Sergey Biryukov
7ddbbfec08
Users: `wp_signon()` expects an array as the `$credentials` argument, not a string.
...
If an empty string was passed, redeclare it as an empty array to avoid a warning and a fatal error in PHP 7.1.0 Alpha 1.
Props simonvik.
Fixes #37071 .
Built from https://develop.svn.wordpress.org/trunk@37697
git-svn-id: http://core.svn.wordpress.org/trunk@37663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 15:34:29 +00:00
Drew Jaynes
f82641ad0e
Docs: Standardize filter docs in root folder files to use third-person singular verbs per the inline documentation standards for PHP.
...
Fixes #36913 .
Built from https://develop.svn.wordpress.org/trunk@37535
git-svn-id: http://core.svn.wordpress.org/trunk@37503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 16:44:27 +00:00
Boone Gorges
720e2af290
During password reset, user-submitted login/email should be stripslashed.
...
This prevents errors when an email address contains an apostrophe. See [29966]
for similar treatment of a related problem.
Props dcavins.
Fixes #36322 .
Built from https://develop.svn.wordpress.org/trunk@37474
git-svn-id: http://core.svn.wordpress.org/trunk@37442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-20 19:21:30 +00:00
Sergey Biryukov
c8fe7cc538
Login/Registration: Add `login_header` action that fires in the login page header after the body tag is opened and complements `login_footer`.
...
Props borkweb, iamfriendly, voldemortensen.
Fixes #22139 .
Built from https://develop.svn.wordpress.org/trunk@37243
git-svn-id: http://core.svn.wordpress.org/trunk@37209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-18 23:54:29 +00:00
Jeremy Felt
27e29666a8
Multisite: Handle redirect to a user's subdomain properly during login
...
`wp-login.php` uses `wp_safe_redirect()` for all redirects, even those that do not involve unsafe data from the request or referer.
When a user of a subdomain site attempts to login to a network site they do not have access to, the host in the redirect URL is treated as unsafe by `wp_safe_redirect()` as it has no immediate awareness as to which hosts are valid on the network. On a subdirectoy network, everything works as expected because the host is the same.
In this specific block of `wp-login.php`, all URLs are generated by WordPress and we can use `wp_redirect()` to handle the redirects. Users authenticating via other network sites will now be redirected properly. Hosts passed via the `redirect_to` query var will continue to be handled by `wp_safe_redirect()`.
Fixes #30598 .
Built from https://develop.svn.wordpress.org/trunk@36867
git-svn-id: http://core.svn.wordpress.org/trunk@36834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-06 03:06:29 +00:00
Dominik Schilling
7ebe2c1e7a
Authentication: Allow users to log in using their email address.
...
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.
Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568 .
Built from https://develop.svn.wordpress.org/trunk@36617
git-svn-id: http://core.svn.wordpress.org/trunk@36584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-22 23:15:27 +00:00
Sergey Biryukov
6e60f8b6f8
Login: In `login_header()`, use correct separator for RTL locales.
...
Props ramiy.
Fixes #35737 .
Built from https://develop.svn.wordpress.org/trunk@36487
git-svn-id: http://core.svn.wordpress.org/trunk@36454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-06 22:56:27 +00:00
Dion Hulse
987ce83cfc
CSS: Stop using `wp-admin.min.css` and instead queue the individual stylesheets up through `load-styles.php`.
...
We still generate the `wp-admin.*` files for compabitility purposes, however they only include the `@import()` lines.
Fixes #35229
Built from https://develop.svn.wordpress.org/trunk@36341
git-svn-id: http://core.svn.wordpress.org/trunk@36308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-18 09:57:29 +00:00
John Blackbourn
d4eb85569b
Login: Revert [34213] and [35897]. It has become apparent that there is a need for a separate function (and corresponding filter) which allows for the login form action URL to differ from the URL used to access the login form, so that plugins or implementations which change the login URL do not need to worry about handling the form submission at the same URL.
...
For now, we'll revert to the pre-4.4 behaviour of hard-coding the login form action URL as `wp-login.php` and look at implementing a separate function and corresponding filter in 4.5.
Props KrissieV, salcode, JPry
Fixes #34925
See #35103
Built from https://develop.svn.wordpress.org/trunk@36042
git-svn-id: http://core.svn.wordpress.org/trunk@36007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-21 03:23:29 +00:00
Pascal Birchler
2981d66990
Login: After [34213], use the `login_post` scheme again for login forms.
