From 100e737eb05d01bcb876367c724f0a3ae8976c80 Mon Sep 17 00:00:00 2001 From: Drew Jaynes Date: Fri, 28 Mar 2014 21:21:15 +0000 Subject: [PATCH] Inline documentation for hooks in wp-includes/pluggable.php. Props kpdesign for some cleanup. Fixes #26888. Built from https://develop.svn.wordpress.org/trunk@27825 git-svn-id: http://core.svn.wordpress.org/trunk@27659 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/pluggable.php | 478 ++++++++++++++++++++++++++++++++------ 1 file changed, 411 insertions(+), 67 deletions(-) diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 2f7de1149c..5057a16f47 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -18,7 +18,6 @@ if ( !function_exists('wp_set_current_user') ) : * * @since 2.0.3 * @global object $current_user The current user object which holds the user data. - * @uses do_action() Calls 'set_current_user' hook after setting the current user. * * @param int $id User ID * @param string $name User's username @@ -34,7 +33,12 @@ function wp_set_current_user($id, $name = '') { setup_userdata( $current_user->ID ); - do_action('set_current_user'); + /** + * Fires after the current user is set. + * + * @since 2.0.1 + */ + do_action( 'set_current_user' ); return $current_user; } @@ -105,7 +109,7 @@ function get_currentuserinfo() { * * @since 3.9.0 * - * @param int|boolean $user_id User ID if determined, or false otherwise. + * @param int|bool $user_id User ID if determined, or false otherwise. */ $user_id = apply_filters( 'determine_current_user', false ); if ( ! $user_id ) { @@ -204,13 +208,7 @@ if ( !function_exists( 'wp_mail' ) ) : * be set using the 'wp_mail_charset' filter. * * @since 1.2.1 - * @uses apply_filters() Calls 'wp_mail' hook on an array of all of the parameters. - * @uses apply_filters() Calls 'wp_mail_from' hook to get the from email address. - * @uses apply_filters() Calls 'wp_mail_from_name' hook to get the from address name. - * @uses apply_filters() Calls 'wp_mail_content_type' hook to get the email content type. - * @uses apply_filters() Calls 'wp_mail_charset' hook to get the email charset - * @uses do_action_ref_array() Calls 'phpmailer_init' hook on the reference to - * phpmailer object. + * * @uses PHPMailer * * @param string|array $to Array or comma-separated list of email addresses to send message. @@ -222,6 +220,15 @@ if ( !function_exists( 'wp_mail' ) ) : */ function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() ) { // Compact the input, apply the filters, and extract them back out + + /** + * Filter the wp_mail() arguments. + * + * @since 2.2.0 + * + * @param array $args A compacted array of wp_mail() arguments, including the "to" email, + * subject, message, headers, and attachments values. + */ extract( apply_filters( 'wp_mail', compact( 'to', 'subject', 'message', 'headers', 'attachments' ) ) ); if ( !is_array($attachments) ) @@ -342,9 +349,23 @@ function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() $from_email = 'wordpress@' . $sitename; } - // Plugin authors can override the potentially troublesome default - $phpmailer->From = apply_filters( 'wp_mail_from' , $from_email ); - $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name ); + /** + * Filter the email address to send from. + * + * @since 2.2.0 + * + * @param string $from_email Email address to send from. + */ + $phpmailer->From = apply_filters( 'wp_mail_from', $from_email ); + + /** + * Filter the name to associate with the "from" email address. + * + * @since 2.3.0 + * + * @param string $from_name Name associated with the "from" email address. + */ + $phpmailer->FromName = apply_filters( 'wp_mail_from_name', $from_name ); // Set destination addresses if ( !is_array( $to ) ) @@ -415,6 +436,13 @@ function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() if ( !isset( $content_type ) ) $content_type = 'text/plain'; + /** + * Filter the wp_mail() content type. + * + * @since 