Commit Graph

654 Commits

Author SHA1 Message Date
Sergey Biryukov 956be813b6 Coding Standards: Improve formatting of some SQL queries for better readability.
This corrects the placement of double quotes around the query and makes sure the alignment is consistent.

Props umeshmcakadi, mukesh27, krupalpanchal, dhrumilk, SergeyBiryukov.
Fixes #58372.
Built from https://develop.svn.wordpress.org/trunk@55857


git-svn-id: http://core.svn.wordpress.org/trunk@55369 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-25 12:55:19 +00:00
spacedmonkey 3ac5fd72d0 Networks and Sites: Lazy load site meta.
In [36566] a framework to lazily load metadata was introduced. This supported term and comment meta by default. In this commit, extends support for site ( blog ) meta. Site meta is not heavily used by core and is used by developers to extend multisite. In this change, `_prime_site_caches` and `WP_Site_Query` now call the new function `wp_lazyload_site_meta`. The function `wp_lazyload_site_meta` accepts an array of ids and adds them to the queue of metadata to be lazily loaded. The function `get_blogs_of_user` was updated to now lazily load site meta. 

Follow on from [55671].

Props spacedmonkey, johnjamesjacoby, peterwilsoncc, mukesh27.
Fixes #58185.
Built from https://develop.svn.wordpress.org/trunk@55747


git-svn-id: http://core.svn.wordpress.org/trunk@55259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-11 11:15:24 +00:00
Sergey Biryukov 2ec23a82ed Code Modernization: Replace usage of `strpos()` with `str_starts_with()`.
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).

WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.

While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.

Follow-up to [52039], [52040], [52326].

Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes #58012.
Built from https://develop.svn.wordpress.org/trunk@55703


git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 15:45:22 +00:00
spacedmonkey c1facaa4ce Cache API: Add helper function `wp_cache_set_last_changed`.
Add a helper function called `wp_cache_set_last_changed` to set the last changed value for cache groups. This function has a new action called `wp_cache_set_last_changed`, allowing for developers to cache invalidate when last changed value is changed. 

Props tillkruess, spacedmonkey, peterwilsoncc, mukesh27, johnjamesjacoby. 
Fixes #57905.
Built from https://develop.svn.wordpress.org/trunk@55702


git-svn-id: http://core.svn.wordpress.org/trunk@55214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 11:26:24 +00:00
spacedmonkey 2a82f1527d Users: Cache database queries within `WP_User_Query` class.
Cache the results of database queries within `WP_User_Query` class. Only cache queries that are requesting 3 or less fields so that caches are not storing full user objects. Cache results are stored in a new global cache group named `users-queries`. Add a new parameter to `WP_User_Query` called `cache_results` to allow developers to opt out of a receiving cached results. `cache_results` parameter defaults to true. Also add a new helper function called `wp_cache_set_users_last_changed`, similar to `wp_cache_set_posts_last_changed` that incroments last changed value in cache group `users`.  Ensure that `wp_cache_set_users_last_changed` is called whenever user / user meta is modified for proper cache invalidation. 

Props johnjamesjacoby, spacedmonkey, westi, dd32, strategio, srikanthmeenakshi, OllieJones, khoipro, rjasdfiii, flixos90, mukesh27, peterwilsoncc. 
Fixes #40613.
Built from https://develop.svn.wordpress.org/trunk@55657


git-svn-id: http://core.svn.wordpress.org/trunk@55169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-18 11:50:27 +00:00
audrasjb 1764cee3d1 Login and Registration: Revert [55358] and [55360].
This reverts the changes implemented in [55358] and [55360].

Changeset [55358] was committed to prevent login name collision when one user registers with the email address `user@example.com` and a second user tries to register with the username `user@example.com`. However, it also introduced a potential backward compatibility issues for plugins that use `wp_update_user()`. When updating an existing user, it throws an `existing_user_email_as_login` error if the email address is also used for the user login, due to the code introduced in [55358].

This changeset removes the new scenario added in [55358] and [55360], restoring the `wp_insert_user()` function back to its previous state.

Props polevaultweb, audrasjb, costdev, peterwilsoncc, hellofromTonya, SergeyBiryukov, azaozz.
See #57967, #57394.