...
See #34925 .
Built from https://develop.svn.wordpress.org/trunk@35897
git-svn-id: http://core.svn.wordpress.org/trunk@35861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-13 14:03:26 +00:00
Drew Jaynes
b3d28ad0b9
Administration: Improve the message displayed in the login form modal when a user's session has expired.
...
Props obrienlabs.
Fixes #34340 .
Built from https://develop.svn.wordpress.org/trunk@35865
git-svn-id: http://core.svn.wordpress.org/trunk@35829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-11 16:01:28 +00:00
Andrea Fercia
2ae5db3856
Accessibility: remove no-purpose title attributes from the login screen.
...
Also, it's hard to convey the ironic tone of the sentences used for these title attributes in languages other than English.
Fixes #34943 .
Built from https://develop.svn.wordpress.org/trunk@35846
git-svn-id: http://core.svn.wordpress.org/trunk@35810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-09 22:20:29 +00:00
Sergey Biryukov
788ea5ba5a
Reset Password: Improve wording for a string used in password reset email.
...
Props obrienlabs.
Fixes #34605 .
Built from https://develop.svn.wordpress.org/trunk@35559
git-svn-id: http://core.svn.wordpress.org/trunk@35523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-06 22:36:25 +00:00
Drew Jaynes
ad6a1303dc
Login: Pass the username and `WP_User` object to the `retrieve_password_title` filter.
...
Adding these parameters creates parity with the `retrieve_password_message` filter, used for modifying the message body of the same password reset email.
Props sudar.
Fixes #34252 .
Built from https://develop.svn.wordpress.org/trunk@35093
git-svn-id: http://core.svn.wordpress.org/trunk@35058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-13 00:51:24 +00:00
John Blackbourn
d2416ca93a
Correctly set the `secure` flag on the post password cookie based on the scheme of the referring URL, if it's available, instead of the home URL.
...
Fixes #29641
Built from https://develop.svn.wordpress.org/trunk@34932
git-svn-id: http://core.svn.wordpress.org/trunk@34897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 03:09:24 +00:00
John Blackbourn
95045d629b
Correctly set the `secure` flag for the test cookie based on the login URL scheme, and the same for the user settings cookies based on the admin URL scheme.
...
Fixes #34159
Built from https://develop.svn.wordpress.org/trunk@34931
git-svn-id: http://core.svn.wordpress.org/trunk@34896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 03:05:25 +00:00
Sergey Biryukov
399c1f3c83
Reset Password: Move the code for creating password reset key into a new function, `get_password_reset_key()`, and use it in `retrieve_password()`.
...
Previously: [25231].
Props DH-Shredder.
Fixes #34180 .
Built from https://develop.svn.wordpress.org/trunk@34923
git-svn-id: http://core.svn.wordpress.org/trunk@34888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:11:24 +00:00
John Blackbourn
471752f59a
Prevent a PHP notice when POSTing to `wp-login.php?action=register` without a `user_login` or `user_email` field in the POST request.
...
Fixes #34192
Built from https://develop.svn.wordpress.org/trunk@34910
git-svn-id: http://core.svn.wordpress.org/trunk@34875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:43:25 +00:00
John Blackbourn
2d745fabe3
Prevent a PHP notice from appearing on `wp-login.php?action=postpass` when there's no `$_POST['post_password']` parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here).
...
Fixes #34160
Props iamfriendly
Built from https://develop.svn.wordpress.org/trunk@34909
git-svn-id: http://core.svn.wordpress.org/trunk@34874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:30:25 +00:00
Drew Jaynes
fa4fed0f80
Login: Pass the `$errors` object as a parameter to the `lostpassword_post` hook.
...
Props iamfriendly.
Fixes #32116 .
Built from https://develop.svn.wordpress.org/trunk@34885
git-svn-id: http://core.svn.wordpress.org/trunk@34850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:00:25 +00:00
Scott Taylor
39552b63ca
Passwords: fix the markup on the Reset Password Form for `user-pass1` so the JavaScript operates properly.
...
Props ldinclaux.
See #33892 .
Fixes #33908 .
Built from https://develop.svn.wordpress.org/trunk@34371
git-svn-id: http://core.svn.wordpress.org/trunk@34335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 03:57:24 +00:00
Sergey Biryukov
19bcadf2a6
Reset Password: Move `<div>` out of `<p>` in `wp-login.php`.