2.3.0 + * + * @param string $content_type Default wp_mail() content type. + */ $content_type = apply_filters( 'wp_mail_content_type', $content_type ); $phpmailer->ContentType = $content_type; @@ -428,6 +456,14 @@ function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() $charset = get_bloginfo( 'charset' ); // Set the content-type and charset + + /** + * Filter the default wp_mail() charset. + * + * @since 2.3.0 + * + * @param string $charset Default email charset. + */ $phpmailer->CharSet = apply_filters( 'wp_mail_charset', $charset ); // Set custom headers @@ -450,6 +486,13 @@ function wp_mail( $to, $subject, $message, $headers = '', $attachments = array() } } + /** + * Fires after PHPMailer is initialized. + * + * @since 2.2.0 + * + * @param PHPMailer &$phpmailer The PHPMailer instance, passed by reference. + */ do_action_ref_array( 'phpmailer_init', array( &$phpmailer ) ); // Send! @@ -475,7 +518,19 @@ function wp_authenticate($username, $password) { $username = sanitize_user($username); $password = trim($password); - $user = apply_filters('authenticate', null, $username, $password); + /** + * Filter the user to authenticate. + * + * If a non-null value is passed, the filter will effectively short-circuit + * authentication, returning an error instead. + * + * @since 2.8.0 + * + * @param null|WP_User $user User to authenticate. + * @param string $username User login. + * @param string $password User password + */ + $user = apply_filters( 'authenticate', null, $username, $password ); if ( $user == null ) { // TODO what should the error message be? (Or would these even happen?) @@ -486,7 +541,14 @@ function wp_authenticate($username, $password) { $ignore_codes = array('empty_username', 'empty_password'); if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes) ) { - do_action('wp_login_failed', $username); + /** + * Fires after a user login has failed. + * + * @since 2.5.0 + * + * @param string $username User login. + */ + do_action( 'wp_login_failed', $username ); } return $user; @@ -501,7 +563,13 @@ if ( !function_exists('wp_logout') ) : */ function wp_logout() { wp_clear_auth_cookie(); - do_action('wp_logout'); + + /** + * Fires after a user is logged-out. + * + * @since 1.5.0 + */ + do_action( 'wp_logout' ); } endif; @@ -523,7 +591,16 @@ if ( !function_exists('wp_validate_auth_cookie') ) : */ function wp_validate_auth_cookie($cookie = '', $scheme = '') { if ( ! $cookie_elements = wp_parse_auth_cookie($cookie, $scheme) ) { - do_action('auth_cookie_malformed', $cookie, $scheme); + /** + * Fires if an authentication cookie is malformed. + * + * @since 2.7.0 + * + * @param string $cookie Malformed auth cookie. + * @param string $scheme Authentication scheme. Values include 'auth', 'secure_auth', + * or 'logged_in'. + */ + do_action( 'auth_cookie_malformed', $cookie, $scheme ); return false; } @@ -537,13 +614,27 @@ function wp_validate_auth_cookie($cookie = '', $scheme = '') { // Quick check to see if an honest cookie has expired if ( $expired < time() ) { - do_action('auth_cookie_expired', $cookie_elements); + /** + * Fires once an authentication cookie has expired. + * + * @since 2.7.0 + * + * @param array $cookie_elements An array of data for the authentication cookie. + */ + do_action( 'auth_cookie_expired', $cookie_elements ); return false; } $user = get_user_by('login', $username); if ( ! $user ) { - do_action('auth_cookie_bad_username', $cookie_elements); + /** + * Fires if a bad username is entered in the user authentication process. + * + * @since 2.7.0 + * + * @param array $cookie_elements An array of data for the authentication cookie. + */ + do_action( 'auth_cookie_bad_username', $cookie_elements ); return false; } @@ -553,14 +644,29 @@ function wp_validate_auth_cookie($cookie = '', $scheme = '') { $hash = hash_hmac('md5', $username . '|' . $expiration, $key); if ( $hmac != $hash ) { - do_action('auth_cookie_bad_hash', $cookie_elements); + /** + * Fires if a bad authentication cookie hash is encountered. + * + * @since 2.7.0 + * + * @param array $cookie_elements An array of data for the authentication cookie. + */ + do_action( 'auth_cookie_bad_hash', $cookie_elements ); return false; } if ( $expiration < time() ) // AJAX/POST grace period set above $GLOBALS['login_grace_period'] = 1; - do_action('auth_cookie_valid', $cookie_elements, $user); + /** + * Fires once an authentication cookie has been validated. + * + * @since 2.7.0 + * + * @param array $cookie_elements An array of data for the authentication cookie. + * @param WP_User $user User object. + */ + do_action( 'auth_cookie_valid', $cookie_elements, $user ); return $user->ID; } @@ -572,9 +678,6 @@ if ( !function_exists('wp_generate_auth_cookie') ) : * * @since 2.5.0 * - * @uses apply_filters() Calls 'auth_cookie' hook on $cookie contents, User ID - * and expiration of cookie. - * * @param int $user_id User ID * @param int $expiration Cookie expiration in seconds * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in @@ -590,7 +693,17 @@ function wp_generate_auth_cookie($user_id, $expiration, $scheme = 'auth') { $cookie = $user->user_login . '|' . $expiration . '|' . $hash; - return apply_filters('auth_cookie', $cookie, $user_id, $expiration, $scheme); + /** + * Filter the authentication cookie. + * + * @since 2.5.0 + * + * @param string $cookie Authentication cookie. + * @param int $user_id User ID. + * @param int $expiration Authentication cookie expiration in seconds. + * @param string $scheme Cookie scheme used. Accepts 'auth', 'secure_auth', or 'logged_in'. + */ + return apply_filters( 'auth_cookie', $cookie, $user_id, $expiration, $scheme ); } endif; @@ -656,20 +769,51 @@ if ( !function_exists('wp_set_auth_cookie') ) : */ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') { if ( $remember ) { - $expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember); - // Ensure the browser will continue to send the cookie after the expiration time is reached. - // Needed for the login grace period in wp_validate_auth_cookie(). + /** + * Filter the duration of the authentication cookie expiration period. + * + * @since 2.8.0 + * + * @param int $length Duration of the expiration period in seconds. + * @param int $user_id User ID. + * @param bool $remember Whether to remember the user login. Default false. + */ + $expiration = time() + apply_filters( 'auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember ); + + /* + * Ensure the browser will continue to send the cookie after the expiration time is reached. + * Needed for the login grace period in wp_validate_auth_cookie(). + */ $expire = $expiration + ( 12 * HOUR_IN_SECONDS ); } else { - $expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember); + /** This filter is documented in wp-includes/pluggable.php */ + $expiration = time() + apply_filters( 'auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember ); $expire = 0; } if ( '' === $secure ) $secure = is_ssl(); - $secure = apply_filters('secure_auth_cookie', $secure, $user_id); - $secure_logged_in_cookie = apply_filters('secure_logged_in_cookie', false, $user_id, $secure); + /** + * Filter whether the connection is secure. + * + * @since 3.1.0 + * + * @param bool $secure Whether the connection is secure. + * @param int $user_id User ID. + */ + $secure = apply_filters( 'secure_auth_cookie', $secure, $user_id ); + + /** + * Filter whether to use a secure cookie when logged-in. + * + * @since 3.1.0 + * + * @param bool $cookie Whether to use a secure cookie when logged-in. + * @param int $user_id User ID. + * @param bool $secure Whether the connection is secure. + */ + $secure_logged_in_cookie = apply_filters( 'secure_logged_in_cookie', false, $user_id, $secure ); if ( $secure ) { $auth_cookie_name = SECURE_AUTH_COOKIE; @@ -682,8 +826,33 @@ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') { $auth_cookie = wp_generate_auth_cookie($user_id, $expiration, $scheme); $logged_in_cookie = wp_generate_auth_cookie($user_id, $expiration, 'logged_in'); - do_action('set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme); - do_action('set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in'); + /** + * Fires immediately before the authentication cookie is set. + * + * @since 2.5.0 + * + * @param string $auth_cookie Authentication cookie. + * @param int $expire Login grace period in seconds. Default 43,200 seconds, or 12 hours. + * @param int $expiration Duration in seconds the authentication cookie should be valid. + * Default 1,209,600 seconds, or 14 days. + * @param int $user_id User ID. + * @param string $scheme Authentication scheme. Values include 'auth', 'secure_auth', or 'logged_in'. + */ + do_action( 'set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme ); + + /** + * Fires immediately before the secure authentication cookie is set. + * + * @since 2.6.0 + * + * @param string $logged_in_cookie The logged-in cookie. + * @param int $expire Login grace period in seconds. Default 43,200 seconds, or 12 hours. + * @param int $expiration Duration in seconds the authentication cookie should be valid. + * Default 1,209,600 seconds, or 14 days. + * @param int $user_id User ID. + * @param string $scheme Authentication scheme. Default 'logged_in'. + */ + do_action( 'set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in' ); setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true); setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true); @@ -700,7 +869,12 @@ if ( !function_exists('wp_clear_auth_cookie') ) : * @since 2.5.0 */ function wp_clear_auth_cookie() { - do_action('clear_auth_cookie'); + /** + * Fires just before the authentication cookies are cleared. + * + * @since 2.7.0 + */ + do_action( 'clear_auth_cookie' ); setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN ); setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN ); @@ -752,7 +926,14 @@ function auth_redirect() { $secure = ( is_ssl() || force_ssl_admin() ); - $secure = apply_filters('secure_auth_redirect', $secure); + /** + * Filter whether to use a secure authentication redirect. + * + * @since 3.1.0 + * + * @param bool $secure Whether to use a secure authentication redirect. Default false. + */ + $secure = apply_filters( 'secure_auth_redirect', $secure ); // If https is required and request is http, redirect if ( $secure && !is_ssl() && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) { @@ -765,13 +946,28 @@ function auth_redirect() { } } - if ( is_user_admin() ) + if ( is_user_admin() ) { $scheme = 'logged_in'; - else + } else { + /** + * Filter the authentication redirect scheme. + * + * @since 2.9.0 + * + * @param string $scheme Authentication redirect scheme. Default empty. + */ $scheme = apply_filters( 'auth_redirect_scheme', '' ); + } if ( $user_id = wp_validate_auth_cookie( '', $scheme) ) { - do_action('auth_redirect', $user_id); + /** + * Fires before the authentication redirect. + * + * @since 2.8.0 + * + * @param int $user_id User ID. + */ + do_action( 'auth_redirect', $user_id ); // If the user wants ssl but the session is not ssl, redirect. if ( !$secure && get_user_option('use_ssl', $user_id) && false !== strpos($_SERVER['REQUEST_URI'], 'wp-admin') ) { @@ -806,7 +1002,6 @@ if ( !function_exists('check_admin_referer') ) : * To avoid security exploits. * * @since 1.2.0 - * @uses do_action() Calls 'check_admin_referer' on $action. * * @param string $action Action nonce * @param string $query_arg where to look for nonce in $_REQUEST (since 2.5) @@ -822,7 +1017,16 @@ function check_admin_referer($action = -1, $query_arg = '_wpnonce') { wp_nonce_ays($action); die(); } - do_action('check_admin_referer', $action, $result); + + /** + * Fires once the admin request has been validated or not. + * + * @since 