Built from https://develop.svn.wordpress.org/trunk@55584


git-svn-id: http://core.svn.wordpress.org/trunk@55096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-03-23 13:54:23 +00:00
audrasjb 34229a4286 Help/About: Avoid extra redirections on HelpHub Links.
This changeset replaces various HelpHub links that have changed to avoid extra 301 redirections.

Props sabernhardt, audrasjb.
See #57726.

Built from https://develop.svn.wordpress.org/trunk@55414


git-svn-id: http://core.svn.wordpress.org/trunk@54947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-23 11:06:19 +00:00
audrasjb 418a21fdbc Help/About: Use the new `/documentation/` URLs for HelpHub links in WordPress Admin.
As `https://wordpress.org/support/` was redirected to `https://wordpress.org/documentation/`, this changeset replaces various `/support/article/*` links with `/documentation/article/*` to avoid an extra redirect.

This also updates links to Support Forums by replacing `https://wordpress.org/support/` URLs with `https://wordpress.org/support/forums/`.

Props SergeyBiryukov, audrasjb, dhrupo, hasanmisbah, sakibmd, sabernhardt.
See #57726.

Built from https://develop.svn.wordpress.org/trunk@55412


git-svn-id: http://core.svn.wordpress.org/trunk@54945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-23 10:38:21 +00:00
audrasjb 57d8df8ab1 Users: Fix confirmation link for multisite users with no role.
This fixes a regression introduced in [41163], where the link in change confirmation emails for users with no roles in a multisite install was incorrect, causing them to be unable to change their email address. This changeset replaces `admin_url()` with `self_admin_url()` to restore the previous fix.

Follow-up to [38876], [40632], [41165], [41163].

Props roytanck, SergeyBiryukov, johnbillion, afrin29.
Fixes #57164.

Built from https://develop.svn.wordpress.org/trunk@55396


git-svn-id: http://core.svn.wordpress.org/trunk@54929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-21 15:55:19 +00:00
Sergey Biryukov db71029a47 Users: Correct the error code in `wp_insert_user()` when login matches an existing email.
Move the test next to the other tests for `user_login`.

Follow-up to [55358].

See #57394.
Built from https://develop.svn.wordpress.org/trunk@55360


git-svn-id: http://core.svn.wordpress.org/trunk@54893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-17 10:15:22 +00:00
Adam Silverstein 1b873c8a19 Login and Registration: prevent registering with username that matches previous user email.
When registering a new user, check that no existing user has an email matching the username.

Prevents a login name collision when one user registers with the email address user@test.com and a second user tries to register with the username user@test.com.

Props buutqn, dunhakdis, roytanck, ajayver.
Fixes #57394.


Built from https://develop.svn.wordpress.org/trunk@55358


git-svn-id: http://core.svn.wordpress.org/trunk@54891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-17 08:10:22 +00:00
Sergey Biryukov bc0c01b1ac Login and Registration: Set correct default values in `wp_signon()`.
The `$credentials['user_login']` and `$credentials['user_password']` parameters are passed by reference to the `wp_authenticate` action, and are at that point [https://www.php.net/manual/en/language.references.pass.php#124383 created as null] if they don't exist in the array.

This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices:
 * One from `preg_replace()` in `wp_strip_all_tags()` via `sanitize_user()` in `wp_authenticate()`:
{{{
Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
 * One from `trim()` in `wp_authenticate()` itself:
{{{
Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated
}}}

Includes documenting the `$credentials` parameter using hash notation.

Follow-up to [6643], [37697].

Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov.
Fixes #56850.
Built from https://develop.svn.wordpress.org/trunk@55301


git-svn-id: http://core.svn.wordpress.org/trunk@54834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-09 01:31:22 +00:00
Pascal Birchler 5edb22187d I18N: Introduce `switch_to_user_locale()`.
This new function makes it easier to switch to a specific user’s locale by reducing duplicate code and storing the user’s ID as additional context for plugins to consume. Existing usage of `switch_to_locale()` in core has been replaced with `switch_to_user_locale()` where appropriate.