...
Props ldinclaux.
Fixes #33892 .
Built from https://develop.svn.wordpress.org/trunk@34232
git-svn-id: http://core.svn.wordpress.org/trunk@34196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 11:46:25 +00:00
John Blackbourn
a9e5cfddc7
Implement `wp_login_url()` and `wp_registration_url()` in places where `wp-login.php` is currently hard-coded.
...
See #31495
Props GregLone
Built from https://develop.svn.wordpress.org/trunk@34213
git-svn-id: http://core.svn.wordpress.org/trunk@34177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 17:11:35 +00:00
John Blackbourn
3361f90a1c
When a user with no role logs in, redirect them to the home page rather than their profile screen which they do not have access to.
...
See #25162
Built from https://develop.svn.wordpress.org/trunk@33924
git-svn-id: http://core.svn.wordpress.org/trunk@33893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 21:34:24 +00:00
Helen Hou-Sandí
1f500055a6
Drop the hyphen from e-mail and standardize on email.
...
The AP Stylebook changed this in 2011, and we're woefully inconsistent, so let's go with the standard.
props morganestes, voldemortensen, niallkennedy (for patching on the previous AP style).
fixes #26156 .
Built from https://develop.svn.wordpress.org/trunk@33774
git-svn-id: http://core.svn.wordpress.org/trunk@33742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-28 03:17:21 +00:00
Mark Jaquith
69107095b7
Autogenerate passwords that more reliably fit within their inputs.
...
fixes #33166
Built from https://develop.svn.wordpress.org/trunk@33474
git-svn-id: http://core.svn.wordpress.org/trunk@33441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 03:56:24 +00:00
Scott Taylor
d92795db13
Passwords UI: clean up the new JS in `wp-admin/js/user-profile.js`.
...
Instead of wrapping `#pass1` in a `<span>` dynamically, add the `<span>` to the HTML in PHP. It currently has no styling.
Fixes #33145 .
Built from https://develop.svn.wordpress.org/trunk@33450
git-svn-id: http://core.svn.wordpress.org/trunk@33417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-27 21:25:25 +00:00
Konstantin Obenland
45bfab3aa8
Passwords: Add password strength meter feedback for screen readers.
...
Also gives context to the show/hide button.
Props rianrietveld, afercia.
Fixes #33032 .
Built from https://develop.svn.wordpress.org/trunk@33353
git-svn-id: http://core.svn.wordpress.org/trunk@33325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 00:15:25 +00:00
Konstantin Obenland
1f18ef86a3
Login: Reflect new password flow in registration form.
...
Props Ipstenu.
Fixes #32428 .
Built from https://develop.svn.wordpress.org/trunk@33265
git-svn-id: http://core.svn.wordpress.org/trunk@33237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 16:08:25 +00:00
Konstantin Obenland
f020fab7ef
Password: Improve display of password meter on login screen.
...
Fixes #32925 .
Built from https://develop.svn.wordpress.org/trunk@33251
git-svn-id: http://core.svn.wordpress.org/trunk@33223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 03:32:24 +00:00
Mark Jaquith
04793dce34
Fix small typo from [33019].
...
see #32429
Built from https://develop.svn.wordpress.org/trunk@33034
git-svn-id: http://core.svn.wordpress.org/trunk@33005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 18:16:24 +00:00
Mark Jaquith
423a1a7ca4
New password change/set UI.
...
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords
see #32589
props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023
git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Dion Hulse
c261ad2c57
Expire password reset links after 24 hours (by default). This causes existing password reset links to become invalid.
...
Props markjaquith, voldemortensen, johnbillion, MikeHansenMe, dd32
See #32429
Built from https://develop.svn.wordpress.org/trunk@33019
git-svn-id: http://core.svn.wordpress.org/trunk@32990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 06:33:26 +00:00
Scott Taylor
42d51a4f89
Add doc blocks to functions that are missing them.
...
If the function has no need for `@param` or `@return`, do an archeaological dig to find `@since`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32672
git-svn-id: http://core.svn.wordpress.org/trunk@32642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-31 03:18:25 +00:00
Dominik Schilling
64fc7294b6
Use HTTPS URLs for codex.wordpress.org.
...
see #27115 .