1.5.1 + * + * @param string $action The nonce action. + * @param bool $result Whether the admin request nonce was validated. + */ + do_action( 'check_admin_referer', $action, $result ); return $result; } endif; @@ -855,7 +1059,15 @@ function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) { die( '-1' ); } - do_action('check_ajax_referer', $action, $result); + /** + * Fires once the AJAX request has been validated or not. + * + * @since 2.1.0 + * + * @param string $action The AJAX nonce action. + * @param bool $result Whether the AJAX request nonce was validated. + */ + do_action( 'check_ajax_referer', $action, $result ); return $result; } @@ -866,7 +1078,6 @@ if ( !function_exists('wp_redirect') ) : * Redirects to another page. * * @since 1.5.1 - * @uses apply_filters() Calls 'wp_redirect' hook on $location and $status. * * @param string $location The path to redirect to. * @param int $status Status code to use. @@ -968,8 +1179,6 @@ if ( !function_exists('wp_validate_redirect') ) : * If the host is not allowed, then the redirect is to $default supplied * * @since 2.8.1 - * @uses apply_filters() Calls 'allowed_redirect_hosts' on an array containing - * WordPress host string and $location host string. * * @param string $location The redirect to validate * @param string $default The value to return if $location is not allowed @@ -1000,7 +1209,15 @@ function wp_validate_redirect($location, $default = '') { $wpp = parse_url(home_url()); - $allowed_hosts = (array) apply_filters('allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : ''); + /** + * Filter the whitelist of hosts to redirect to. + * + * @since 2.3.0 + * + * @param array $hosts An array of allowed hosts. + * @param bool|string $host The parsed host; empty if not isset. + */ + $allowed_hosts = (array) apply_filters( 'allowed_redirect_hosts', array($wpp['host']), isset($lp['host']) ? $lp['host'] : '' ); if ( isset($lp['host']) && ( !in_array($lp['host'], $allowed_hosts) && $lp['host'] != strtolower($wpp['host'])) ) $location = $default; @@ -1038,14 +1255,14 @@ function wp_notify_postauthor( $comment_id, $deprecated = null ) { } /** - * Filter the list of emails to receive a comment notification. + * Filter the list of email addresses to receive a comment notification. * - * Normally just post authors are notified of emails. - * This filter lets you add others. + * By default, only post authors are notified of comments. This filter allows + * others to be added. * * @since 3.7.0 * - * @param array $emails Array of email addresses to receive a comment notification. + * @param array $emails An array of email addresses to receive a comment notification. * @param int $comment_id The comment ID. */ $emails = apply_filters( 'comment_notification_recipients', $emails, $comment_id ); @@ -1062,12 +1279,13 @@ function wp_notify_postauthor( $comment_id, $deprecated = null ) { /** * Filter whether to notify comment authors of their comments on their own posts. * - * By default, comment authors don't get notified of their comments - * on their own post. This lets you override that. + * By default, comment authors aren't notified of their comments on their own + * posts. This filter allows you to override that. * * @since 3.8.0 * - * @param bool $notify Whether to notify the post author of their own comment. Default false. + * @param bool $notify Whether to notify the post author of their own comment. + * Default false. * @param int $comment_id The comment ID. */ $notify_author = apply_filters( 'comment_notification_notify_author', false, $comment_id ); @@ -1163,9 +1381,35 @@ function wp_notify_postauthor( $comment_id, $deprecated = null ) { if ( isset($reply_to) ) $message_headers .