Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
49,376 Commits 48 Branches 718 Tags 891 MiB
Commit Graph

588 Commits

Author SHA1 Message Date
desrosj 0f99e345fa Site Health: Allow the capability required for the site admin email verification screen to be filtered. 
Props desrosj, Clorith.
Fixes #48153.
Built from https://develop.svn.wordpress.org/trunk@46323


git-svn-id: http://core.svn.wordpress.org/trunk@46122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-26 15:41:57 +00:00
Sergey Biryukov 0a5cd17f98 Login and Registration: Standardize on `6 * MONTH_IN_SECONDS` over `180 * DAY_IN_SECONDS` for `admin_email_check_interval` filter. 
[45788] changed the first instance, but not the second.

Props tmatsuur.
Fixes #48144.
Built from https://develop.svn.wordpress.org/trunk@46319


git-svn-id: http://core.svn.wordpress.org/trunk@46118 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-26 02:29:58 +00:00
Andrea Fercia 0d75495612 Login and Registration: Add a "Show password" button on the login page. 
The ability for users to see the password they're typing improves usability and accessibility of the login users flow.

- brings the login screen in line with the same feature already used in the New User, Edit User, and Reset Password pages
- improves association of labels and input fields by using explicit association with `for` / `id` attributes
- slightly increases the "Remember me" label font size

Props johnbillion, Iceable, audrasjb, joyously, adamsilverstein, boemedia, DrewAPicture, shadyvb, birgire, peterwilsoncc, pento, anevins, davidbaumwald, whyisjake, afercia.
Fixes #42888.

Built from https://develop.svn.wordpress.org/trunk@46256


git-svn-id: http://core.svn.wordpress.org/trunk@46068 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-23 18:06:57 +00:00
Dominik Schilling c72a36596e I18N: Remove HTML tags from translatable string in `wp-login.php`. 
See #46349.
Built from https://develop.svn.wordpress.org/trunk@46229


git-svn-id: http://core.svn.wordpress.org/trunk@46041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-21 15:54:57 +00:00
Andrew Ozz ea27759d2b Remove left-over debug code after [46203]. 
See #46349.
Built from https://develop.svn.wordpress.org/trunk@46204


git-svn-id: http://core.svn.wordpress.org/trunk@46016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-20 19:27:57 +00:00
Andrew Ozz 0628245170 Admin email verification: 
- Fix wording of the HTML title.
- Add hidden `(opens in a new tab)` to links that need it.
- Add the `screen-reader-text` CSS class to login.css.
- Add another translator comment.

Props afercia.
See #46349.

Built from https://develop.svn.wordpress.org/trunk@46203


git-svn-id: http://core.svn.wordpress.org/trunk@46015 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-20 18:51:56 +00:00
desrosj 3bd9e18930 Login and Registration: Detect JavaScript on the login screen. 
This allows the login screen to be targeted with CSS when JavaScript is disabled.

Props Nikschavan.
Fixes #38088.
Built from https://develop.svn.wordpress.org/trunk@46192


git-svn-id: http://core.svn.wordpress.org/trunk@46004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-19 19:22:58 +00:00
Sergey Biryukov e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation. 
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-03 00:41:05 +00:00
Sergey Biryukov 16b8d91baa I18N: Improve translator comments. 
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-09-01 17:13:59 +00:00
Andrew Ozz 197b4a829b Admin email verification: 
- Add the `admin_email_lifespan` option when installing. Fixes a bug where the verification screen is shown right after installation.
- Reset the same option when upgrading and the user doing the DB upgrade is not an admin. This will ensure the email verification is shown next time an admin logs in.
- Use `site_url()` instead of `network_site_url()` for the form action. The latter seems needed only for password reset.

See #46349.
Built from https://develop.svn.wordpress.org/trunk@45788


git-svn-id: http://core.svn.wordpress.org/trunk@45599 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-08-13 17:40:55 +00:00
Andrew Ozz fff56d219f Add admin email verification screen. Shown every six months after an admin has logged in. 
Also includes WPCS fixes for wp-login.php.

