 +00:00
ryan
e25a65b36a
Trim trailing whitespace
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-17 16:27:25 +00:00
ryan
2486cc70f7
Restrict schemes allowed in wp_validate_redirect()
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-11 14:54:11 +00:00
ryan
086ad7d933
Improve user listing performance. Props miqrogroove. see #11914
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-03 19:08:30 +00:00
matt
73a11f4d4e
Better subdomains for faster Gravatar loading. An update to [13385].
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-02 21:59:15 +00:00
nacin
1cade6654c
Allow multiple To: recipients in wp_mail(). Improve handling of \r\n in headers and multiple CC/BCC headers. fixes #10420
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-27 16:10:45 +00:00
nacin
f1f86f16e3
Remove explicit references to the post ID from moderation and comment e-mails. Fixes #12388
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13432 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-26 17:18:59 +00:00
ryan
a312eea3a7
Hash to static gravatar domains. Props apokalyptik.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-24 20:50:40 +00:00
nacin
8bcc5969dc
Spelling and grammar fun. Fixes #11875 props cnorris23
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13382 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-24 20:13:23 +00:00
nacin
2dcfc0913b
Remove unused 'secret' option. Fixes #12221
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13309 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-22 20:27:02 +00:00
dd32
679250491d
Variable Cleanup, Unused variables, Typo'd variables, unused code blocks. Fixes #12299
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-20 02:01:46 +00:00
nacin
8d39376b5a
Add filter to get_avatar() to allow avatars for custom comment types. Props usermrpapa. Fixes #11880
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-19 20:27:56 +00:00
nacin
91e0c6a98c
Allow more special characters in wp_generate_password() second pass. props sivel, see #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-19 00:03:36 +00:00
nacin
54c4ac3c8f
Move deprecated pluggable functions to a new file to lower their profile. Also throw deprecated warnings if a plugin defines a deprecated pluggable function. See #11388
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-18 23:17:06 +00:00
nacin
db0e494344
Use an expanded special character set when generating auth keys and salts via wp_generate_password(). Props sivel, see #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13137 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-14 04:06:30 +00:00
nacin
5871a56009
Fall back to wp_generate_password() in setup-config.php if HTTPS request for secret keys fails. Also use pretty link to secret-key API, see #12159
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13133 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-14 02:47:45 +00:00
nacin
fd5f785cce
Move deprecated functions to deprecated.php. Deprecate get_the_attachment_link() for wp_get_attachment_link(), get_attachment_icon_src() for wp_get_attachment_image_src(),
...
get_attachment_icon() and get_attachment_innerHTML() for wp_get_attachment_image(), get_link() for get_bookmark(). Add missing deprecated version numbers. Add inline documentation to pluggable functions that are deprecated. See #11388
git-svn-id: http://svn.automattic.com/wordpress/trunk@13093 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-13 06:39:51 +00:00
nacin
833f6172f7
Optimize wp_rand(), only check transient when needed. Fixes #12144 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13080 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-13 03:33:33 +00:00
westi
6289876414
Ensure we ignore the _SALT defines if they are set to the "default" unconfigured values or empty. See #12159 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-11 22:51:51 +00:00
ryan
9fc2bef3d1
Move blog deletion to ms-delete-site.php. see #11644
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12828 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-25 22:46:41 +00:00
ryan
6da55f7792
Trailing whitespace cleanup
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12733 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-15 22:11:12 +00:00
westi
904b89dc9f
Run the old WPMU random_password filter in wp_generate_password(). Fixes #11746 props uglyrobot.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-07 20:49:04 +00:00
ryan
ec8e347792
Introduce home_url(). Props Denis-de-Bernardy, hakre. see #9008
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12598 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-04 17:23:29 +00:00
ryan
6ae74dfd09
Don't fall back to logged in cookie if in the admin.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12408 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-15 19:57:20 +00:00
azaozz
acf271551d
Add 'trash' in comment moderation emails, props nacin, fixes #11426
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-15 10:55:55 +00:00
westi
2c4aadf49f
Fix some more html encoding in email subject issues. Fixes #9913 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-14 22:09:54 +00:00
westi
5d087be7e9
Don't html encode quotes in the blogname in email subjects as this is a plain text output. Fixes #9913 props tenpura.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-13 11:38:45 +00:00