= $reply_to . "\n"; - $notify_message = apply_filters( 'comment_notification_text', $notify_message, $comment_id ); - $subject = apply_filters( 'comment_notification_subject', $subject, $comment_id ); - $message_headers = apply_filters( 'comment_notification_headers', $message_headers, $comment_id ); + /** + * Filter the comment notification email text. + * + * @since 1.5.2 + * + * @param string $notify_message The comment notification email text. + * @param int $comment_id Comment ID. + */ + $notify_message = apply_filters( 'comment_notification_text', $notify_message, $comment_id ); + + /** + * Filter the comment notification email subject. + * + * @since 1.5.2 + * + * @param string $subject The comment notification email subject. + * @param int $comment_id Comment ID. + */ + $subject = apply_filters( 'comment_notification_subject', $subject, $comment_id ); + + /** + * Filter the comment notification email headers. + * + * @since 1.5.2 + * + * @param string $message_headers Headers for the comment notification email. + * @param int $comment_id Comment ID. + */ + $message_headers = apply_filters( 'comment_notification_headers', $message_headers, $comment_id ); foreach ( $emails as $email ) { @wp_mail( $email, wp_specialchars_decode( $subject ), $notify_message, $message_headers ); @@ -1249,10 +1493,45 @@ function wp_notify_moderator($comment_id) { $subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), $blogname, $post->post_title ); $message_headers = ''; - $emails = apply_filters( 'comment_moderation_recipients', $emails, $comment_id ); - $notify_message = apply_filters( 'comment_moderation_text', $notify_message, $comment_id ); - $subject = apply_filters( 'comment_moderation_subject', $subject, $comment_id ); - $message_headers = apply_filters( 'comment_moderation_headers', $message_headers, $comment_id ); + /** + * Filter the list of recipients for comment moderation emails. + * + * @since 3.7.0 + * + * @param array $emails List of email addresses to notify for comment moderation. + * @param int $comment_id Comment ID. + */ + $emails = apply_filters( 'comment_moderation_recipients', $emails, $comment_id ); + + /** + * Filter the comment moderation email text. + * + * @since 1.5.2 + * + * @param string $notify_message Text of the comment moderation email. + * @param int $comment_id Comment ID. + */ + $notify_message = apply_filters( 'comment_moderation_text', $notify_message, $comment_id ); + + /** + * Filter the comment moderation email subject. + * + * @since 1.5.2 + * + * @param string $subject Subject of the comment moderation email. + * @param int $comment_id Comment ID. + */ + $subject = apply_filters( 'comment_moderation_subject', $subject, $comment_id ); + + /** + * Filter the comment moderation email headers. + * + * @since 2.8.0 + * + * @param string $message_headers Headers for the comment moderation email. + * @param int $comment_id Comment ID. + */ + $message_headers = apply_filters( 'comment_moderation_headers', $message_headers, $comment_id ); foreach ( $emails as $email ) { @wp_mail( $email, wp_specialchars_decode( $subject ), $notify_message, $message_headers ); @@ -1331,6 +1610,13 @@ if ( !function_exists('wp_nonce_tick') ) : * @return int */ function wp_nonce_tick() { + /** + * Filter the lifespan of nonces in seconds. + * + * @since 2.5.0 + * + * @param int $lifespan Lifespan of nonces in seconds. Default 86,400 seconds, or one day. + */ $nonce_life = apply_filters( 'nonce_life', DAY_IN_SECONDS ); return ceil(time() / ( $nonce_life / 2 )); @@ -1353,8 +1639,17 @@ if ( !function_exists('wp_verify_nonce') ) : function wp_verify_nonce($nonce, $action = -1) { $user = wp_get_current_user(); $uid = (int) $user->ID; - if ( ! $uid ) + if ( ! $uid ) { + /** + * Filter whether the user who generated the nonce is logged out. + * + * @since 3.5.0 + * + * @param int $uid ID of the nonce-owning user. + * @param string $action The nonce action. + */ $uid = apply_filters( 'nonce_user_logged_out', $uid, $action ); + } $i = wp_nonce_tick(); @@ -1381,8 +1676,10 @@ if ( !function_exists('wp_create_nonce') ) : function