Commit Graph

243 Commits

Author SHA1 Message Date
John Blackbourn 337444a837 Updates to the 'Log out everywhere' implementation.
* Include a message and a disabled button when you're only logged in at one location.
 * Avoid leaking the session token in HTML.
 * Simplify, simplify, simplify.

Merges [30888] to the 4.1 branch.

Fixes #30264.

Built from https://develop.svn.wordpress.org/branches/4.1@30895


git-svn-id: http://core.svn.wordpress.org/branches/4.1@30885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-16 12:53:24 +00:00
John Blackbourn bdd00b3902 Improve various hook and filter docs so they are correctly parsed for the code reference.
Fixes #30558
Props DrewAPicture

Built from https://develop.svn.wordpress.org/trunk@30754


git-svn-id: http://core.svn.wordpress.org/trunk@30744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-06 21:32:24 +00:00
John Blackbourn 9b9424aa77 Admin help text changes for the General Settings screen, post editing screen, network settings screen, and user editing screen.
Fixes #30547
Props kpdesign

Built from https://develop.svn.wordpress.org/trunk@30705


git-svn-id: http://core.svn.wordpress.org/trunk@30695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-02 05:15:23 +00:00
Drew Jaynes 2faf449f51 Docs Formatting: Backtick-escape inline code for all dynamic hook docs in wp-admin/*.
Also includes some changes to move hook docs to directly precede hook lines. This is necessary to prevent DocBlock-matching confusion when core is parsed.

Affects DocBlocks for the following hooks:
* `wp_ajax_ . $_REQUEST['action']`
* `wp_ajax_nopriv_ . $_REQUEST['action']`
* `admin_footer- . $GLOBALS['hook_suffix']`
* `admin_head-$hook_suffix`
* `admin_post_nopriv_{$action}`
* `admin_post_{$action}`
* `load-  . $page_hook`
* `load- . $plugin_page`
* `load-importer- . $importer`
* `load- . $pagenow`
* `admin_action_ . $_REQUEST['action']`
* `async_upload_{$type}`
* `add_meta_boxes_ . $post_type`
* `{$taxonomy}_pre_edit_form`
* `{$taxonomy}_term_edit_form_tag`
* `{$taxonomy}_edit_form_fields`
* `{$taxonomy}_edit_form`
* `after-{$taxonomy}-table`
* `{$taxonomy}_pre_add_form`
* `{$taxonomy}_term_new_form_tag`
* `{$taxonomy}_add_form_fields`
* `{$taxonomy}_add_form`
* `media_upload_$type`
* `media_upload_$tab`
* `install_plugins_pre_$tab`
* `install_plugins_$tab`
* `install_themes_pre_{$tab}`
* `install_themes_{$tab}`
* `update-core-custom_{$action}`
* `update-custom_{$action}`
* `user_{$name}_label`

See #30552.

Built from https://develop.svn.wordpress.org/trunk@30649


git-svn-id: http://core.svn.wordpress.org/trunk@30639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 11:42:24 +00:00
Drew Jaynes 74175fb08c Document the `$user_id` parameter added to the 'admin_color_scheme_picker' hook in 3.8.1.
Props Ipstenu.
Fixes #30551.

Built from https://develop.svn.wordpress.org/trunk@30632


git-svn-id: http://core.svn.wordpress.org/trunk@30622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 05:42:23 +00:00
Helen Hou-Sandí c83f96ec61 Sessions UI: Ensure screen readers provide feedback on action taken.
Also fixes some invalid HTML that occurs on DOM changes.

props joedolson.
fixes #30364.