Props andraganescu, boemedia, lessbloat, azaozz.
See #46349.
Built from https://develop.svn.wordpress.org/trunk@45757


git-svn-id: http://core.svn.wordpress.org/trunk@45568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-08-07 00:04:56 +00:00
Dominik Schilling 182f813e24 I18N: Display the logged out message in the user's locale 
Built from https://develop.svn.wordpress.org/trunk@45690


git-svn-id: http://core.svn.wordpress.org/trunk@45501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-07-27 14:31:55 +00:00
Gary Pendergast b2d5a4216c Coding Standards: Fix the `Squiz.PHP.DisallowMultipleAssignments` violations in the base directory. 
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45582


git-svn-id: http://core.svn.wordpress.org/trunk@45393 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-07-01 08:27:58 +00:00
Sergey Biryukov 35a2322d32 General: Update support forum links. 
There are a lot of places in Core that link to https://wordpress.org/support/ for the support forums, but that's now the URL for HelpHub. The new forums link is https://wordpress.org/support/forums/.

This is a follow-up to [45140], which changed the links in help tabs.

Props dilipbheda.
Fixes #47239. See #46790.
Built from https://develop.svn.wordpress.org/trunk@45412


git-svn-id: http://core.svn.wordpress.org/trunk@45223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-05-25 14:24:50 +00:00
John Blackbourn 61ed726067 Mail: Use the standardised spelling of `email` in the password reset error message. 
Fixes #39110

Built from https://develop.svn.wordpress.org/trunk@45405


git-svn-id: http://core.svn.wordpress.org/trunk@45216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-05-24 22:53:54 +00:00
John Blackbourn b3e297925c Mail: Improve the user experience when the password reset email cannot be sent. 
This introduces a link to the support page for resetting your password, and improves the error by bringing it into the login page instead of a `wp_die()`.

Props neelpatel7295, estelaris, desrosj

Built from https://develop.svn.wordpress.org/trunk@45404


git-svn-id: http://core.svn.wordpress.org/trunk@45215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-05-24 22:14:52 +00:00
desrosj d0f46bf73c I18N: Combine similar strings with minor differences. 
Props dimadin.
Fixes #47158.
Built from https://develop.svn.wordpress.org/trunk@45298


git-svn-id: http://core.svn.wordpress.org/trunk@45107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-05-09 19:48:53 +00:00
John Blackbourn d4d1267847 I18N: Improvements to and additions of translator comments for various email subject strings. 
Props ramiy

Fixes #46920

Built from https://develop.svn.wordpress.org/trunk@45204


git-svn-id: http://core.svn.wordpress.org/trunk@45013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-04-15 22:39:50 +00:00
desrosj 105277f93e Administration: Move “Recovery Mode” to the beginning of the document title. 
This improves accessibility, ensuring users utilizing screen readers are informed that the site is in recovery mode.

Props: afercia, TimothyBlynJacobs.
See #46608.
Built from https://develop.svn.wordpress.org/trunk@45175


git-svn-id: http://core.svn.wordpress.org/trunk@44984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-04-12 19:05:51 +00:00
Felix Arntz 5754da106b Administration: Improve user experience and clarify when in recovery mode. 
This changeset introduces several changes around usability when recovery mode is active:

* Display a notice in the admin clarifying that the user is in recovery mode.
* Use a highlight color for the admin bar link to exit recovery mode.
* Exit recovery mode automatically when logging out.
* Include a recovery mode indicator in the title tag.

Props aandrewdixon, azaozz, dhanukanuwan, flixos90, henrywright, karmatosed, mapk, melchoyce, spacedmonkey, TimothyBlynJacobs, tinkerbelly.
See #46608.

Built from https://develop.svn.wordpress.org/trunk@45117


git-svn-id: http://core.svn.wordpress.org/trunk@44926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-04-05 17:00:52 +00:00
Felix Arntz 3a77265148 Bootstrap/Load: Introduce a recovery mode for fixing fatal errors. 
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.

When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.

A link in the admin bar allows the client to exit recovery mode.

Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130, #44458.

