Commit Graph

248 Commits

Author SHA1 Message Date
Ryan Boren 315bfb019a Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 21:11:40 +00:00
Andrew Nacin 3579814b3e Remove the three default contact methods (AIM, YIM, Jabber) for new installs. fixes #11541.
git-svn-id: http://core.svn.wordpress.org/trunk@23588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 03:00:34 +00:00
Sergey Biryukov 3a86ceb816 Use distinct error code in wp_authenticate_username_password() when user is a spammer. props sirzooro. fixes #19445.
git-svn-id: http://core.svn.wordpress.org/trunk@23579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 18:01:16 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Andrew Nacin 7c5a0db7c1 Return WP_Error from wp_update_user() on a non-existent user, avoiding a fatal error in the process.
props n7studios, SergeyBiryukov.
fixes #22858 for trunk.
Unit tests: [11776/tests].



git-svn-id: http://core.svn.wordpress.org/trunk@23210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-27 15:36:08 +00:00
Andrew Nacin c04587d409 Add a $public_only argument to count_many_users_posts() and get_posts_by_author_sql(). Defaults to false, and allows the counts to be returned for only public posts. props ryan, westi. fixes #21431.
git-svn-id: http://core.svn.wordpress.org/trunk@22386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-05 23:11:25 +00:00
Ryan Boren f9ddde8da6 Return WP_User objects when querying 'all' fields with WP_User_Query.
Allow passing stdClass or WP_User to the WP_User constructor.

fixes #22057


git-svn-id: http://core.svn.wordpress.org/trunk@22248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-16 20:05:40 +00:00
Ryan Boren 51920e1858 Consolidate some strings. Props pavelevap, SergeyBiryukov. see #21728
git-svn-id: http://core.svn.wordpress.org/trunk@22124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-05 19:04:34 +00:00
Andrew Nacin 0ada88ef52 Add get() and set() methods to WP_User_Query for modifying query variables the way you might with WP_Query. props wonderboymusic. fixes #21426.
git-svn-id: http://core.svn.wordpress.org/trunk@21995 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:01:59 +00:00
Andrew Nacin 1f9ce958f7 Deprecate user_pass_ok() in favor of wp_authenticate(). see #21907.
git-svn-id: http://core.svn.wordpress.org/trunk@21911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-19 01:35:35 +00:00
Andrew Nacin 57ad8da7d0 On user creation, default the display name to the first and last names provided. props mikelittle for the initial patch. fixes #20637.
git-svn-id: http://core.svn.wordpress.org/trunk@21876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-16 22:33:24 +00:00
Ryan Boren 88d549cbe4 Set the archived, spam, and deleted properties in the objects returned from get_blogs_of_user(). Props wonderboymusic. fixes #16225
git-svn-id: http://core.svn.wordpress.org/trunk@21794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-10 17:50:13 +00:00
Ryan Boren 38c261bc37 Update phpdoc for count_many_users_posts(). Props willmot. fixes #21640
git-svn-id: http://core.svn.wordpress.org/trunk@21747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-04 21:07:27 +00:00
Ryan Boren 5f8ae64dd6 Add @since for _wp_get_user_contactmethods() and _get_additional_user_keys(). Props SergeyBiryukov. fixes #21246
git-svn-id: http://core.svn.wordpress.org/trunk@21522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-15 15:33:59 +00:00
Ryan Boren 17f544b798 Update wp_update_user() phpdoc to reflect a possible return of WP_Error. Props SergeyBiryukov. fixes #21439
git-svn-id: http://core.svn.wordpress.org/trunk@21509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-14 19:29:40 +00:00
Ryan Boren cbd6a8becd Allow passing stdClass and WP_User to wp_insert_user() and wp_update_user(). Introduce WP_User::to_array(). Eliminate uses of get_object_vars() when passing to wp_*_user(). fixes #21429
git-svn-id: http://core.svn.wordpress.org/trunk@21496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-10 15:36:54 +00:00
nacin 7127ed1197 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
ryan 996366cc0e Better phpdoc for user_nicename. Props SergeyBiryukov. fixes #21427
git-svn-id: http://core.svn.wordpress.org/trunk@21374 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-31 15:50:29 +00:00
nacin 261817a0c4 Eliminate $user_pass_md5. fixes #21125.
git-svn-id: http://core.svn.wordpress.org/trunk@21202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-30 15:04:06 +00:00
nacin c68f8c46f0 Use maybe_serialize() where appropriate. fixes #19617.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-27 15:57:51 +00:00
ryan 646cb4e2ce * Return empty arrays instead of false for all conditions in get_blogs_of_user().
* When deleting a user, use a delete_metadata_by_mid() loop over the meta so that the meta cache is cleared.
* Use remove_user_from_blog() for DRYness.

