Commit Graph

513 Commits

Author SHA1 Message Date
Sergey Biryukov ad7b2949ba Users: Adjust [45708] to make sure `wp_update_user()` does not issue a `WP_Error` if a single site was previously set up as Multisite and there's still a `spam` field in the user table.
Add a unit test.

Props azaozz, SergeyBiryukov.
Fixes #45747.
Built from https://develop.svn.wordpress.org/trunk@45874


git-svn-id: http://core.svn.wordpress.org/trunk@45685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-22 01:53:55 +00:00
Sergey Biryukov 022de7321e Users: In `wp_insert_user()`, account for the `wp_pre_insert_user_data` filter returning empty data.
Props juliobox, SergeyBiryukov.
Fixes #47902.
Built from https://develop.svn.wordpress.org/trunk@45858


git-svn-id: http://core.svn.wordpress.org/trunk@45669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-20 17:26:55 +00:00
Sergey Biryukov d9954ed4cb Privacy: Add descriptions for sections in a personal data export file.
Props garrett-eclipse, Venutius, karmatosed.
Fixes #45491.
Built from https://develop.svn.wordpress.org/trunk@45825


git-svn-id: http://core.svn.wordpress.org/trunk@45636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-18 02:07:57 +00:00
Sergey Biryukov 65420d3c7a Users: Replace raw SQL query in `check_password_reset_key()` with `get_user_by()`.
Props davidbaumwald, iworks, spacedmonkey.
Fixes #45845.
Built from https://develop.svn.wordpress.org/trunk@45716


git-svn-id: http://core.svn.wordpress.org/trunk@45527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 19:19:55 +00:00
Sergey Biryukov ee5e044a2a Users: Use `clean_user_cache()` in `wp_insert_user()`, `wp_update_user()`, `wp_set_password()`, `add_user_to_blog()`.
Props spacedmonkey.
Fixes #47021.
Built from https://develop.svn.wordpress.org/trunk@45715


git-svn-id: http://core.svn.wordpress.org/trunk@45526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 17:49:57 +00:00
Sergey Biryukov 75857aa857 Users: Use `wp_update_user()` in `get_password_reset_key()`.
Props jayswadas, spacedmonkey, donmhico, SergeyBiryukov.
Fixes #45746.
Built from https://develop.svn.wordpress.org/trunk@45714


git-svn-id: http://core.svn.wordpress.org/trunk@45525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 17:25:55 +00:00
Sergey Biryukov f6189321e1 Users: Reorganize `user_nicename`, `user_url`, `user_registered` setting in `wp_insert_user()` for consistency with the order or fields in the database.
See #45746.
Built from https://develop.svn.wordpress.org/trunk@45713


git-svn-id: http://core.svn.wordpress.org/trunk@45524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 17:13:57 +00:00
Sergey Biryukov b32cff72c2 Users: Deprecate `update_user_status()` in favor of `wp_update_user()`.
Props spacedmonkey, SergeyBiryukov.
Fixes #45747.
Built from https://develop.svn.wordpress.org/trunk@45708


git-svn-id: http://core.svn.wordpress.org/trunk@45519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 11:28:54 +00:00
Sergey Biryukov 8e85299a00 General: First pass at replacing Codex URLs with a corresponding HelpHub or DevHub article.
Props ianbelanger, tobifjellner, SergeyBiryukov.
See #47771.
Built from https://develop.svn.wordpress.org/trunk@45674


git-svn-id: http://core.svn.wordpress.org/trunk@45485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 22:45:57 +00:00
Sergey Biryukov 18bd01985b Coding Standards: Rename `$r` variable used with `wp_parse_args()` to `$parsed_args` for clarity.
Props freewebmentor.
Fixes #45059.
Built from https://develop.svn.wordpress.org/trunk@45667


git-svn-id: http://core.svn.wordpress.org/trunk@45478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 00:48:58 +00:00
Gary Pendergast a571a7d621 Code Modernisation: Fix known instances of array access on data types that can't be accessed as arrays.
PHP 7.4 addes a warning when trying access a null/bool/int/float/resource (everything but array, string and object) as if it were an array.

This change fixes all of these warnings visible in unit tests.

Props jrf.
See #47704.



Built from https://develop.svn.wordpress.org/trunk@45639


git-svn-id: http://core.svn.wordpress.org/trunk@45450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-15 06:25:57 +00:00
Gary Pendergast 4803fc405e Coding Standards: Fix the `Squiz.PHP.DisallowMultipleAssignments` violations in `wp-includes`.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Andrew Ozz d0c1b77cda Privacy tools:
- Move the (remaining) privacy tools related functions from `wp-admin/includes/file.php` to `wp-admin/includes/privacy-tools.php`.
- Move the `WP_User_Request` class to a separate file.