Also, this change ensures `WP_Locale_Switcher` properly filters `determine_locale` so that anyyone using the `determine_locale()` function will get the correct locale information when switching is in effect.

Props costdev.
Fixes #57123.
See #26511.
Built from https://develop.svn.wordpress.org/trunk@55161


git-svn-id: http://core.svn.wordpress.org/trunk@54694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-30 10:27:16 +00:00
Sergey Biryukov 35e349ee16 Code Modernization: Rename parameters that use reserved keywords in `wp-includes/user.php`.
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.

This commit renames the `$global` parameter to `$is_global` in:
* `update_user_option()`
* `delete_user_option()`

Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927], [54929], [54930], [54931], [54932], [54933], [54938], [54943], [54944], [54945], [54946], [54947], [54948], [54950], [54951], [54952], [54956], [54959], [54960], [54961], [54962], [54964], [54965], [54969], [54970], [54971], [54972], [54996], [55000], [55011], [55013], [55014].

Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@55015


git-svn-id: http://core.svn.wordpress.org/trunk@54548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-24 14:33:14 +00:00
audrasjb 01102b3d6e Docs: Improve various globals documentation, as per documentation standards.
Props upadalavipul.
See #57069, #56792.

Built from https://develop.svn.wordpress.org/trunk@54953


git-svn-id: http://core.svn.wordpress.org/trunk@54505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-09 11:54:13 +00:00
spacedmonkey aec68c417e Users: Clear the user_meta cache when `clean_user_cache` function is called.
Unlike other clean cache functions like `clean_post_cache`, `clean_user_cache` did not also clear user meta caches. This is inconsistent and can result in some strange side effects. Update the `clean_user_cache` function to also clear user meta caches when called. 

Props dd32, spacedmonkey, peterwilsoncc.
Fixes #54316.
Built from https://develop.svn.wordpress.org/trunk@54940


git-svn-id: http://core.svn.wordpress.org/trunk@54492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-06 13:54:15 +00:00
Sergey Biryukov 3ba44120d0 Coding Standards: Always use parentheses when instantiating an object.
Note: This will be enforced by WPCS 3.0.0.

Props jrf.
See #56791.
Built from https://develop.svn.wordpress.org/trunk@54891


git-svn-id: http://core.svn.wordpress.org/trunk@54443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-29 15:51:14 +00:00
audrasjb 97d2dac330 Docs: Typo correction in `wp_dropdown_users()` docblock.
Props aleksganev.
See #56792.

Built from https://develop.svn.wordpress.org/trunk@54738


git-svn-id: http://core.svn.wordpress.org/trunk@54290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-01 10:42:17 +00:00
Sergey Biryukov 13cca70167 Users: Fetch user by login in `retrieve_password()` if not found by email.
This ensures that sending a password reset link works as expected if the user's login and email were initially the same, but the email address was subsequently updated and no longer matches the login, which is still set to the old address.

Follow-up to [6643], [18513], [19056], [37474], [50129], [50140].

Props donmhico, pbearne, azouamauriac, boblindner, daxelrod, audrasjb, SergeyBiryukov.
Fixes #53634.
Built from https://develop.svn.wordpress.org/trunk@54477


git-svn-id: http://core.svn.wordpress.org/trunk@54036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-11 13:45:13 +00:00
Peter Wilson b879d04354 Users: Revert use of shared objects for current user.
Reverts [50790].

Props oztaser, ravipatel, dd32, costdev, SergeyBiryukov, tykoted, cu121, xknown.
Fixes #54984.


Built from https://develop.svn.wordpress.org/trunk@54397


git-svn-id: http://core.svn.wordpress.org/trunk@53956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-06 04:38:14 +00:00
Sergey Biryukov abf66fa018 Users: Correctly pass the `context` property for persisted preferences.
The user meta `context` property in `wp_register_persisted_preferences_meta()` was incorrectly configured. It should be part of the `schema` array, not the `show_in_rest` array.

Follow-up to [54182].