Built from https://develop.svn.wordpress.org/trunk@32116
git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
John Blackbourn
7c5fc2debb
Implement an `aria-describedby` attribute for login screen errors, and improve the "Forgot password?" anchor text.
...
Props aferica, rianrietveld
Fixes #31143
Built from https://develop.svn.wordpress.org/trunk@31871
git-svn-id: http://core.svn.wordpress.org/trunk@31850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-24 16:29:26 +00:00
John Blackbourn
35f4e719b2
Introduce a `logout_redirect` filter so the redirect destination can be changed when a user logs out. Parameters:
...
* string $redirect_to The redirect destination URL.
* string $requested_redirect_to The requested redirect destination URL passed as a parameter.
* WP_User $user The WP_User object for the user that's logging out.
Fixes #27617
Props SergeyBiryukov, johnbillion
Built from https://develop.svn.wordpress.org/trunk@31417
git-svn-id: http://core.svn.wordpress.org/trunk@31398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-11 19:19:26 +00:00
Scott Taylor
60b0cd7943
The keyword `elseif` should be used instead of `else if` so that all control keywords look like single words.
...
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs.
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@31090
git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00
Andrew Nacin
741e0ec6de
No need for wp_get_password_hint() to be prefixed as if it is private.
...
see #21243 .
Built from https://develop.svn.wordpress.org/trunk@30855
git-svn-id: http://core.svn.wordpress.org/trunk@30845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-15 08:34:23 +00:00
Drew Jaynes
ab3856619e
Docs Formatting: Backtick-escape inline code for the `login_form_ . $action` dynamic hook in wp-login.php.
...
See #30552 .
Built from https://develop.svn.wordpress.org/trunk@30651
git-svn-id: http://core.svn.wordpress.org/trunk@30641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 11:45:23 +00:00
Drew Jaynes
4b6abbaff4
Ensure inline code is markdown-escaped as such, HTML tags are removed from summaries, and that code snippets in descriptions are properly indented.
...
Affects DocBlocks for the following core elements:
* Backtick-escape code snippets in the description for `get_object_taxonomies()`
* Backtick-escape inline code in a markdown-formatted unordered list in the description for `get_taxonomy_labels()`
* Remove an HTML tag from the summary for the `Walker_Category_Checklist` class
* Remove an HTML tag from the summary for `wp_category_checklist()`, various formatting
* Remove an HTML tag from the summary for `wp_terms_checklist()`
* Backtick-escape an HTML tag in the description for `wp_popular_terms_checklist()`
* Remove HTML tags from the summaries for `page_template_dropdown()`, `parent_dropdown()`, and `wp_dropdown_roles()`
* Backtick-escape HTML tags in a parameter description for `add_settings_error()`
* Various formatting in the description and summary for `settings_errors()`
* Markdown-indent code snippets in the descriptions for `wpdb::prepare()`, `wpdb::insert()`, `wpdb::replace()`, `wpdb::update()`, and `wpdb::delete()`
* Backtick-escape an HTML tag in a parameter description for `login_header()`
* Remove HTML tags from the summaries for the `lostpassword_form` and `signup_header` hooks
Props rarst.
See #30473 .
Built from https://develop.svn.wordpress.org/trunk@30546
git-svn-id: http://core.svn.wordpress.org/trunk@30535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-24 06:31:21 +00:00
Andrew Nacin
b271e36f47
Form validation for password resets.
...
Built from https://develop.svn.wordpress.org/trunk@30417
git-svn-id: http://core.svn.wordpress.org/trunk@30412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 12:22:22 +00:00
John Blackbourn
066ee3b2b7
Add `$user_login` and `$user_data` parameters to the `retrieve_password_message` filter.
...
Props ivankristianto, dcavins
Fixes #25853
Built from https://develop.svn.wordpress.org/trunk@30357
git-svn-id: http://core.svn.wordpress.org/trunk@30356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 07:25:22 +00:00
Drew Jaynes
66c47f29bb
Correct references of `@uses $wpdb` in core documentation to use `@global`.
...
See #30191 , [30105].
Fixes #30217 .
Built from https://develop.svn.wordpress.org/trunk@30122
git-svn-id: http://core.svn.wordpress.org/trunk@30122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-31 17:56:22 +00:00
John Blackbourn
b1ba80de87
Rename `_wp_password_hint()` to `_wp_get_password_hint()` to bring it inline with core terminology. Fixes #21243 .
...