Built from https://develop.svn.wordpress.org/trunk@30504


git-svn-id: http://core.svn.wordpress.org/trunk@30493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-21 16:25:23 +00:00
Dominik Schilling 4a1cb796fc Improvements to [30333]:
* Move `.hide-if-no-js` class to table row
* Add a wrapper class
* Add missing translators comment

see #30264.
Built from https://develop.svn.wordpress.org/trunk@30334


git-svn-id: http://core.svn.wordpress.org/trunk@30333 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-13 15:54:20 +00:00
John Blackbourn c02845330e Introduce a button on the user profile screen which clears all other sessions, and on the user editing screen which clears all sessions. Only appears when there are applicable sessions which can be cleared.
See #30264.
Props jorbin, ocean90, johnbillion


Built from https://develop.svn.wordpress.org/trunk@30333


git-svn-id: http://core.svn.wordpress.org/trunk@30332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-13 15:21:21 +00:00
John Blackbourn b1ba80de87 Rename `_wp_password_hint()` to `_wp_get_password_hint()` to bring it inline with core terminology. Fixes #21243.
Built from https://develop.svn.wordpress.org/trunk@30033


git-svn-id: http://core.svn.wordpress.org/trunk@30033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-26 23:30:18 +00:00
John Blackbourn f74f20ab7f Add labels to the Personal Options input fields on the user profile editing screen. Fixes #30101. Props Ankit K Gupta
Built from https://develop.svn.wordpress.org/trunk@30027


git-svn-id: http://core.svn.wordpress.org/trunk@30027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-26 21:29:19 +00:00
Sergey Biryukov 0eb758720a Move password hint text to a function. Add 'password_hint' filter.
props convissor.
fixes #21243.
Built from https://develop.svn.wordpress.org/trunk@29962


git-svn-id: http://core.svn.wordpress.org/trunk@29709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-18 20:21:18 +00:00
Sergey Biryukov a47214cfa6 Use a more consistent markup on taxonomy and user screens.
props paulwilde.
fixes #29842.
Built from https://develop.svn.wordpress.org/trunk@29820


git-svn-id: http://core.svn.wordpress.org/trunk@29586 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-02 19:40:16 +00:00
Sergey Biryukov eccf8e1a12 Add classes to form containers on Edit User screen.
props jarednova.
fixes #29348.
Built from https://develop.svn.wordpress.org/trunk@29804


git-svn-id: http://core.svn.wordpress.org/trunk@29571 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-02 00:56:16 +00:00
John Blackbourn be12ea968a Implement email and url input types where appropriate. Props Kau-Boy. Fixes #22183.
Built from https://develop.svn.wordpress.org/trunk@29030


git-svn-id: http://core.svn.wordpress.org/trunk@28818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-08 17:52:14 +00:00
Scott Taylor b9afafffe3 `hackificator` complains if you call `include 'file.php'` without the parens, needs to be `include( 'file.php' )`
See #27881.

Built from https://develop.svn.wordpress.org/trunk@28479


git-svn-id: http://core.svn.wordpress.org/trunk@28306 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-18 20:52:15 +00:00
Andrew Nacin 0331d62fef Fix LTR field handling:
* Restore .ltr class lost in the conversion to RTL as a build process.
 * Make email and url inputs always LTR.
 * Set an email field on user-edit to be LTR.

props MikeHansenMe, yoavf for initial patches.
fixes #26824.

Built from https://develop.svn.wordpress.org/trunk@27743


git-svn-id: http://core.svn.wordpress.org/trunk@27580 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-26 17:12:14 +00:00
Andrew Nacin dce0b9adea Use SSL when linking to WordPress.org. see #27115.
Built from https://develop.svn.wordpress.org/trunk@27469


git-svn-id: http://core.svn.wordpress.org/trunk@27314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-08 04:14:15 +00:00
Sergey Biryukov 5d3e652c23 Add Oxford comma to password hint.
props trepmal.
fixes #26457.
Built from https://develop.svn.wordpress.org/trunk@27246


git-svn-id: http://core.svn.wordpress.org/trunk@27103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-24 23:31:15 +00:00
Andrew Nacin 59f86351c9 Use get_current_user_id() instead of $user_ID in user-edit.php.
props kovshenin.
fixes #26274.