wp_create_nonce($action = -1) { $user = wp_get_current_user(); $uid = (int) $user->ID; - if ( ! $uid ) + if ( ! $uid ) { + /** This filter is documented in wp-includes/pluggable.php */ $uid = apply_filters( 'nonce_user_logged_out', $uid, $action ); + } $i = wp_nonce_tick(); @@ -1427,8 +1724,18 @@ if ( !function_exists('wp_salt') ) : */ function wp_salt( $scheme = 'auth' ) { static $cached_salts = array(); - if ( isset( $cached_salts[ $scheme ] ) ) + if ( isset( $cached_salts[ $scheme ] ) ) { + /** + * Filter the WordPress salt. + * + * @since 2.5.0 + * + * @param string $cached_salt Cached salt for the given scheme. + * @param string $scheme Authentication scheme. Values include 'auth', + * 'secure_auth', 'logged_in', and 'nonce'. + */ return apply_filters( 'salt', $cached_salts[ $scheme ], $scheme ); + } static $duplicated_keys; if ( null === $duplicated_keys ) { @@ -1474,6 +1781,8 @@ function wp_salt( $scheme = 'auth' ) { } $cached_salts[ $scheme ] = $key . $salt; + + /** This filter is documented in wp-includes/pluggable.php */ return apply_filters( 'salt', $cached_salts[ $scheme ], $scheme ); } endif; @@ -1557,7 +1866,16 @@ function wp_check_password($password, $hash, $user_id = '') { $hash = wp_hash_password($password); } - return apply_filters('check_password', $check, $password, $hash, $user_id); + /** + * Filter whether the plaintext password matches the encrypted password. + * + * @since 2.5.0 + * + * @param bool $check Whether the passwords match. + * @param string $hash The hashed password. + * @param int $user_id User ID. + */ + return apply_filters( 'check_password', $check, $password, $hash, $user_id ); } // If the stored hash is longer than an MD5, presume the @@ -1570,7 +1888,8 @@ function wp_check_password($password, $hash, $user_id = '') { $check = $wp_hasher->CheckPassword($password, $hash); - return apply_filters('check_password', $check, $password, $hash, $user_id); + /** This filter is documented in wp-includes/pluggable.php */ + return apply_filters( 'check_password', $check, $password, $hash, $user_id ); } endif; @@ -1598,8 +1917,14 @@ function wp_generate_password( $length = 12, $special_chars = true, $extra_speci $password .= substr($chars, wp_rand(0, strlen($chars) - 1), 1); } - // random_password filter was previously in random_password function which was deprecated - return apply_filters('random_password', $password); + /** + * Filter the randomly-generated password. + * + * @since 3.0.0 + * + * @param string $password The generated password. + */ + return apply_filters( 'random_password', $password ); } endif; @@ -1707,6 +2032,14 @@ function get_avatar( $id_or_email, $size = '96', $default = '', $alt = false ) { $email = $user->user_email; } elseif ( is_object($id_or_email) ) { // No avatar for pingbacks or trackbacks + + /** + * Filter the list of allowed comment types for retrieving avatars. + * + * @since 3.0.0 + * + * @param array $types An array of content types. Default only contains 'comment'. + */ $allowed_comment_types = apply_filters( 'get_avatar_comment_types', array( 'comment' ) ); if ( ! empty( $id_or_email->comment_type ) && ! in_array( $id_or_email->comment_type, (array) $allowed_comment_types ) ) return false; @@ -1773,7 +2106,18 @@ function get_avatar( $id_or_email, $size = '96', $default = '', $alt = false ) { $avatar = "{$safe_alt}"; } - return apply_filters('get_avatar', $avatar, $id_or_email, $size, $default, $alt); + /** + * Filter the avatar to retrieve. + * + * @since 2.5.0 + * + * @param string $avatar Image tag for the user's avatar. + * @param int|object|string $id_or_email A user ID, email address, or comment object. + * @param int $size Square avatar width and height in pixels to retrieve. + * @param string $alt Alternative text to use in the avatar image tag. + * Default empty. + */ + return apply_filters( 'get_avatar', $avatar, $id_or_email, $size, $default, $alt ); } endif;