Built from https://develop.svn.wordpress.org/trunk@30033
git-svn-id: http://core.svn.wordpress.org/trunk@30033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-26 23:30:18 +00:00
Sergey Biryukov
0eb758720a
Move password hint text to a function. Add 'password_hint' filter.
...
props convissor.
fixes #21243 .
Built from https://develop.svn.wordpress.org/trunk@29962
git-svn-id: http://core.svn.wordpress.org/trunk@29709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-18 20:21:18 +00:00
Helen Hou-Sandí
36a1e543d6
Refresh the post-update login message.
...
Just a little older in the soul, like your faithful release lead.
fixes #29388 .
Built from https://develop.svn.wordpress.org/trunk@29644
git-svn-id: http://core.svn.wordpress.org/trunk@29418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 05:32:18 +00:00
Andrew Nacin
d84507c3ad
Password resets: Use network_site_url() for form actions.
...
props mdawaffe.
fixes #29156 .
Built from https://develop.svn.wordpress.org/trunk@29631
git-svn-id: http://core.svn.wordpress.org/trunk@29405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-26 20:01:16 +00:00
Sergey Biryukov
444a25b375
Avoid PHP notices in wp-login.php if password reset cookie is not set.
...
props mdawaffe.
see #29060 .
Built from https://develop.svn.wordpress.org/trunk@29381
git-svn-id: http://core.svn.wordpress.org/trunk@29159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-06 02:17:15 +00:00
Andrew Nacin
4bcf60c885
Don't pass around the password reset key.
...
props mdawaffe.
fixes #29060 .
Built from https://develop.svn.wordpress.org/trunk@29327
git-svn-id: http://core.svn.wordpress.org/trunk@29108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-29 18:19:16 +00:00
Dominik Schilling
2e4be94288
Replace `is_https_url()` with `'https' === parse_url( $url, PHP_URL_SCHEME )`.
...
see #28427 , #28487 .
Built from https://develop.svn.wordpress.org/trunk@29311
git-svn-id: http://core.svn.wordpress.org/trunk@29092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-27 17:46:17 +00:00
Sergey Biryukov
f6206e5850
Don't always focus password field on interim login.
...
props johnbillion.
fixes #28961 .
Built from https://develop.svn.wordpress.org/trunk@29258
git-svn-id: http://core.svn.wordpress.org/trunk@29041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-21 16:21:14 +00:00
Drew Jaynes
e731028303
Fix syntax for single- and multi-line comments in root-directory files.
...
See #28931 .
Built from https://develop.svn.wordpress.org/trunk@29205
git-svn-id: http://core.svn.wordpress.org/trunk@28989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-17 09:12:16 +00:00
John Blackbourn
be12ea968a
Implement email and url input types where appropriate. Props Kau-Boy. Fixes #22183 .
...
Built from https://develop.svn.wordpress.org/trunk@29030
git-svn-id: http://core.svn.wordpress.org/trunk@28818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-08 17:52:14 +00:00
Sergey Biryukov
ec3d119861
Avoid overwriting $error global with an interim variable.
...
props MikeLittle.
fixes #28691 .
Built from https://develop.svn.wordpress.org/trunk@28925
git-svn-id: http://core.svn.wordpress.org/trunk@28724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-30 14:39:17 +00:00
Scott Taylor
c8852cc909
Use the `WPINC` constant when loading `class-phpass.php`
...
Props wojtek.szkutnik
See #14157 .
Built from https://develop.svn.wordpress.org/trunk@28903
git-svn-id: http://core.svn.wordpress.org/trunk@28702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 22:12:16 +00:00
John Blackbourn
548c41455a
Remove the WordPress logo from the focusable elements on the install/update screens. Fixes #28674 . Props stompweb
...
Built from https://develop.svn.wordpress.org/trunk@28896
git-svn-id: http://core.svn.wordpress.org/trunk@28695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 14:10:15 +00:00
John Blackbourn
60ff3a61f9
Conditionally set the the `secure` flag on the test cookie, post password cookie, settings cookies, and comment author cookies depending on whether the front end and/or admin area are served over `https`. Fixes #28427
...
Built from https://develop.svn.wordpress.org/trunk@28895
git-svn-id: http://core.svn.wordpress.org/trunk@28694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 13:25:16 +00:00
Scott Taylor
6997001d12
Don't annotate `$wp_error` twice in `login_header()` docs. `$wp_error` is always expected to be of type `WP_Error`.