Built from https://develop.svn.wordpress.org/trunk@44973


git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-21 21:53:51 +00:00
desrosj 574f7a221f Coding Standards: Fix PHPCS issue introduced in [44931]. 
See #44901.
Built from https://develop.svn.wordpress.org/trunk@44932


git-svn-id: http://core.svn.wordpress.org/trunk@44763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-19 02:48:49 +00:00
desrosj 86eb60b307 Privacy: Remove unnecessary `WP_Error` when handling `confirmaction` requests. 
By reordering the logic when handling the `confirmaction` action in `wp-login.php`, the need for a new `WP_Error` object to be created can be eliminated. The error message can be passed directly into a `wp_die()` call, matching the other validation errors in related code.

Props garrett-eclipse, birgire.
Fixes #44901.
Built from https://develop.svn.wordpress.org/trunk@44931


git-svn-id: http://core.svn.wordpress.org/trunk@44762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-19 02:38:48 +00:00
Andrea Fercia 31e34400a5 Accessibility: Login: Display error messages when both the username and password fields are empty. 
For accessibility and usability, if an input error is detected, the item that is in error needs to be identified and the error needs to be described to the user in text (WCAG Success Criterion 3.3.1). The login form displays an error when the username field is empty or when the password field is empty. It omits to do so when both fields are empty.

This change restores the login form behavior to the one that used to work in WordPress 2.3 (!) and displays the related error messages also when both fields are empty.

Props birgire, audrasjb.
See #8938, #5405, #3708.
Fixes #42985.

Built from https://develop.svn.wordpress.org/trunk@44918


git-svn-id: http://core.svn.wordpress.org/trunk@44749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-16 15:22:53 +00:00
Sergey Biryukov 904365731a Acessibility: Remove `title` attribute in `login_header()`. 
* Deprecate `login_headertitle` filter, introduce `login_headertext` as a replacement.
* For backwards compatibility, if a `login_headertitle` is set, it will be used as link text.
* Make the login header logo URL and text consistent between single site and Multisite.
* Avoid ambiguity of where the WordPress logo points to; link to WordPress.org by default.
* `login_headerurl` filter is still available to change the URL of the header logo.

Props afercia, pratikkry, chetan200891.
Fixes #42537.
Built from https://develop.svn.wordpress.org/trunk@44899


git-svn-id: http://core.svn.wordpress.org/trunk@44730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-14 21:10:50 +00:00
Andrea Fercia ca53eac85e Accessibility: Improve the password form buttons accessibility. 
- makes the "Cancel" button always visible: this allows to generate a new password also on small screens
- moves focus back to the Generate Password button when closing the form
- changes the password reset show/hide button from a clickable `<span>` element to a real `<button>` element
- improves the CSS

Props janak007, afercia.
Fixes #42853.

Built from https://develop.svn.wordpress.org/trunk@44895


git-svn-id: http://core.svn.wordpress.org/trunk@44726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-03-13 23:37:57 +00:00
Sergey Biryukov c78d28d9f1 Login and Registration: Update URLs for browser cookie documentation. 
Props joostdevalk.
Fixes #46254.
Built from https://develop.svn.wordpress.org/trunk@44776


git-svn-id: http://core.svn.wordpress.org/trunk@44608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-02-28 11:44:52 +00:00
Gary Pendergast 7a617078fa Coding Standards: Upgrade WPCS to 1.2.1. 
This upgrade fixes quite a few false positives, as well as auto-fixing some indenting issues.

Fixes #45956.


Built from https://develop.svn.wordpress.org/trunk@44574


git-svn-id: http://core.svn.wordpress.org/trunk@44405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-01-12 06:41:52 +00:00
Andrea Fercia 0b5beabd36 Accessibility: Remove negative tabindex from the login, install, and setup pages header. 
Props bamadesigner, rishishah, jainnidhi.
Fixes #42632.

Built from https://develop.svn.wordpress.org/trunk@44545


git-svn-id: http://core.svn.wordpress.org/trunk@44376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-01-10 17:21:52 +00:00
Gary Pendergast 19f9dd29e9 Login: Improve the error message when retrieving a lost password. 
When an invalid username or email address is entered, the form now displays a better error message.

Props mrtortai, iamfriendly, TomHarrigan, afercia, pento.
Fixes #31788.