See #43895.
Built from https://develop.svn.wordpress.org/trunk@45519


git-svn-id: http://core.svn.wordpress.org/trunk@45330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-10 23:54:53 +00:00
desrosj 012d05f5c0 Docs: Add missing documentation for the locale meta field.
The user’s locale is passed in the `$meta` parameter for `insert_user_meta`. Added in [38705].

Props tmatsuur.
Fixes #47423.
Built from https://develop.svn.wordpress.org/trunk@45479


git-svn-id: http://core.svn.wordpress.org/trunk@45290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-30 14:37:53 +00:00
John Blackbourn d4d1267847 I18N: Improvements to and additions of translator comments for various email subject strings.
Props ramiy

Fixes #46920

Built from https://develop.svn.wordpress.org/trunk@45204


git-svn-id: http://core.svn.wordpress.org/trunk@45013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-15 22:39:50 +00:00
Gary Pendergast 9a80e2095b Text Changes: Tweak the wording of email notification subjects.
This change brings more coherence between the subject lines of the various emails WordPress will send.

Props ramiy, pento.
Fixes #37940.

Built from https://develop.svn.wordpress.org/trunk@45137


git-svn-id: http://core.svn.wordpress.org/trunk@44946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-08 06:17:51 +00:00
Sergey Biryukov b6a145ccb5 Privacy: Ensure the privacy data erase fulfillment email is sent in the locale of the user whose data is being erased (or the site's default locale if they are not a registered user) when the administrator fulfilling the request uses a different locale.
Props desrosj, birgire, garrett-eclipse.
Fixes #44721.
Built from https://develop.svn.wordpress.org/trunk@45039


git-svn-id: http://core.svn.wordpress.org/trunk@44848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-27 19:41:53 +00:00
desrosj 38589e14e2 General: Ensure error messages end with a period for consistency.
Props garrett-eclipse, birgire.
See #44901.
Built from https://develop.svn.wordpress.org/trunk@44930


git-svn-id: http://core.svn.wordpress.org/trunk@44761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-19 02:37:52 +00:00
Felix Arntz 97d33e5231 Multisite: Do not prime site meta caches unless necessary.
Props spacedmonkey.
Fixes #46357. See #46167.

Built from https://develop.svn.wordpress.org/trunk@44926


git-svn-id: http://core.svn.wordpress.org/trunk@44757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-18 15:56:51 +00:00
Andrea Fercia 31e34400a5 Accessibility: Login: Display error messages when both the username and password fields are empty.
For accessibility and usability, if an input error is detected, the item that is in error needs to be identified and the error needs to be described to the user in text (WCAG Success Criterion 3.3.1). The login form displays an error when the username field is empty or when the password field is empty. It omits to do so when both fields are empty.

This change restores the login form behavior to the one that used to work in WordPress 2.3 (!) and displays the related error messages also when both fields are empty.

Props birgire, audrasjb.
See #8938, #5405, #3708.
Fixes #42985.

Built from https://develop.svn.wordpress.org/trunk@44918


git-svn-id: http://core.svn.wordpress.org/trunk@44749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-16 15:22:53 +00:00
desrosj 35b558a3a0 Privacy: Allow new requests to be created after a user’s existing one has been completed.
When dealing with personal data exports and erasure requests, it is important to have a log of all the requests for a specific person. This is often required to confirm when and how many times requests were completed and fulfilled properly. 

This change allows a new request to be created after a previous data request has reached completed status (`request-completed`) instead of requiring admins to delete or re-initiate the existing request. The latter approach removes the historical log of requests for that user when creating a new request.

Full unit tests for the `wp_create_user_request()` function are also included.

Props garrett-eclipse, cc0a, birgire, desrosj.
Fixes #44707.
Built from https://develop.svn.wordpress.org/trunk@44906


git-svn-id: http://core.svn.wordpress.org/trunk@44737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-15 16:27:49 +00:00
Sergey Biryukov e0e99fe82e Users: Revert [44780] pending test failure investigation.
See #45845.
Built from https://develop.svn.wordpress.org/trunk@44784


git-svn-id: http://core.svn.wordpress.org/trunk@44616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-28 22:58:50 +00:00
Sergey Biryukov 43324cec8b Users: Replace raw SQL query in `check_password_reset_key()` with `get_user_by()`.
Props davidbaumwald, iworks, spacedmonkey.
Fixes #45845.
Built from https://develop.svn.wordpress.org/trunk@44780


git-svn-id: http://core.svn.wordpress.org/trunk@44612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-28 14:39:50 +00:00
desrosj 50ddffbac3 Privacy: Use consistent variable naming when working with privacy requests.
Throughout the core privacy functions, `WP_User_Request` instances were stored in variables named both `$request`, and `$request_data`. This changes all occurrences of `$request_data` to `$request` for better consistency.

