Boone Gorges
2dad79f6c5
Always sanitize user_nicename in wp_insert_user().
...
Previously, a 'user_nicename' parameter passed into the function was
unsanitized. This could result in a mismatch between the sanitized nicename
generated automatically at user creation, resulting in broken author archive
permalinks.
Props joemcgill.
Fixes #29696 .
Built from https://develop.svn.wordpress.org/trunk@29819
git-svn-id: http://core.svn.wordpress.org/trunk@29585 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-02 18:54:17 +00:00
Sergey Biryukov
5727b51538
Correct @return value for WP_User_Query::get_total().
...
props jesin.
fixes #29656 .
Built from https://develop.svn.wordpress.org/trunk@29744
git-svn-id: http://core.svn.wordpress.org/trunk@29518 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-13 22:24:17 +00:00
Andrew Nacin
768136c6da
Rename the public methods in the session tokens API.
...
Introduces a new get( $token ) method. get_token() would not have made sense and spurred the overall renaming. Public methods are now get, get_all, verify, create, update, destroy, destroy_others, and destroy_all.
The protected abstract methods designed for alternative implementations remain the same.
props mdawaffe.
see #20276 .
Built from https://develop.svn.wordpress.org/trunk@29635
git-svn-id: http://core.svn.wordpress.org/trunk@29409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 02:07:16 +00:00
Drew Jaynes
a8583d5f19
Fix some words that aren't words.
...
See #28885 .
Built from https://develop.svn.wordpress.org/trunk@29454
git-svn-id: http://core.svn.wordpress.org/trunk@29232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-09 19:30:17 +00:00
Scott Taylor
91764118fb
Add an action, `pre_get_users`, in `WP_User_Query::prepare_query()`.
...
Props rmccue.
Fixes #29084 .
Built from https://develop.svn.wordpress.org/trunk@29363
git-svn-id: http://core.svn.wordpress.org/trunk@29139 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-02 20:46:16 +00:00
Andrew Nacin
654e46f03d
Tie cookies and nonces to user sessions so they may be invalidated upon logout.
...
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.
Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().
This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.
props duck_, nacin, mdawaffe.
see #20276 .
Built from https://develop.svn.wordpress.org/trunk@29221
git-svn-id: http://core.svn.wordpress.org/trunk@29005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 09:13:15 +00:00
Drew Jaynes
3665b5a1a1
Add periods to short descriptions for magic methods added in [28501], [28521], and [28524].
...
See #22234 and #28885 .
Built from https://develop.svn.wordpress.org/trunk@29165
git-svn-id: http://core.svn.wordpress.org/trunk@28949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-14 01:12:14 +00:00
Drew Jaynes
f287dbbbde
Fill out inline documentation for magic methods added to the `WP_User_Query` class in [28528].
...
See #27881 , #22234 and #28885 .
Built from https://develop.svn.wordpress.org/trunk@29140
git-svn-id: http://core.svn.wordpress.org/trunk@28924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-13 23:34:15 +00:00
Drew Jaynes
c0052b6af2
Convert default arguments documentation for `wp_insert_user()` into a hash notation.
...
See #28841 .
Built from https://develop.svn.wordpress.org/trunk@29116
git-svn-id: http://core.svn.wordpress.org/trunk@28902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-12 00:21:15 +00:00
Drew Jaynes
933ab734f9
Convert default arguments documentation for `wp_dropdown_users()` into a hash notation.
...
See #28841 .
Built from https://develop.svn.wordpress.org/trunk@29115
git-svn-id: http://core.svn.wordpress.org/trunk@28901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-12 00:08:15 +00:00
Dominik Schilling
a20d6ebec6
Add missing filter doc, see [29043].
...
see #27627 .
Built from https://develop.svn.wordpress.org/trunk@29102
git-svn-id: http://core.svn.wordpress.org/trunk@28888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-11 19:24:28 +00:00
John Blackbourn
2ce53ede8e
Persist the "Remember Me" state of the auth cookie when changing your own password. Props jesin. Fixes #27627 .
...
Built from https://develop.svn.wordpress.org/trunk@29043
git-svn-id: http://core.svn.wordpress.org/trunk@28831 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-09 18:05:15 +00:00
Scott Taylor
c8852cc909
Use the `WPINC` constant when loading `class-phpass.php`
...