Built from https://develop.svn.wordpress.org/trunk@44489


git-svn-id: http://core.svn.wordpress.org/trunk@44320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-01-09 02:06:50 +00:00
desrosj f8f58da317 Docs: Update `since` annotation for new `lost_password` action parameter. 
Introduced in [43542].

Fixes #44512.
Built from https://develop.svn.wordpress.org/trunk@44396


git-svn-id: http://core.svn.wordpress.org/trunk@44226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2019-01-04 21:52:50 +00:00
Jeremy Felt f93e24ca8e REST API: Render response in user locale with `?_locale=user`. 
Introduces new `determine_locale()` function for deciding the proper locale to use for a response. Default value is `get_user_locale()` in the admin, and `get_locale()` on the frontend. Because REST API requests are considered frontend requests, `?_locale=user` can be used to render the response in the user's locale.

Also updates `wp-login.php?wp_lang` implementation to benefit from this abstraction.

Merges [43776] from the 5.0 branch to trunk.

Props flixos90, mnelson4, swissspidy, TimothyBlynJacobs.
Fixes #44758.

Built from https://develop.svn.wordpress.org/trunk@44134


git-svn-id: http://core.svn.wordpress.org/trunk@43964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-14 01:32:39 +00:00
Peter Wilson 481e5f4b36 Multisite: Improve messaging for previously activated users. 
Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time.

Built from https://develop.svn.wordpress.org/trunk@44021


git-svn-id: http://core.svn.wordpress.org/trunk@43851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-12-13 00:23:24 +00:00
John Blackbourn aa77e7c27f Docs: Improve docblocks within `wp-login.php`. 
Props birgire

See #42505

Built from https://develop.svn.wordpress.org/trunk@43644


git-svn-id: http://core.svn.wordpress.org/trunk@43473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-09-14 13:48:24 +00:00
jrf c952f8f98f I18n: Improve translators comments [1]. 
* Add missing translators comments.
* Fix placement of some translators comments.
  Translators comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools.
  The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translators comments.

Patch `44360-src.2.diff` of the series.

Props garyj, alvarogois, michielatyoast
See #44360
Built from https://develop.svn.wordpress.org/trunk@43595


git-svn-id: http://core.svn.wordpress.org/trunk@43424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-08-30 12:14:24 +00:00
Gary Pendergast 56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0 
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-08-17 01:51:36 +00:00
Gary Pendergast 8244397ffb Coding Standards: Prepare for upgrading WPCS to 1.0.0. 
In order to get the best result when running `phpcbf` across the codebase, there are some manual tweaks we need to make.

These fall into three categories:
- Fixing incorrectly indented code which has flow-on effects when auto-fixing.
- Tweaking the layout of inline PHP inside HTML tags.
- Moving more complex inline PHP inside HTML tags, to execute earlier.

See #44600.


Built from https://develop.svn.wordpress.org/trunk@43569


git-svn-id: http://core.svn.wordpress.org/trunk@43398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-08-15 06:22:26 +00:00
John Blackbourn 58509ba12f Login and Registration: Pass the `$errors` parameter to the `lost_password` action. 
Props sebakurzyn

Fixes #44512

Built from https://develop.svn.wordpress.org/trunk@43542


git-svn-id: http://core.svn.wordpress.org/trunk@43371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-07-28 13:02:25 +00:00
Sergey Biryukov cf4f8d8737 Login and Registration: Set a better default value for `$wp_error` parameter in `login_header()`. 
To prevent someone from passing a string (which would not be added to a new `WP_Error` instance), check for `is_wp_error()` explicitly.

Props desrosj, chetan200891, spyderbytes, lbenicio, sebastien@thivinfo.com, abdullahramzan.
Fixes #44052.
Built from https://develop.svn.wordpress.org/trunk@43457


git-svn-id: http://core.svn.wordpress.org/trunk@43284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-07-16 14:10:26 +00:00
Sergey Biryukov ae2b929294 Privacy: Update request confirmation notice text for clarity. 
Props desrosj, melchoyce, garrett-eclipse.
Fixes #43970.
Built from https://develop.svn.wordpress.org/trunk@43232


git-svn-id: http://core.svn.wordpress.org/trunk@43061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-05-10 20:53:21 +00:00
iandunn b1cf176f6e Privacy: Add policy link to login screen. 
Personal data collection is more likely for registered users than casual visitors, and the privacy policy might have been updated since a user last logged in. Those changes could impact the collection of personal data from registered users, so it makes sense to provide a link to the policy before users log in.