Props talldanwp, dd32.
Fixes #56665. See #56467.
Built from https://develop.svn.wordpress.org/trunk@54329


git-svn-id: http://core.svn.wordpress.org/trunk@53888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-27 15:23:10 +00:00
Sergey Biryukov 7049f79f97 Users: Make `wp_list_authors()` and `wp_list_users()` filterable.
This commit adds three filters to customize the `wp_list_authors()` and `wp_list_users()` output:

* `wp_list_authors_args`: Filters the query arguments for the list of all authors of the site.
* `pre_wp_list_authors_post_counts_query`: Filters whether to short-circuit performing the query for author post counts. This may be useful to account for custom post types or post statuses. 
* `wp_list_users_args`: Filters the query arguments for the list of all users of the site.

Follow-up to [979], [3848], [5135], [5727], [31653], [52064], [53486], [53501].

Props kevinB, wonderboymusic, DrewAPicture, Mte90, audrasjb, rafiahmedd, costdev, nacin, afercia, chetan200891, hellofromTonya, TimothyBlynJacobs, chaion07, SergeyBiryukov.
Fixes #17025.
Built from https://develop.svn.wordpress.org/trunk@54262


git-svn-id: http://core.svn.wordpress.org/trunk@53821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-20 16:26:10 +00:00
hellofromTonya 8c85dde1c6 Editor: Persist preferences in user meta.
Adds a new feature to persist editor UI preferences between page loads and browsers.

* Adds a new preferences persistence API.
* Saves editor preferences in user meta instead of in browser's local storage.

Why?
Due to the transient nature of browser storage, this persistence is not as sticky as it is expected to be, including: switching browsers (unique storage between browsers), or using private browsing tabs (storage cleared between sessions), or the same user across a network of sites (storage unique by domain).

This is a backport from Gutenberg.[https://github.com/WordPress/gutenberg/pull/39795 See WordPress/gutenberg PR 39795].

Props talldanwp, youknowriad, noisysocks, mamaduka, costdev, ironprogrammer, hellofromTonya.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54182


git-svn-id: http://core.svn.wordpress.org/trunk@53741 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-15 16:45:40 +00:00
John Blackbourn 1d4e72c798 Docs: Correct and improve the documented types for various functions and hooks.
See #55646

Built from https://develop.svn.wordpress.org/trunk@53877


git-svn-id: http://core.svn.wordpress.org/trunk@53436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-11 14:03:09 +00:00
Sergey Biryukov df054f2dae Cache API: Validate cache key in `WP_Object_Cache` methods.
Some plugins may call the `wp_cache_*()` functions with an empty string, `false`, or `null` as cache key, usually as a result of not checking the return value of another function that's used as the key.

Previously, this was silently failing, leading to odd behavior at best and often breakage due to key collisions.

A valid cache key must be either an integer number or a non-empty string.

This commit introduces a quick type check on the given cache keys and adds a `_doing_it_wrong()` message that should help plugin developers to notice these issues quicker.

Includes:
* A check in `update_user_caches()` and `clean_user_cache()` to make sure user email is not empty before being cached or removed from cache, as it is technically possible to create a user with empty email via `wp_insert_user()`.
* Some minor cleanup in unit tests where the email was passed to `wp_insert_user()` incorrectly or was unintentionally reset.

Props tillkruess, malthert, dd32, spacedmonkey, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #56198.
Built from https://develop.svn.wordpress.org/trunk@53818


git-svn-id: http://core.svn.wordpress.org/trunk@53377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-03 14:36:12 +00:00
Sergey Biryukov 3f74637dfe I18N: Use a translatable string for displaying a user's first name and last name.
That allows locales to switch the order of the first name and last name, should they prefer to do so.

The string was previously used in `wp_insert_user()` and is now reused in other places for consistency:

* `WP_MS_Users_List_Table::column_name()`​
* `WP_Users_List_Table::column_name()​`
* `wp_list_authors()`
* `wp_list_users()`

Note: This also removes the `wp_list_author_full_name` filter, introduced for the same purpose in `wp_list_authors()`, as redundant for now.

Follow-up to [53486].

See #17025.
Built from https://develop.svn.wordpress.org/trunk@53501


git-svn-id: http://core.svn.wordpress.org/trunk@53090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-14 14:43:12 +00:00
audrasjb bbe60d66c3 Text Changes: Improve consistency of admin error notices.
This changeset replaces `<strong>Error</strong>:` with `<strong>Error:</strong>`, for better consistency.