Props wojtek.szkutnik
See #14157 .
Built from https://develop.svn.wordpress.org/trunk@28903
git-svn-id: http://core.svn.wordpress.org/trunk@28702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 22:12:16 +00:00
Scott Taylor
71090a7f12
Remove title attributes in `wp_authenticate_username_password()`.
...
Props joedolson.
Fixes #26547 .
Built from https://develop.svn.wordpress.org/trunk@28870
git-svn-id: http://core.svn.wordpress.org/trunk@28670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-27 20:05:15 +00:00
Scott Taylor
994ca59abd
Don't use variable variables in `wp_insert_user()`.
...
Add a local array, `$meta`, to provide substantial disambiguation among variables.
See #27881 .
Built from https://develop.svn.wordpress.org/trunk@28740
git-svn-id: http://core.svn.wordpress.org/trunk@28554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-11 18:21:14 +00:00
Scott Taylor
6a61826660
Set a variable for like-escaped string before looping in `WP_User_Query::get_search_sql()`.
...
Props miqrogroove.
Fixes #10041 .
Built from https://develop.svn.wordpress.org/trunk@28722
git-svn-id: http://core.svn.wordpress.org/trunk@28536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-10 02:45:16 +00:00
Scott Taylor
05eeb16e30
Replace all uses of `like_escape()` with `$wpdb->esc_like()`.
...
Props miqrogroove.
See #10041 .
Built from https://develop.svn.wordpress.org/trunk@28712
git-svn-id: http://core.svn.wordpress.org/trunk@28528 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-10 00:44:15 +00:00
Drew Jaynes
3e0521c2cf
Add inline documentation for the `option_none_value` argument added to `wp_dropdown_users|categories()` in [28564].
...
Fixes #16625 .
Built from https://develop.svn.wordpress.org/trunk@28570
git-svn-id: http://core.svn.wordpress.org/trunk@28395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-24 05:39:15 +00:00
Scott Taylor
53ea68e838
`wp_dropdown_pages()` allows `option_none_value` to be passed. Add that arg to the `$defaults` for `wp_dropdown_users()` and `wp_dropdown_categories()` as well.
...
Props solarissmoke.
Fixes #16625 .
Built from https://develop.svn.wordpress.org/trunk@28564
git-svn-id: http://core.svn.wordpress.org/trunk@28390 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-23 20:47:15 +00:00
Scott Taylor
ab6d069f59
Add access modifiers to `WP_User_Query`.
...
Add magic methods for BC: __get(), __set(), __isset(), __unset(), and
__call().
See #27881 , #22234 .
Built from https://develop.svn.wordpress.org/trunk@28528
git-svn-id: http://core.svn.wordpress.org/trunk@28354 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-19 15:48:15 +00:00
Scott Taylor
877fad9f38
Eliminate use of `extract()` in `wp_insert_user()`.
...
See #22400 .
Built from https://develop.svn.wordpress.org/trunk@28454
git-svn-id: http://core.svn.wordpress.org/trunk@28281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-16 18:15:15 +00:00
Scott Taylor
ee90a8c17c
Eliminate the use of `extract()` in `wp_dropdown_users()`.
...
See #22400 .
Built from https://develop.svn.wordpress.org/trunk@28420
git-svn-id: http://core.svn.wordpress.org/trunk@28247 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 05:18:15 +00:00
Andrew Nacin
91971b28a7
User Query: Don't blindly re-append new meta queries for capabilities.
...
fixes #21119 .
Built from https://develop.svn.wordpress.org/trunk@28087
git-svn-id: http://core.svn.wordpress.org/trunk@27918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-12 19:04:15 +00:00
Drew Jaynes
5c3c97ead6
PHPDoc fixes for `wp_validate_logged_in_cookie()`, introduced in 3.9.
...
See #27700 .
Built from https://develop.svn.wordpress.org/trunk@28015
git-svn-id: http://core.svn.wordpress.org/trunk@27845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-07 21:43:15 +00:00
Andrew Nacin
acba3131d7
Allow for custom authentication handlers for all requests.
...