Props voneff, xkon, melchoyce, chetan200891, desrosj.
Fixes #43721.

Built from https://develop.svn.wordpress.org/trunk@43120


git-svn-id: http://core.svn.wordpress.org/trunk@42949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-05-02 19:48:21 +00:00
Andrew Ozz 3a43a64c20 Privacy: fix inconsistencies in new strings. 
Props audrasjb.
Fixes #43925.
Built from https://develop.svn.wordpress.org/trunk@43118


git-svn-id: http://core.svn.wordpress.org/trunk@42947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-05-02 18:42:21 +00:00
Andrew Ozz f1703c0e70 Privacy: update the method to confirm user requests by email. Use a single CPT to store the requests and to allow logging/audit trail. 
Props mikejolley.
See #43443.

Built from https://develop.svn.wordpress.org/trunk@43008


git-svn-id: http://core.svn.wordpress.org/trunk@42837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-04-27 10:12:22 +00:00
Andrew Ozz d3f054b5a9 Privacy: fixes and updates for the method to confirm user requests by email. 
- Improve function and variable names.
- Allow extra data to be passed with the request.
- Make the option/user meta names more consistent.
- Adds an inline comment explaining use of hash.

Props mikejolley.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@42964


git-svn-id: http://core.svn.wordpress.org/trunk@42793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-04-06 19:10:30 +00:00
Dominik Schilling 14bc2c0a6f Login: Use `wp_safe_redirect()` when redirecting the login page if forced to use HTTPS. 
Built from https://develop.svn.wordpress.org/trunk@42892


git-svn-id: http://core.svn.wordpress.org/trunk@42722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-04-03 14:32:31 +00:00
Dominik Schilling 5c291d49de Pinking shears. 
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42843


git-svn-id: http://core.svn.wordpress.org/trunk@42673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-03-18 14:23:33 +00:00
Sergey Biryukov 4848a09b35 I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders. 
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.

Fixes #43523.
Built from https://develop.svn.wordpress.org/trunk@42827


git-svn-id: http://core.svn.wordpress.org/trunk@42657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-03-11 16:44:34 +00:00
Andrew Ozz 791b11bc3f Add a method to confirm user requests by email. First run. 
Props mikejolley.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@42791


git-svn-id: http://core.svn.wordpress.org/trunk@42621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-03-06 23:47:30 +00:00
Sergey Biryukov 0e802a627d General: Introduce `WP_Error::has_errors()` method and use it where appropriate. 
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742.
Built from https://develop.svn.wordpress.org/trunk@42761


git-svn-id: http://core.svn.wordpress.org/trunk@42591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-02-27 02:31:31 +00:00
John Blackbourn 3ee38c0a05 Login and Registration: Instruct the browser to disable autocapitalisation for the user login field on the login screen. 
Props drywallbmb
Fixes #42886

Built from https://develop.svn.wordpress.org/trunk@42406


git-svn-id: http://core.svn.wordpress.org/trunk@42235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-12-16 13:41:48 +00:00
Gary Pendergast aaf99e6913 Code is Poetry. 
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-30 23:11:00 +00:00
Gary Pendergast 95cfb7f5e4 Login: Swap `bloginfo()` usage for `get_bloginfo()`. 
[41843] introduced a use of `bloginfo()`, where it should be using `get_bloginfo()`.

Props dlh.
Fixes #34625.


Built from https://develop.svn.wordpress.org/trunk@41850


git-svn-id: http://core.svn.wordpress.org/trunk@41684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-13 02:10:48 +00:00
Gary Pendergast a9d38090ac Login: On the single site login screen, match the logo link text with the title. 
Previously, the (W) logo on the single site login screen linked to wordpress.org, with an appropriate `title` attribute, but the link text was the blog name.

To fix this discrepency, the link text is now the same as the `title` attribute.