Props nateallen, bruceallen, garrett-eclipse.
Fixes #44708.
Built from https://develop.svn.wordpress.org/trunk@44606


git-svn-id: http://core.svn.wordpress.org/trunk@44437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 22:35:52 +00:00
Gary Pendergast c062e39ac8 Docs: Tweak the docblock for `setup_userdata()`.
This is a followup to [44603]. The default value should be last, not somewhere in the middle.

Props swissspidy.
Fixes #44697.


Built from https://develop.svn.wordpress.org/trunk@44605


git-svn-id: http://core.svn.wordpress.org/trunk@44436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 10:29:50 +00:00
Gary Pendergast e0c4e5b610 Users: Correct the default value in `setup_userdata()`.
The `$for_user_id` parameter is an `int`, not a `string`, so the default value should be `0`, rather than an empty string.

Props subrataemfluence.
Fixes #44697.


Built from https://develop.svn.wordpress.org/trunk@44603


git-svn-id: http://core.svn.wordpress.org/trunk@44434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 06:33:50 +00:00
Gary Pendergast 8ddef3e98d Users: Check that a valid user is passed to `get_password_reset_key()`.
Props edocev.
Fixes #44601.


Built from https://develop.svn.wordpress.org/trunk@44602


git-svn-id: http://core.svn.wordpress.org/trunk@44433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 06:27:49 +00:00
Gary Pendergast 120710d8f8 Coding Standards: Move assignments out of conditions in `wp-includes/user.php`.
Props subrataemfluence.
See #44315.


Built from https://develop.svn.wordpress.org/trunk@44597


git-svn-id: http://core.svn.wordpress.org/trunk@44428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 05:38:49 +00:00
Gary Pendergast 0b44fae46b Privacy: Fix a code formatting error introduced in [44491].
See #44908.


Built from https://develop.svn.wordpress.org/trunk@44494


git-svn-id: http://core.svn.wordpress.org/trunk@44325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 04:33:50 +00:00
Gary Pendergast 53e40b7fda Privacy: Remove some unnecessary parameters being passed to `wp_update_post()` by `wp_generate_user_request_key()`.
Props garrett-eclipse.
Fixes #44908.


Built from https://develop.svn.wordpress.org/trunk@44491


git-svn-id: http://core.svn.wordpress.org/trunk@44322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 03:51:48 +00:00
Gary Pendergast 0f3835d394 Users: Add the `pre_count_users` filter.
Props spacedmonkey.
Fixes #43693.


Built from https://develop.svn.wordpress.org/trunk@44473


git-svn-id: http://core.svn.wordpress.org/trunk@44304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 09:49:50 +00:00
Gary Pendergast e83f753246 Coding Standards: Fix an error introduced in [44465].
See #45748.


Built from https://develop.svn.wordpress.org/trunk@44470


git-svn-id: http://core.svn.wordpress.org/trunk@44301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 09:03:50 +00:00
Gary Pendergast 8d2ee69f9d Users: Use `email_exists()` in `send_confirmation_on_profile_email()`, instead of a manual query.
This gives us caching, and removes the use of the `$wpdb` global.

Props spacedmonkey, pento.
Fixes #45748.


Built from https://develop.svn.wordpress.org/trunk@44465


git-svn-id: http://core.svn.wordpress.org/trunk@44296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 06:07:51 +00:00
Sergey Biryukov 7ee752e40c Privacy: When clicking a confirmation link for a privacy request, return a `WP_Error` object if the link has expired.
Returning a string caused a success message to be displayed instead of the correct error message.

Props desrosj.
Fixes #44685.
Built from https://develop.svn.wordpress.org/trunk@43623


git-svn-id: http://core.svn.wordpress.org/trunk@43452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:44:24 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov 08af3900c3 Privacy: Ensure the user request email is sent in the requested user's locale (or the site's default locale if they are not a registered user) when the administrator creating the request uses a different locale.
Props desrosj, Chouby, iandunn, lbenicio, birgire, earnjam, swissspidy, garrett-eclipse.
Fixes #43985.
Built from https://develop.svn.wordpress.org/trunk@43568


git-svn-id: http://core.svn.wordpress.org/trunk@43397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-13 16:32:27 +00:00
Andrew Ozz b1330814e2 Privacy: Add `$request` to `$email_data` to make it available to all filters.
Props desrosj.
Fixes #44379.
Built from https://develop.svn.wordpress.org/trunk@43477


git-svn-id: http://core.svn.wordpress.org/trunk@43304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:53:25 +00:00
Andrew Ozz 04b8839454 Privacy: Add filter for the subject of the erasure complete notification emails.
Props desrosj.
Fixes #44265.
Built from https://develop.svn.wordpress.org/trunk@43475