...
Props SergeyBiryukov.
Fixes #28518 .
Built from https://develop.svn.wordpress.org/trunk@28792
git-svn-id: http://core.svn.wordpress.org/trunk@28605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-20 19:19:14 +00:00
Andrew Nacin
d29dc48134
Forcing SSL logins now forces SSL for the entire admin, with no middle ground.
...
fixes #10267 .
Built from https://develop.svn.wordpress.org/trunk@28609
git-svn-id: http://core.svn.wordpress.org/trunk@28433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-29 03:59:15 +00:00
Scott Taylor
aa83aea519
In `wp-login.php`, `break` is unreachable after `exit`
...
See #27882 .
Built from https://develop.svn.wordpress.org/trunk@28340
git-svn-id: http://core.svn.wordpress.org/trunk@28168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-07 03:58:15 +00:00
Drew Jaynes
d77e78d685
Clean up duplicate hook notations and adjacency for calls to the `wp_signup_location` filter.
...
Also adds braces missed in [25535].
See #26869 .
Built from https://develop.svn.wordpress.org/trunk@28215
git-svn-id: http://core.svn.wordpress.org/trunk@28045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-25 07:12:14 +00:00
Drew Jaynes
05537ab967
Ensure the `register` filter hook is only documented once.
...
See #26869 .
Built from https://develop.svn.wordpress.org/trunk@28208
git-svn-id: http://core.svn.wordpress.org/trunk@28038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-25 06:24:15 +00:00
Andrew Nacin
41d2a7f82b
RTL for login screen.
...
props yoavf.
fixes #27784 .
Built from https://develop.svn.wordpress.org/trunk@28096
git-svn-id: http://core.svn.wordpress.org/trunk@27927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-13 16:06:14 +00:00
Drew Jaynes
21d15059f4
Improve hook docs for the `resetpass_form` hook added in 3.9.
...
See #21044 , #27700 .
Built from https://develop.svn.wordpress.org/trunk@28017
git-svn-id: http://core.svn.wordpress.org/trunk@27847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-07 22:06:14 +00:00
Andrew Nacin
2f9713104b
Only show test cookie warnings on submit as caching/proxies may intercept the test cookie for GET requests.
...
Introduce a new string for when headers are sent and link them to http://codex.wordpress.org/Cookies (new page).
props SergeyBiryukov.
fixes #27373 .
Built from https://develop.svn.wordpress.org/trunk@27859
git-svn-id: http://core.svn.wordpress.org/trunk@27690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-30 00:41:15 +00:00
Andrew Nacin
c3ca81ba94
Always decode special characters for email subjects.
...
props tlovett1, jeremyfelt.
fixes #25346 .
Built from https://develop.svn.wordpress.org/trunk@27801
git-svn-id: http://core.svn.wordpress.org/trunk@27636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-28 02:44:15 +00:00
Andrew Nacin
0c16c0477b
Reference https://wordpress.org rather than http://wordpress.org in strings, links, comments, etc.
...
props Ipstenu, markjaquith.
see #27115 .
Built from https://develop.svn.wordpress.org/trunk@27369
git-svn-id: http://core.svn.wordpress.org/trunk@27219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-03 02:34:27 +00:00
Sergey Biryukov
5d3e652c23
Add Oxford comma to password hint.
...
props trepmal.
fixes #26457 .
Built from https://develop.svn.wordpress.org/trunk@27246
git-svn-id: http://core.svn.wordpress.org/trunk@27103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-24 23:31:15 +00:00
Helen Hou-Sandí
060cc19157
Make login styles standalone. see #12506 .
...
Built from https://develop.svn.wordpress.org/trunk@27199
git-svn-id: http://core.svn.wordpress.org/trunk@27056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-20 03:24:14 +00:00
Andrew Nacin
0e0c2d3cdc
New resetpass_form hook in wp-login.php.
...
props romaimperator.
fixes #21044 .
Built from https://develop.svn.wordpress.org/trunk@27068
git-svn-id: http://core.svn.wordpress.org/trunk@26941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-02 07:52:13 +00:00
Matt Thomas
4df7acf1d9
Reset the login form inputs to the standard sans-serif font in IE8 to prevent invisible password field inputs when webfonts are used. Fixes #26348 , props SergeyBiryukov, iammattthomas.
...