Built from https://develop.svn.wordpress.org/trunk@27069


git-svn-id: http://core.svn.wordpress.org/trunk@26942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-02 10:04:13 +00:00
Andrew Ozz 90403aed4b Deprecate rich_edit_exists(). It doesn't make sense to support deleting the TinyMCE directory when we have auto-updates. Fixes #26786.
Built from https://develop.svn.wordpress.org/trunk@26933


git-svn-id: http://core.svn.wordpress.org/trunk@26814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-13 00:00:12 +00:00
Helen Hou-Sandí 60f3e98d51 Pass the $user_id to the `admin_color_scheme_picker` hook for context. props nacin. see #26607 for trunk.
Built from https://develop.svn.wordpress.org/trunk@26924


git-svn-id: http://core.svn.wordpress.org/trunk@26805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-08 21:49:10 +00:00
Drew Jaynes 077afc8d48 Fix a copy/paste error in the 'show_user_profile' hook description in wp-admin/user-edit.php.
Props neoxx.
Fixes #26597.

Built from https://develop.svn.wordpress.org/trunk@26907


git-svn-id: http://core.svn.wordpress.org/trunk@26790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-01-05 18:58:11 +00:00
Andrew Ozz 8d6059b383 Remove all screen_icon() calls and deprecate the functions, props TobiasBg, fixes #26119
Built from https://develop.svn.wordpress.org/trunk@26518


git-svn-id: http://core.svn.wordpress.org/trunk@26411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-02 03:53:11 +00:00
Drew Jaynes ee8aa9ee4c Inline documentation for hooks in wp-admin/user-new.php & wp-admin/user-edit.php.
Also fixes one parameter type in wp-includes/user.php.

Fixes #25726.

Built from https://develop.svn.wordpress.org/trunk@26493


git-svn-id: http://core.svn.wordpress.org/trunk@26387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-01 01:35:10 +00:00
Mark Jaquith 22c6024f9e Remove unnecessarily gendered pronouns.
fixes #26225

Built from https://develop.svn.wordpress.org/trunk@26368


git-svn-id: http://core.svn.wordpress.org/trunk@26269 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-25 02:05:10 +00:00
Matt Thomas fe476702fc Make password inputs on profile.php match the width of other text inputs. Fixes #26079, props johnbillion.
Built from https://develop.svn.wordpress.org/trunk@26253


git-svn-id: http://core.svn.wordpress.org/trunk@26159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-18 21:31:09 +00:00
Andrew Nacin fd57b239d2 Don't rely on include_path to include files.
Always use dirname() or, once available, ABSPATH.

props ketwaroo, hakre.
fixes #17092.

Built from https://develop.svn.wordpress.org/trunk@25616


git-svn-id: http://core.svn.wordpress.org/trunk@25533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-25 00:18:11 +00:00
Andrew Nacin 00c545606e Introduce wp_get_user_contact_methods() as a public version of _wp_get_user_contactmethods.
props johnnyb.
fixes #24273.

Built from https://develop.svn.wordpress.org/trunk@25606


git-svn-id: http://core.svn.wordpress.org/trunk@25523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-24 18:14:09 +00:00
Scott Taylor 988caeb9a7 Check `$profileuser->rich_editing` for empty before using it in Edit User admin code.
Props sorich87, c3mdigital.
Fixes #17328.


Built from https://develop.svn.wordpress.org/trunk@25330


git-svn-id: http://core.svn.wordpress.org/trunk@25292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 22:49:08 +00:00
Mark Jaquith bd94dc655c Combat Chrome's insanely aggressive user/pass autofilling ಠ_ಠ
Chrome now ignores `autocomplete="off"` in <input>, so this hack uses
a hidden, non-named, non-empty input, right before the password field.

see #24364. props azaozz, nacin, bobbingwide, aaroncampbell.