Props nacin, duck_
Fixes #19500


git-svn-id: http://svn.automattic.com/wordpress/trunk@20581 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-24 22:13:47 +00:00
duck_ 9694d46b27 Don't deprecate cleaning the user cache by ID. See #20460.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-19 11:51:27 +00:00
duck_ e641c48a72 Pass full user objects to clean_user_cache(). See #19500, fixes #20460.
Prevents notices when clean_user_cache() is called for a user that has been removed from the database.


git-svn-id: http://svn.automattic.com/wordpress/trunk@20522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-18 21:07:31 +00:00
ryan de41bc288b Introduce WP_User::exists(). see #20372
git-svn-id: http://svn.automattic.com/wordpress/trunk@20378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-06 19:18:45 +00:00
duck_ fc02ff4a73 Remove unused $field_no_prefix variable and associated documentation from sanitize_user_field(). Fixes #20274.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-21 17:33:11 +00:00
nacin 1729a14278 $userdata should be null for anonymous requests. props MattyRob. props duck_ for the unit test. fixes #19769 for trunk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-02 20:59:30 +00:00
nacin 51cdc1719d Docs, see ##19882.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-10 22:49:56 +00:00
ryan 0da56e5c15 Exclude user_url from default user search columns for large networks. fixes #19999
git-svn-id: http://svn.automattic.com/wordpress/trunk@19886 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-09 17:15:24 +00:00
nacin cf22bbb523 Add search_columns arg to WP_User_Query to allow for explicit column choices. Without it, the columns will be detected based on the search term. see #19810.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19882 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-08 21:48:47 +00:00
ryan d23f8fcb48 Match the exact role name when counting users in a role. Props 082net. fixes #12693
git-svn-id: http://svn.automattic.com/wordpress/trunk@19735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-20 16:34:26 +00:00
ryan e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
duck_ 65b840b565 Fix mistakes in parameter documentation and add some missing param docs. See #19756.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-06 18:31:43 +00:00
duck_ 34b7010df8 Fix some mismatching parameter documentation. Props akshayagarwal, linuxologos. See #19756.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-06 11:42:00 +00:00
ryan 83b131f8e3 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
git-svn-id: http://svn.automattic.com/wordpress/trunk@19687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:50:54 +00:00
ryan 616c35e71c One newline is enough.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:10:39 +00:00
nacin dcd09d51eb An empty database prefix is not supported for multisite. <small>Add a sanity check anyway.</small> see #19566.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-30 23:22:09 +00:00
ryan b20fbf6fd1 Assign the full WP_User object to the userdata global. Props scribu. fixes #19595
git-svn-id: http://svn.automattic.com/wordpress/trunk@19624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-21 20:07:54 +00:00
ryan 07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
duck_ 4cf30f3410 is_user_member_of_blog() [no args] should return true for logged in users on single site. $wpdb->blogid is 0, but the current blog ID isn't. Fixes #19160.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-07 23:07:07 +00:00
duck_ e0b10ef8a7 get_blogs_of_user() should return false for logged out and non-existent users on single site. See #19160.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-07 23:05:13 +00:00
nacin 92ba22e537 Use wp_lostpassword_url() instead of site_url(wp-login...). Update wp_lostpassword_url() to use network_site_url(). props markoheijnen, fixes #18808.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-20 14:40:11 +00:00
ryan b957c72f9a Turn is_blog_user() into a wrapper around is_user_member_of_blog() and deprecate. Make user_id optional for is_user_member_of_blog(). Props SergeyBiryukov. fixes #16702
git-svn-id: http://svn.automattic.com/wordpress/trunk@19016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-19 22:35:15 +00:00
nacin a0606b3c93 is_blog_user() is from MU. see #16702.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-19 15:56:05 +00:00
ryan 9d8e281a80 Turn is_blog_user() into a convenience wrapper around get_blogs_of_user(). Fixes is_blog_user() for blog prefixes that do not contain a blog ID. Props SergeyBiryukov. fixes #16702
git-svn-id: http://svn.automattic.com/wordpress/trunk@19004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-19 15:53:14 +00:00
ryan 8306f943dd Avoid warning when creating new users. fixes #18898
git-svn-id: http://svn.automattic.com/wordpress/trunk@18936 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-10 23:14:38 +00:00
nacin 84e4f066df Remove caching from get_blogs_of_user(). Leave caching to usermeta and blog details. Speed up the loops. fixes #15458.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18928 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-10 19:50:08 +00:00
ryan 8f50fdf79a Don't stomp meta fields in wp_update_user(). Props scribu. see #15458
git-svn-id: http://svn.automattic.com/wordpress/trunk@18909 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-07 02:34:41 +00:00
ryan 2f40f0c6fc Do only one empty check. Clean up whitespace. Props SergeyBiryukov. see #15458
git-svn-id: http://svn.automattic.com/wordpress/trunk@18906 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-06 19:13:44 +00:00
ryan 599965885b Avoid Warning: array_keys() expects parameter 1 to be array, boolean given. see #15458
git-svn-id: http://svn.automattic.com/wordpress/trunk@18905 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-06 18:49:38 +00:00