Props pento, obrienlabs, afercia, flixos90, lukecavanagh, and the infinite stack of bikesheds that WordPress is balanced upon.
Fixes #34625.


Built from https://develop.svn.wordpress.org/trunk@41843


git-svn-id: http://core.svn.wordpress.org/trunk@41677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-12 04:57:46 +00:00
Sergey Biryukov 806c464e4b Login and Registration: Prevent PHP warnings when POSTing to `wp-login.php` with an array as a `user_login` or `user_email` field. 
Props menakas, johnjamesjacoby.
Fixes #40888.
Built from https://develop.svn.wordpress.org/trunk@41782


git-svn-id: http://core.svn.wordpress.org/trunk@41616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-06 17:37:47 +00:00
John Blackbourn f9a5f5485d I18N: Allow the login screen language to be specified via a `wp_lang` query variable, and use this for the interim login modal. 
This allows users who are using the admin area in a language other than the site language to read the notice on the login screen
(which explains that they need to log in again) in their chosen language.

Props Nikschavan, swissspidy

Fixes #40205

Built from https://develop.svn.wordpress.org/trunk@41692


git-svn-id: http://core.svn.wordpress.org/trunk@41526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-02 23:21:47 +00:00
Sergey Biryukov 50e03e19af Login and Registration: Introduce `login_title` filter for the `<title>` tag content on login page. 
The new filter mirrors the `admin_title` filter used on admin pages.

Props nishitlangaliya, henry.wright, SergeyBiryukov.
Fixes #40812.
Built from https://develop.svn.wordpress.org/trunk@41691


git-svn-id: http://core.svn.wordpress.org/trunk@41525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-02 23:00:46 +00:00
Sergey Biryukov 63402326c1 Login and Registration: Make the order of `<title>` tag parts on login page consistent with the rest of admin pages. 
Props nishitlangaliya, henry.wright.
Fixes #40814.
Built from https://develop.svn.wordpress.org/trunk@41690


git-svn-id: http://core.svn.wordpress.org/trunk@41524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-02 22:30:46 +00:00
Sergey Biryukov 649eb34d2a Login and Registration: Replace home URL in password reset email with the site name to avoid confusing the user with multiple links. 
Props Presskopp, code-monkey.
Fixes #38328.
Built from https://develop.svn.wordpress.org/trunk@41578


git-svn-id: http://core.svn.wordpress.org/trunk@41411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-23 11:44:46 +00:00
Adam Silverstein 220d5aec74 Login: Password reset - add hide icon & confirm weak password checkbox. 
Extends the password features added in 4.3 to the password reset flow.

Props johnbillion, manolis09, umesh.nevase, Nikschavan.


Built from https://develop.svn.wordpress.org/trunk@41556


git-svn-id: http://core.svn.wordpress.org/trunk@41389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-21 21:29:48 +00:00
John Blackbourn 2cde37040d Login and Registration: Introduce a `login_link_separator` filter to allow the separator between links in the footer of the 
login screen to be filtered.

Props henry.wright

Fixes #40802

Built from https://develop.svn.wordpress.org/trunk@41291


git-svn-id: http://core.svn.wordpress.org/trunk@41131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-08-22 14:23:47 +00:00
Sergey Biryukov 62947553c5 Login and Registration: Prevent the `enable_login_autofocus` filter DocBlock from spilling into JS code. 
Props chris@vendiadvertising.com.
Fixes #41176.
Built from https://develop.svn.wordpress.org/trunk@40954


git-svn-id: http://core.svn.wordpress.org/trunk@40804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-06-26 20:37:42 +00:00
Andrea Fercia 430422b0b7 Login and Registration: Add a filter to disable the initial auto-focus on the login screen. 
Fixes #40301.

Built from https://develop.svn.wordpress.org/trunk@40652


git-svn-id: http://core.svn.wordpress.org/trunk@40515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-12 17:12:46 +00:00
Pascal Birchler 72c19648bc Load: Only load `PasswordHash` class when needed. 
This reverts [38371] which loaded `class-phpass.php` early in `wp-settings.php` and in turn caused backward compatibility problems.