git-svn-id: http://core.svn.wordpress.org/trunk@24552 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-03 21:24:02 +00:00
Mark Jaquith 5b8aad1039 Rejigger some whitespace in anticipation of a fix for #24364.
see #24364

git-svn-id: http://core.svn.wordpress.org/trunk@24551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-03 21:23:55 +00:00
Dominik Schilling 2446c80c49 Add a label to the second password field on User New and User Edit screen. props MikeHansenMe. fixes #20294.
git-svn-id: http://core.svn.wordpress.org/trunk@24531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-30 11:13:34 +00:00
Andrew Nacin cfa947193f Revert [24291] pending further discussion and sleuthing. see #24364.
git-svn-id: http://core.svn.wordpress.org/trunk@24317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-22 18:37:43 +00:00
Andrew Ozz dbda48bd2a Fix Chrome disregarding autocomplete="off" for password fields. Add autocomplete="off" to forms where the users can choose new password. Fixes #24364.
git-svn-id: http://core.svn.wordpress.org/trunk@24291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-18 22:56:21 +00:00
Ryan Boren 5a15e5364d Remove obsolete TODO.
Props wonderboymusic
fixes #11635


git-svn-id: http://core.svn.wordpress.org/trunk@24247 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-14 12:44:44 +00:00
Ryan Boren d967428a04 Cleanup additional capabilities display in user-edit.php. Mark a string for translation.
Props johnjamesjacoby, SergeyBiryukov
fixes #14267


git-svn-id: http://core.svn.wordpress.org/trunk@23737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-18 13:27:57 +00:00
Ryan Boren 09d2c65970 Always wp_unslash() the return of wp_get_referer().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23570 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 17:20:32 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Nacin 83e0ce2ac1 Remove unused variables reset by wp_reset_vars(). Many of these haven't been used since b2. see #21767.
git-svn-id: http://core.svn.wordpress.org/trunk@23445 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-16 18:28:41 +00:00
Ryan Boren cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov e9eb36face Only show "There is a pending change of your e-mail..." message on the current user's profile page. fixes #23146.
git-svn-id: http://core.svn.wordpress.org/trunk@23364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-01 01:50:19 +00:00
Andrew Nacin fa76d11e93 As wp_dropdown_roles() only prints editable roles, ensure that the
"selected" role passed into it on the user-edit screen is editable.

props johnjamesjacoby. see #22361.



git-svn-id: http://core.svn.wordpress.org/trunk@22687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-19 19:23:54 +00:00
Ryan Boren 75a9ce4b37 Remove unnecessary label. Props waclawjacek. fixes #17978
git-svn-id: http://core.svn.wordpress.org/trunk@21927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-20 13:59:39 +00:00
Ryan Boren 9e9d4ebd50 Allow granting the network admin email user super admin. Props JustinSainton, garyc40. fixes #16629
git-svn-id: http://core.svn.wordpress.org/trunk@21925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-20 13:50:35 +00:00
Ryan Boren cbd6a8becd Allow passing stdClass and WP_User to wp_insert_user() and wp_update_user(). Introduce WP_User::to_array(). Eliminate uses of get_object_vars() when passing to wp_*_user(). fixes #21429
git-svn-id: http://core.svn.wordpress.org/trunk@21496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-10 15:36:54 +00:00
ryan 7b49ad8493 Introduce get_edit_user_link(). Props scribu, georgestephanis, johnbillion. fixes #14787 see #20307
git-svn-id: http://core.svn.wordpress.org/trunk@21364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-30 18:30:03 +00:00
nacin a9ee3b61f5 Remove charset attribute from script elements. props neoxx, fixes #21146.
git-svn-id: http://core.svn.wordpress.org/trunk@21204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-03 13:27:14 +00:00
azaozz 9855eccd45 Do not clear the old values in "Display name publicly as" drop-down on the user profile screen, append new values there when the user changes any of20747 the name fields, fixes #20747
git-svn-id: http://core.svn.wordpress.org/trunk@20964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-30 21:54:33 +00:00
nacin 8c841df86d Revert type="email" (HTML5) as some browsers that do validation on these fields do not work for IDN domains yet. Core does not support these well either, but server-side validation can at least be dealt with by a plugin. see #17863.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-15 18:09:14 +00:00
azaozz f3b63e4537 Set proper HTML5 input types in the admin, props georgestephanis, fixes #17863
git-svn-id: http://svn.automattic.com/wordpress/trunk@20168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-10 01:23:48 +00:00