Built from https://develop.svn.wordpress.org/trunk@26583
git-svn-id: http://core.svn.wordpress.org/trunk@26473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-03 20:12:11 +00:00
Sergey Biryukov
74f77b85a6
Use get_current_site() instead of the $current_site global when possible.
...
props jeremyfelt.
fixes #25158 .
Built from https://develop.svn.wordpress.org/trunk@26120
git-svn-id: http://core.svn.wordpress.org/trunk@26032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 03:23:10 +00:00
Andrew Nacin
d0cfa40983
Add jshintrc to qunit.
...
props jorbin.
see #25187 .
Built from https://develop.svn.wordpress.org/trunk@25992
git-svn-id: http://core.svn.wordpress.org/trunk@25925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-30 14:39:10 +00:00
Andrew Nacin
70fd806759
Revert r25824:25875 from the core.svn.wordpress.org repository.
...
These commits were accidentally re-synced commits from develop.svn.wordpress.org due to a race condition. Thankfully, the history of this repository matters fairly little. It also happened only for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@25876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-25 02:29:52 +00:00
Andrew Nacin
5361a8abca
Spell out duplicate hook locations.
...
props DrewAPicture.
fixes #25658 .
Built from https://develop.svn.wordpress.org/trunk@25868
git-svn-id: http://core.svn.wordpress.org/trunk@25868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:59:20 +00:00
Andrew Nacin
de7977d66c
Move upgrader_process_complete for core to its proper place in Core_Upgrader.
...
This means it will be firing as a JS redirect is taking place if the update is from pre-3.4. Acceptable.
props dd32.
fixes #25659 .
Built from https://develop.svn.wordpress.org/trunk@25861
git-svn-id: http://core.svn.wordpress.org/trunk@25861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:58:23 +00:00
Drew Jaynes
4d1482cd0d
Inline documentation for the `WP_Date_Query` class in wp-includes/date.php.
...
- Adds a complete hash notation for the `WP_Date_Query` arguments array.
- Adds missing documentation for the `date_query_valid_columns` and `get_date_sql` filter hooks.
Props aeg0125 for the incremental patches.
Fixes #25552 .
Built from https://develop.svn.wordpress.org/trunk@25860
git-svn-id: http://core.svn.wordpress.org/trunk@25860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:58:12 +00:00
Andrew Nacin
8ae8e01b67
Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
...
see #27704 .
Built from https://develop.svn.wordpress.org/trunk@25825
git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Ryan Boren
b87d4b77e5
Pinking shears
...
Built from https://develop.svn.wordpress.org/trunk@25880
git-svn-id: http://core.svn.wordpress.org/trunk@25792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-23 14:38:10 +00:00
Andrew Nacin
74488bdcb0
Spell out duplicate hook locations.
...
props DrewAPicture.
fixes #25658 .
Built from https://develop.svn.wordpress.org/trunk@25868
git-svn-id: http://core.svn.wordpress.org/trunk@25780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-22 17:22:11 +00:00
Drew Jaynes
9ba8ffb5e3
Inline documentation for hooks in wp-login.php.
...
Props ShinichiN, kpdesign.
Fixes #25393 .
Built from https://develop.svn.wordpress.org/trunk@25701
git-svn-id: http://core.svn.wordpress.org/trunk@25616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-06 16:24:09 +00:00
Andrew Nacin
6113669e22
Hash password reset keys in the database.
...
All existing, unused password reset keys are now considered "expired" and the user will be told they should try again.
Introduces a password_reset_key_expired filter to allow plugins to introduce a grace period.
fixes #24783 .
Built from https://develop.svn.wordpress.org/trunk@25696
git-svn-id: http://core.svn.wordpress.org/trunk@25611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-06 11:29:11 +00:00
Helen Hou-Sandí
77a7702deb
Simplify the login page viewport meta for mobile devices, so it's less restrictive on the user. Allows for developers to override if necessary via the `login_head` action. props azaozz. fixes #24777 .
...
Built from https://develop.svn.wordpress.org/trunk@25619
git-svn-id: http://core.svn.wordpress.org/trunk@25536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-25 15:20:09 +00:00
Andrew Nacin
70edef0df4
Introduce post_password_expires filter to control the expiration of the post password cookie.
...
props Viper007Bond for initial patch.
fixes #21466 .