Props transl8or, mihaidumitrascu, audrasjb.
Fixes #50785.

Built from https://develop.svn.wordpress.org/trunk@53458


git-svn-id: http://core.svn.wordpress.org/trunk@53047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-02 15:05:13 +00:00
Sergey Biryukov 01d172b581 General: Replace all `esc_url_raw()` calls in core with `sanitize_url()`.
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.

Follow-up to [11383], [13096], [51597], [53452].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes #55852.
Built from https://develop.svn.wordpress.org/trunk@53455


git-svn-id: http://core.svn.wordpress.org/trunk@53044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-01 18:14:10 +00:00
audrasjb c5a34f9397 Docs: Misc. Docblocks improvements in the Core User API.
See #54729.

Built from https://develop.svn.wordpress.org/trunk@53179


git-svn-id: http://core.svn.wordpress.org/trunk@52768 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-14 07:08:08 +00:00
audrasjb 050a2947cf Users: Update parameters passed to the new `send_retrieve_password_email` and `retrieve_password_notification_email` filters.
For consistency with some similar filters like `send_password_change_email` or `send_email_change_email`, and for more flexibility, pass `$user_login` and `$user_data` parameters directly to the new `send_retrieve_password_email` and `retrieve_password_notification_email` filters.

Follow-up to [52604], [52605], [52606], [52607].

Props SergeyBiryukov, costdev, peterwilsoncc.
Fixes #54690.

Built from https://develop.svn.wordpress.org/trunk@53178


git-svn-id: http://core.svn.wordpress.org/trunk@52767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-14 06:24:10 +00:00
Sergey Biryukov 9fb5112732 Docs: Add missing description for `$pagenow` global in various functions.
See #54729, #55499.
Built from https://develop.svn.wordpress.org/trunk@53060


git-svn-id: http://core.svn.wordpress.org/trunk@52649 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-04 18:26:06 +00:00
Sergey Biryukov 8dc9fafcb6 Users: Move `get_user_count()` and related functions to `wp-includes/user.php`.
The new location is next to the pre-existing `count_users()` function, along with other user-specific functions, and should be a more appropriate place in terms of consistency.

This affects:
* `get_user_count()`
* `wp_maybe_update_user_counts()`
* `wp_update_user_counts()`
* `wp_schedule_update_user_counts()`
* `wp_is_large_user_count()`

Follow-up to [53011], [53016].

See #38741.
Built from https://develop.svn.wordpress.org/trunk@53018


git-svn-id: http://core.svn.wordpress.org/trunk@52607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-29 13:53:14 +00:00
audrasjb 223cda987f Administration: Replace contracted verb forms for better consistency.
This changeset replaces contracted verb forms like `doesn't`, `can't`, or `isn't` with non-contracted forms like `does not`, `cannot`, or `is not`, for better consistency across the WordPress administration. It also updates some corresponding unit tests strings.

Props Presskopp, socalchristina, aandrewdixon, francina, SergeyBiryukov, JeffPaul, audrasjb, hellofromTonya.
Fixes #38913.
See #39176.

Built from https://develop.svn.wordpress.org/trunk@52978


git-svn-id: http://core.svn.wordpress.org/trunk@52567 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-22 16:25:03 +00:00
davidbaumwald 35c5e74706 Users: Check maximum length of `user_nicename` after filters are applied.
Similar to other checks on `user_login` and `user_url`, this change moves the maximum length check on `user_nicename` after the `pre_user_nicename` filter has been applied, to account for any changes to the value prior to saving.

Props SergeyBiryukov, ravipatel, muhammadfaizanhaidar, mukesh27, csesumonpro, azouamauriac.
Fixes #54987.
Built from https://develop.svn.wordpress.org/trunk@52954


git-svn-id: http://core.svn.wordpress.org/trunk@52543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-18 20:44:01 +00:00
Sergey Biryukov b3aae615bb Users: Return a `WP_Error` from `wp_insert_user()` if the `user_url` field is too long.
The `user_url` database field only allows up to 100 characters, and if the value is longer than that, the function should return a proper error message instead of silently failing.

This complements similar checks for `user_login` and `user_nicename` fields.