Turn the logic used by wp_get_current_user() into a determine_current_user filter.
props rmccue.
fixes #26706 .
Built from https://develop.svn.wordpress.org/trunk@27484
git-svn-id: http://core.svn.wordpress.org/trunk@27328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-09 15:23:15 +00:00
Sergey Biryukov
4da1691fd5
Additional clarification for wp_authenticate_cookie() parameters.
...
fixes #26148 .
Built from https://develop.svn.wordpress.org/trunk@27354
git-svn-id: http://core.svn.wordpress.org/trunk@27205 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-02 19:51:14 +00:00
Drew Jaynes
266aa6d9d2
Inline documentation improvements for wp-includes/user.php.
...
Props morganestes, SergeyBiryukov.
Fixes #26148 .
Built from https://develop.svn.wordpress.org/trunk@27353
git-svn-id: http://core.svn.wordpress.org/trunk@27204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-02 19:40:14 +00:00
Sergey Biryukov
2e288a108c
Remove redundant add_filter() call. see [24848]. fixes #27255 .
...
Built from https://develop.svn.wordpress.org/trunk@27351
git-svn-id: http://core.svn.wordpress.org/trunk@27202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-02 18:21:14 +00:00
Sergey Biryukov
45ac85f67f
Default value for $credentials parameter in wp_signon() should be an array, not a string.
...
props tivnet.
fixes #27130 .
Built from https://develop.svn.wordpress.org/trunk@27350
git-svn-id: http://core.svn.wordpress.org/trunk@27201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-02 18:05:14 +00:00
Sergey Biryukov
ab8847316c
Correct return values for update_metadata() and related functions.
...
fixes #21864 .
Built from https://develop.svn.wordpress.org/trunk@27191
git-svn-id: http://core.svn.wordpress.org/trunk@27050 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-18 21:36:14 +00:00
Scott Taylor
55b4eee4c2
Make `WP_User_Query::prepare_query()` public by allowing it to be passed an array of args. Previously, if the `WP_User_Query` constructor was not passed args, the object was basically unusable. Adds unit tests, all other tests pass.
...
Props scribu, for the initial patch.
Fixes #21119 .
Built from https://develop.svn.wordpress.org/trunk@27185
git-svn-id: http://core.svn.wordpress.org/trunk@27045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-17 21:41:12 +00:00
Sergey Biryukov
9145c85fc7
Correct 'found_users_query' filter description. see #25533 .
...
Built from https://develop.svn.wordpress.org/trunk@26904
git-svn-id: http://core.svn.wordpress.org/trunk@26787 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-04 18:50:11 +00:00
Drew Jaynes
e73caae160
Inline documentation for hooks in wp-includes/user.php.
...
Props stephenharris, kpdesign.
Fixes #25533 .
Built from https://develop.svn.wordpress.org/trunk@26901
git-svn-id: http://core.svn.wordpress.org/trunk@26784 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-04 06:18:10 +00:00
Drew Jaynes
ee8aa9ee4c
Inline documentation for hooks in wp-admin/user-new.php & wp-admin/user-edit.php.
...
Also fixes one parameter type in wp-includes/user.php.
Fixes #25726 .
Built from https://develop.svn.wordpress.org/trunk@26493
git-svn-id: http://core.svn.wordpress.org/trunk@26387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-01 01:35:10 +00:00
Sergey Biryukov
8d659b278c
Fix docblock formatting. fixes #25893 .
...
Built from https://develop.svn.wordpress.org/trunk@26081
git-svn-id: http://core.svn.wordpress.org/trunk@26001 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-11 13:32:10 +00:00
Sergey Biryukov
0888c85811
Correct $user_id parameter description. props mauryaratan, Corphi. fixes #25774 .
...
Built from https://develop.svn.wordpress.org/trunk@25997
git-svn-id: http://core.svn.wordpress.org/trunk@25930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-30 20:18:10 +00:00
Andrew Nacin
d0cfa40983
Add jshintrc to qunit.
...
props jorbin.
see #25187 .
Built from https://develop.svn.wordpress.org/trunk@25992
git-svn-id: http://core.svn.wordpress.org/trunk@25925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-30 14:39:10 +00:00
Andrew Nacin
823ad1ae6e
Have get_current_user_id() return 0 when pluggable.php is not yet included (which brings the ability to set or get the current user).