git-svn-id: http://core.svn.wordpress.org/trunk@43302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:42:25 +00:00
Sergey Biryukov 357a663899 Privacy: Change `@since` entry for `user_request_confirmed_email_subject` filter added in [43373] to 4.9.8.
See #44382.
Built from https://develop.svn.wordpress.org/trunk@43451


git-svn-id: http://core.svn.wordpress.org/trunk@43278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 12:12:25 +00:00
Felix Arntz 057b221af7 Privacy: Use consistent values for the site name and URL used in notification emails.
The functions `send_confirmation_on_profile_email()`, `_wp_privacy_send_request_confirmation_notification()`, `_wp_privacy_send_erasure_fulfillment_notification()`, and `wp_send_user_request()` all include a title and URL indicating the current site. However, so far they have dealt with those values inconsistently, sometimes using the site values, other times using the network values if in a multisite. This changeset ensures that only the current site is taken into account in all cases and that special characters in the site name are consistently decoded.

Props subrataemfluence, desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43388


git-svn-id: http://core.svn.wordpress.org/trunk@43216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 17:00:25 +00:00
Andrew Ozz be6aa715fe Privacy: use `wp_login_url()` for the link in the user confirmation email.
Props desrosj, usmankhalid.
Fixes #44353.
Built from https://develop.svn.wordpress.org/trunk@43379


git-svn-id: http://core.svn.wordpress.org/trunk@43207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:47 +00:00
Andrew Ozz 3ce87b62f9 Privacy: add user request type to the admin notification email subject.
Props birgire, desrosj.
Fixes #44099.
Built from https://develop.svn.wordpress.org/trunk@43375


git-svn-id: http://core.svn.wordpress.org/trunk@43203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:03 +00:00
Andrew Ozz ac269e570e Privacy: filter the email subject in `_wp_privacy_send_request_confirmation_notification()`.
Props garrett-eclipse, birgire, desrosj.
Fixes #44382.
Built from https://develop.svn.wordpress.org/trunk@43373


git-svn-id: http://core.svn.wordpress.org/trunk@43201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:41:13 +00:00
John Blackbourn 0aa2902436 Security: Harden the random aspect of the hash used for user profile and admin email address changes.
Props BjornW

Fixes #43771

Built from https://develop.svn.wordpress.org/trunk@43367


git-svn-id: http://core.svn.wordpress.org/trunk@43195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:43 +00:00
Sergey Biryukov 33c708feca Privacy: Remove unnecessary `This email has been sent to ###EMAIL###` from privacy emails.
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.

Props iandunn, ianbelanger, desrosj.
Fixes #44030.
Built from https://develop.svn.wordpress.org/trunk@43353


git-svn-id: http://core.svn.wordpress.org/trunk@43181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:32:48 +00:00
Sergey Biryukov e0e564d84b Users: In `wp_validate_user_request_key()`, properly return the `WP_Error` object in case the confirmation email has expired.
Props itowhid06.
Fixes #44298.
Built from https://develop.svn.wordpress.org/trunk@43331


git-svn-id: http://core.svn.wordpress.org/trunk@43159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:23:27 +00:00
Andrew Ozz 3ee58b55b1 Privacy: improve inline documentation.
Props desrosj.
Fixes #44075.
Built from https://develop.svn.wordpress.org/trunk@43256


git-svn-id: http://core.svn.wordpress.org/trunk@43085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 14:53:21 +00:00
iandunn b26ab11343 Privacy: Expose erasure notification recipient to filter callbacks.
The previous `user_email` value was redundant, because it always matched `$request_data->email`. That value might be different from where the message is sent, though, if the `user_erasure_fulfillment_email_to` filter is used. If they are different, then callbacks for the `user_confirmed_action_email_content` filter may want to distinguish between the email address of the user making the request, and the email address that the confirmation notification is being sent to.

Props desrosj, iandunn.
See #43973.

Built from https://develop.svn.wordpress.org/trunk@43236


git-svn-id: http://core.svn.wordpress.org/trunk@43065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 21:20:22 +00:00
Sergey Biryukov ae2b929294 Privacy: Update request confirmation notice text for clarity.
Props desrosj, melchoyce, garrett-eclipse.
Fixes #43970.
Built from https://develop.svn.wordpress.org/trunk@43232


git-svn-id: http://core.svn.wordpress.org/trunk@43061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:53:21 +00:00
Sergey Biryukov bed52dda40 Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.
Props desrosj, allendav, garrett-eclipse.
Fixes #43973.
Built from https://develop.svn.wordpress.org/trunk@43230


git-svn-id: http://core.svn.wordpress.org/trunk@43059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:43:22 +00:00