Follow-up to [45], [1575], [32299], [34218], [34626].

Props mkox, sabernhardt, tszming, SergeyBiryukov.
Fixes #44107.
Built from https://develop.svn.wordpress.org/trunk@52650


git-svn-id: http://core.svn.wordpress.org/trunk@52239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-29 14:25:03 +00:00
Sergey Biryukov f8c10a28f5 Users: Revert the variable change in [52606] that caused the tests to fail.
Follow-up to [52604-52606].

Props audrasjb.
See #54690.
Built from https://develop.svn.wordpress.org/trunk@52607


git-svn-id: http://core.svn.wordpress.org/trunk@52195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-19 13:39:01 +00:00
Sergey Biryukov 3bc7449859 Docs: Further update the `send_retrieve_password_email` filter documentation for consistency.
Follow-up to [52604], [52605].

See #54690.
Built from https://develop.svn.wordpress.org/trunk@52606


git-svn-id: http://core.svn.wordpress.org/trunk@52194 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-19 13:18:00 +00:00
audrasjb 0dcc9fd03a Docs: Docblocks consistency fixes after [52604].
Follow-up to [52604].

Fixes #54690.

Built from https://develop.svn.wordpress.org/trunk@52605


git-svn-id: http://core.svn.wordpress.org/trunk@52193 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-19 12:42:01 +00:00
audrasjb e87e3dcf58 Users: Add new hooks to filter retrieve password emails.
This change introduces two new hooks to help developers to filter retrieve password emails:

- `send_retrieve_password_email` can be used to filter whether to send the retrieve password email;
- `retrieve_password_notification_email` can be used to filter the contents of the reset password notification email sent to the user.

This changesets also adds unit tests for these new filters.

Props connapptivity, costdev, audrasjb, johnbillion.
Fixes #54690.

Built from https://develop.svn.wordpress.org/trunk@52604


git-svn-id: http://core.svn.wordpress.org/trunk@52192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-19 12:17:01 +00:00
hellofromTonya 28b0710360 Application Passwords: Show HTTPS required message without filtering when not enabled or not in local environment.
When `add_filter( 'wp_is_application_passwords_available', '__return_false' )` exists, HTTPS requirement message is shown even if HTTPS is enabled on the site. This happens because `wp_is_application_passwords_available_for_user()` first invokes `wp_is_application_passwords_available()` which is filterable. The situation could happen if the `'wp_is_application_passwords_available_for_user'` filter returns `false`.

To fix this, the check for HTTPS (or if in a 'local' environment) is moved to a new function called `wp_is_application_passwords_supported()`. Then the return from this function is used as an OR condition for the Application Passwords section and for displaying the HTTPS required message.

Tests are included for both `wp_is_application_passwords_supported()` and `wp_is_application_passwords_available()`.

Follow-up to [51980], [51988].

Props davidbinda, SergeyBiryukov, ocean90, felipeelia, costdev, hellofromTonya.
Fixes #53658.
Built from https://develop.svn.wordpress.org/trunk@52398


git-svn-id: http://core.svn.wordpress.org/trunk@51990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-21 02:45:03 +00:00
Sergey Biryukov 3beb1d25ab Docs: Correct the format of some comments per the documentation standards.
Follow-up to [10357], [10939], [43309], [51003], [51266], [51653], [51738], [52110].

See #53399.
Built from https://develop.svn.wordpress.org/trunk@52352


git-svn-id: http://core.svn.wordpress.org/trunk@51944 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-10 20:30:05 +00:00
Sergey Biryukov ea201ced16 Coding Standards: Revert unrelated change to `wp_send_user_request()`.
This fixes a mix of tabs and spaces in the email template. Spaces inside a string are not considered WPCS errors, and are not required to be converted to tabs.

Follow-up to [52060], [52063].

See #43700.
Built from https://develop.svn.wordpress.org/trunk@52076


git-svn-id: http://core.svn.wordpress.org/trunk@51668 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 16:22:58 +00:00
hellofromTonya 0fd9ad6c2f Login and Registration: Improve "email already exists" registration error message.
Adds the `wp_login_url()` login link to the Error message to be more helpful to users when their user email already is registered.