Props DavidAnderson, ketuchetan.
Fixes #39445.

Built from https://develop.svn.wordpress.org/trunk@40387


git-svn-id: http://core.svn.wordpress.org/trunk@40294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-06 18:01:42 +00:00
Sergey Biryukov 6de5a9f8e3 Docs: Add a note to `retrieve_password_message` filter that password reset email will not be sent if the filtered message is empty. 
Props sudar.
Fixes #39788.
Built from https://develop.svn.wordpress.org/trunk@40048


git-svn-id: http://core.svn.wordpress.org/trunk@39985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-02-06 04:16:42 +00:00
Boone Gorges 3a0e61e680 Allow apostrophes in email address during wp-login.php registration. 
See #18039 for a related fix when creating users via the Dashboard.

Props tomdxw.
Fixes #34483.
Built from https://develop.svn.wordpress.org/trunk@39544


git-svn-id: http://core.svn.wordpress.org/trunk@39484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-12-08 03:58:45 +00:00
John Blackbourn c2d709e9d6 I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment. 
See #38882

Built from https://develop.svn.wordpress.org/trunk@39326


git-svn-id: http://core.svn.wordpress.org/trunk@39266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-11-21 02:46:30 +00:00
John Blackbourn 4cf5550d8d I18n: Begin introducing translator comments for strings which include placeholders but no accompanying translator comment. 
Adds context to one string used in two different contexts for the new user and new site signup email notification.

More to come.

See #38882

Built from https://develop.svn.wordpress.org/trunk@39323


git-svn-id: http://core.svn.wordpress.org/trunk@39263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-11-21 01:22:32 +00:00
Jeremy Felt 1560fbcbc5 Multisite: Use `get_network()` and `get_current_network_id()` for current network data. 
`get_network()` falls back to the current network when called without any arguments. Between this and `get_current_network_id()`, we can replace almost all instances of the global `$current_site` and all instances of `get_current_site()`.

This effectively deprecates `get_current_site()`, something that we'll do in a future ticket.

Props flixos90.
Fixes #37414.

Built from https://develop.svn.wordpress.org/trunk@38814


git-svn-id: http://core.svn.wordpress.org/trunk@38757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-19 04:47:30 +00:00
Helen Hou-Sandí e4bfe48ebc Login: Don't rely on `wp_is_mobile()` for functionality. 
Making behavior changes based on some broad definition of what mobile is rarely, if ever, makes sense. Each bit of functionality should be more clearly targeted, whether that's for screen size, performance, or some kind of touch capability.

props akibjorklund.
see #33704.

Built from https://develop.svn.wordpress.org/trunk@38739


git-svn-id: http://core.svn.wordpress.org/trunk@38682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-06 15:52:30 +00:00
Sergey Biryukov b4aaf3925d Login and Registration: Change login label to `Username or Email Address` for clarity. 
Props GaryJ.
Fixes #37871.
Built from https://develop.svn.wordpress.org/trunk@38477


git-svn-id: http://core.svn.wordpress.org/trunk@38418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 18:51:28 +00:00
Scott Taylor cabb4a03c8 Multisite: use `get_current_site()` instead of `$GLOBALS['current_site']` (stop yelling!) in a few remaining spots. 
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38458


git-svn-id: http://core.svn.wordpress.org/trunk@38399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 05:04:29 +00:00
John Blackbourn dbdc1c28b1 I18N: Correct various instances of incorrect usage of `esc_attr_e()`. 
Fixes #37457
Props henry.wright, afercia

Built from https://develop.svn.wordpress.org/trunk@38424


git-svn-id: http://core.svn.wordpress.org/trunk@38365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-28 18:06:30 +00:00
Scott Taylor 481123661c Load: load `class-phpass.php` (`PasswordHash` class) early in `wp-settings.php`, instead of `require_once()`'ing it in several places. 
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38371


git-svn-id: http://core.svn.wordpress.org/trunk@38312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-26 17:40:35 +00:00
Drew Jaynes 22adda2aa0 Hooks: Standardize naming of dynamic hooks to use interpolation vs concatenation. 
Benefits gained in discoverability and self-documentation throughout core trump the negligible performance hit in using interpolation in hook names.