Built from https://develop.svn.wordpress.org/trunk@25450
git-svn-id: http://core.svn.wordpress.org/trunk@25371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-16 17:40:10 +00:00
Sergey Biryukov
1d79b0bdf3
Move check_password_reset_key(), reset_password(), and register_new_user() from wp-login.php to wp-includes/user.php, to make them reusable. props beaulebens for initial patch. fixes #20279 .
...
Built from https://develop.svn.wordpress.org/trunk@25231
git-svn-id: http://core.svn.wordpress.org/trunk@25201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-04 08:59:09 +00:00
Sergey Biryukov
b1dc91c447
Clear 'default_password_nag' flag when resetting a user's password, since the new password is entered manually. props wikicms. fixes #25206 .
...
Built from https://develop.svn.wordpress.org/trunk@25203
git-svn-id: http://core.svn.wordpress.org/trunk@25175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-02 03:18:10 +00:00
Andrew Nacin
cf02025fe0
Check for a WP_Error return from wp_create_user() in register_new_user().
...
props coffee2code.
fixes #14290 .
Built from https://develop.svn.wordpress.org/trunk@25174
git-svn-id: http://core.svn.wordpress.org/trunk@25148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-29 22:16:09 +00:00
Andrew Ozz
29739b2508
In wp-login.php check if cookies are enabled before attempting to log the user in with wp_signon(), fixes #24961 .
...
Built from https://develop.svn.wordpress.org/trunk@25045
git-svn-id: http://core.svn.wordpress.org/trunk@25032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-17 01:01:09 +00:00
Andrew Nacin
d2224d687c
Use commas, not semicolons, to separate meta viewport values. props bobbravo2. see #24777 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24779 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-23 07:27:56 +00:00
Mark Jaquith
c8853cff92
Set `autocomplete="off"` on the password reset form itself, in addition to the individual inputs, to work around a Chrome bug.
...
fixes #24364 . props azaozz.
git-svn-id: http://core.svn.wordpress.org/trunk@24553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-03 21:29:53 +00:00
Andrew Nacin
95800ae4f2
Validate post password hash.
...
git-svn-id: http://core.svn.wordpress.org/trunk@24466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 03:00:26 +00:00
Andrew Nacin
cfa947193f
Revert [24291] pending further discussion and sleuthing. see #24364 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-22 18:37:43 +00:00
Andrew Ozz
dbda48bd2a
Fix Chrome disregarding autocomplete="off" for password fields. Add autocomplete="off" to forms where the users can choose new password. Fixes #24364 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-18 22:56:21 +00:00
Andrew Ozz
19c3b4bfdc
Logged out warnings:
...
- Don't use <base> tag to set target="_blank". It can break form submission. Instead, set target only on links with JS.
- Fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN == true.
- Properly show/hide the "Close" button when the dialog is shown multiple times.
See #23295
git-svn-id: http://core.svn.wordpress.org/trunk@24208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 22:45:58 +00:00
Sergey Biryukov
57c10eadbb
Use ellipsis instead of three dots. props tjsingleton, jordie23, wojtek.szkutnik, DrewAPicture, SergeyBiryukov. see #8714 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-08 21:27:31 +00:00
Andrew Ozz
badaefce06
Logged out warnings:
...
- Don't remove login error messages coming from wp_signon().
- When the login form is shown in iframe, open all links in a new tab/window.
- Add filter for the login form error message.
See #23295
git-svn-id: http://core.svn.wordpress.org/trunk@24179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-06 21:35:50 +00:00
Andrew Nacin
a9712e0183
Add wp_registration_url() and register_url filter.
...
props scribu, JustinSainton, SergeyBiryukov.
fixes #17950 .
git-svn-id: http://core.svn.wordpress.org/trunk@24053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-22 20:21:22 +00:00
Andrew Ozz
04c5aefbea
Logged out warnings: add fallback text dialog for:
...
- The login page has "X-Frame-Options: DENY" header.
- Cross-domain when displaying on the front-end on multisite with domain mapping.
- The site forces ssl login but not ssl admin.
Add onbeforeunload prompt to counter (frame-busting) JS redirects. Move the JS and CSS into separate files. See #23295 .
git-svn-id: http://core.svn.wordpress.org/trunk@23805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-27 08:43:11 +00:00
Andrew Ozz
5398ac438c
Logged out warnings: clear previous errors when interim_login is set, see #23295
...
git-svn-id: http://core.svn.wordpress.org/trunk@23691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-13 23:32:52 +00:00