Improves the error message to more clearly communicate next step.

Follow-up to [16009], [22124], [31963].

Props andynick, costdev, dansoschin, sabernhardt, webcommsat.
Fixes #53631.
Built from https://develop.svn.wordpress.org/trunk@52074


git-svn-id: http://core.svn.wordpress.org/trunk@51666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 15:28:59 +00:00
hellofromTonya c610440f46 Users: Introduce `wp_list_users()` function.
Introduces a new function called `wp_list_users()`. Similar to other list functions such as `wp_list_authors()`, it lists all the users of the site. Options are available to configure the HTML output.

Following the same pattern of the other list functions, the list's HTML output is rendered by default. Setting the `echo` argument to `false`, returns the list's HTML output.

A new test class is included.

Props afercia, audrasjb, chriscct7, costdev, desrosj, greenshady, hellofromTonya, mte90, nacin, rohan013, sergeybiryukov.
Fixes #15145.
Built from https://develop.svn.wordpress.org/trunk@52064


git-svn-id: http://core.svn.wordpress.org/trunk@51656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 00:23:58 +00:00
joedolson 98cb0591eb Coding Standards: PHP Code style errors.
Fixes coding standards issues.

Follow up to [52060].

See #43700.
Built from https://develop.svn.wordpress.org/trunk@52063


git-svn-id: http://core.svn.wordpress.org/trunk@51655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 00:01:57 +00:00
joedolson d00b86ff06 I18N: Add language switcher on login/registration screens.
Load a language switcher on the login and registration screens that allows users to choose any already-installed language. Set user locale on registration.

Props johnbillion, Nikschavan, afercia, sabernhardt, garrett-eclipse, keyur5, paaljoachim, Clorith, tobifjellner.
Fixes #43700.
Built from https://develop.svn.wordpress.org/trunk@52058


git-svn-id: http://core.svn.wordpress.org/trunk@51650 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-08 22:37:59 +00:00
Pascal Birchler a225165010 Role/Capability: Add support for capability queries in `WP_User_Query`.
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:

* `capability` 
* `capability__in`
* `capability__not_in`

These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.

Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:

* all users with a role that has this capability
* all users with the capability being assigned directly

Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.

The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.

Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.

This updates any usage of `'who' => 'authors'` in core to use capability queries instead.

Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.

Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.

Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.

Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes #16841.

Built from https://develop.svn.wordpress.org/trunk@51943


git-svn-id: http://core.svn.wordpress.org/trunk@51532 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-10-27 18:43:57 +00:00
John Blackbourn 25da00ea81 Users: Introduce a `meta_input` argument for `wp_insert_user()`.
This allows custom user meta values to be provided when creating or updating a user in the same way custom post meta can be provided to `wp_insert_post()` when creating or updating a post.

Also introduces the `insert_custom_user_meta` to filter these values.

Props desrosj, donmhico

Fixes #41950

Built from https://develop.svn.wordpress.org/trunk@51738


git-svn-id: http://core.svn.wordpress.org/trunk@51346 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-09-07 21:31:55 +00:00
hellofromTonya c7d3e267b8 Coding Standards: Use static closures when not using `$this`.
When a closure does not use `$this`, it can be made `static` for improved performance.

Static closures are supported in PHP since PHP 5.4. ​

Props jrf, hellofromTonya, swissspidy, SergeyBiryukov.
See #53359.
Built from https://develop.svn.wordpress.org/trunk@51657


git-svn-id: http://core.svn.wordpress.org/trunk@51263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-08-26 12:59:02 +00:00
desrosj f2b3c983f6 Docs: Various documentation fixes following [51129].
- Typo corrections in filter descriptions.
- DocBlocks are now now wrapped to the next line after 80 characters, and not extending beyond 120 total characters wide.
- Remove unnecessary repeated references to the suggested replacement hooks.
- Adjustments to the indentation for consistency with other emails in Core, allowing the `phpcs:ignore` comment to be removed.

Props SergeyBiryukov.
Fixes #44314.
Built from https://develop.svn.wordpress.org/trunk@51410


git-svn-id: http://core.svn.wordpress.org/trunk@51021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-07-13 00:02:57 +00:00