...
fixes #25690 for trunk.
Built from https://develop.svn.wordpress.org/trunk@25929
git-svn-id: http://core.svn.wordpress.org/trunk@25888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-26 03:20:09 +00:00
Andrew Nacin
6113669e22
Hash password reset keys in the database.
...
All existing, unused password reset keys are now considered "expired" and the user will be told they should try again.
Introduces a password_reset_key_expired filter to allow plugins to introduce a grace period.
fixes #24783 .
Built from https://develop.svn.wordpress.org/trunk@25696
git-svn-id: http://core.svn.wordpress.org/trunk@25611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-06 11:29:11 +00:00
Andrew Nacin
0e620877fd
Use the wpdb method instead of $wpdb->prefix.
...
props hakre.
fixes #16756 .
Built from https://develop.svn.wordpress.org/trunk@25615
git-svn-id: http://core.svn.wordpress.org/trunk@25532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-24 23:41:10 +00:00
Andrew Nacin
00c545606e
Introduce wp_get_user_contact_methods() as a public version of _wp_get_user_contactmethods.
...
props johnnyb.
fixes #24273 .
Built from https://develop.svn.wordpress.org/trunk@25606
git-svn-id: http://core.svn.wordpress.org/trunk@25523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-24 18:14:09 +00:00
Scott Taylor
6744355f70
* Add `isset()` checks all over `WP_User_Query::prepare_query()` and `WP_User_Query::query()`. When a `WP_User_Query` instance is constructed without passing args, no query vars are filled in, thus `$qv` doesn't contain most of the expected indices.
...
* Suppress an undefined index notice in `tests/user/query.php`
Fixes #25292 .
See #25282 .
Built from https://develop.svn.wordpress.org/trunk@25392
git-svn-id: http://core.svn.wordpress.org/trunk@25326 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-12 06:25:09 +00:00
Scott Taylor
dbec80b469
Support `orderby => meta_value` in `WP_User_Query`. Adds unit test.
...
Props wpsmith.
Fixes #21581 .
Built from https://develop.svn.wordpress.org/trunk@25331
git-svn-id: http://core.svn.wordpress.org/trunk@25293 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 23:10:09 +00:00
Sergey Biryukov
1d79b0bdf3
Move check_password_reset_key(), reset_password(), and register_new_user() from wp-login.php to wp-includes/user.php, to make them reusable. props beaulebens for initial patch. fixes #20279 .
...
Built from https://develop.svn.wordpress.org/trunk@25231
git-svn-id: http://core.svn.wordpress.org/trunk@25201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-04 08:59:09 +00:00
Andrew Nacin
34ce599935
Don't override an existing WP_Error object in wp_authenticate_username_password().
...
props willnorris.
fixes #19714 .
git-svn-id: http://core.svn.wordpress.org/trunk@24850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:43:22 +00:00
Andrew Nacin
5c20d1eca1
Remove "special" multisite spam check in the authentication API.
...
The spamming of a site no longer directly affects a user of said site.
Moves the spam check to the wp_authenticate filter. Networks in need
of enhanced spam-fighting should leverage this same technique.
Allow is_user_spammy() to accept a WP_User object.
props willnorris, brianhogg.
fixes #24771 . see #19714 .
git-svn-id: http://core.svn.wordpress.org/trunk@24848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:23:51 +00:00
Andrew Nacin
de7375b5d1
Avoid a sanitize_key() call on ID, as this causes it to be lowercased. wp_dropdown_users() requires user_login as a fallback; specify it for get_users(). see #21767 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24719 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-17 04:46:09 +00:00
Andrew Nacin
4fd4d4452f
Use sanitize_key() instead of esc_sql() when 'escaping' variable DB field names. see #21767 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-16 14:21:05 +00:00
Sergey Biryukov
58c364947f
PHPDoc fixes and additions. fixes #24616 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 12:45:11 +00:00
Andrew Nacin
97ce5922db
Remove docs suggesting that wp_update_user() creates a user if no ID is provided. See #16731 , that is incorrect at this time.
...
git-svn-id: http://core.svn.wordpress.org/trunk@24345 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-24 16:22:22 +00:00