Props ramiy.
See #37748.

Built from https://develop.svn.wordpress.org/trunk@38307


git-svn-id: http://core.svn.wordpress.org/trunk@38248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-22 18:25:31 +00:00
Scott Taylor cd6d2bae92 Login: `retrieve_password()` does not need to import 2 globals that it does not use. 
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38304


git-svn-id: http://core.svn.wordpress.org/trunk@38245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-22 04:48:28 +00:00
Sergey Biryukov 0cdf2d371b I18N: Add context and translator comments to `Back to %s` strings. 
Fixes #37095.
Built from https://develop.svn.wordpress.org/trunk@37703


git-svn-id: http://core.svn.wordpress.org/trunk@37669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-14 21:51:28 +00:00
Sergey Biryukov 7ddbbfec08 Users: `wp_signon()` expects an array as the `$credentials` argument, not a string. 
If an empty string was passed, redeclare it as an empty array to avoid a warning and a fatal error in PHP 7.1.0 Alpha 1.

Props simonvik.
Fixes #37071.
Built from https://develop.svn.wordpress.org/trunk@37697


git-svn-id: http://core.svn.wordpress.org/trunk@37663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-14 15:34:29 +00:00
Drew Jaynes f82641ad0e Docs: Standardize filter docs in root folder files to use third-person singular verbs per the inline documentation standards for PHP. 
Fixes #36913.

Built from https://develop.svn.wordpress.org/trunk@37535


git-svn-id: http://core.svn.wordpress.org/trunk@37503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-23 16:44:27 +00:00
Boone Gorges 720e2af290 During password reset, user-submitted login/email should be stripslashed. 
This prevents errors when an email address contains an apostrophe. See [29966]
for similar treatment of a related problem.

Props dcavins.
Fixes #36322.
Built from https://develop.svn.wordpress.org/trunk@37474


git-svn-id: http://core.svn.wordpress.org/trunk@37442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-20 19:21:30 +00:00
Sergey Biryukov c8fe7cc538 Login/Registration: Add `login_header` action that fires in the login page header after the body tag is opened and complements `login_footer`. 
Props borkweb, iamfriendly, voldemortensen.
Fixes #22139.
Built from https://develop.svn.wordpress.org/trunk@37243


git-svn-id: http://core.svn.wordpress.org/trunk@37209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-04-18 23:54:29 +00:00
Jeremy Felt 27e29666a8 Multisite: Handle redirect to a user's subdomain properly during login 
`wp-login.php` uses `wp_safe_redirect()` for all redirects, even those that do not involve unsafe data from the request or referer.

When a user of a subdomain site attempts to login to a network site they do not have access to, the host in the redirect URL is treated as unsafe by `wp_safe_redirect()` as it has no immediate awareness as to which hosts are valid on the network. On a subdirectoy network, everything works as expected because the host is the same.

In this specific block of `wp-login.php`, all URLs are generated by WordPress and we can use `wp_redirect()` to handle the redirects. Users authenticating via other network sites will now be redirected properly. Hosts passed via the `redirect_to` query var will continue to be handled by `wp_safe_redirect()`.

Fixes #30598.

Built from https://develop.svn.wordpress.org/trunk@36867


git-svn-id: http://core.svn.wordpress.org/trunk@36834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-06 03:06:29 +00:00
Dominik Schilling 7ebe2c1e7a Authentication: Allow users to log in using their email address. 
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.

Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568.
Built from https://develop.svn.wordpress.org/trunk@36617


git-svn-id: http://core.svn.wordpress.org/trunk@36584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-02-22 23:15:27 +00:00
Sergey Biryukov 6e60f8b6f8 Login: In `login_header()`, use correct separator for RTL locales. 
Props ramiy.
Fixes #35737.

Built from https://develop.svn.wordpress.org/trunk@36487


git-svn-id: http://core.svn.wordpress.org/trunk@36454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-02-06 22:56:27 +00:00
Dion Hulse 987ce83cfc CSS: Stop using `wp-admin.min.css` and instead queue the individual stylesheets up through `load-styles.php`. 
We still generate the `wp-admin.*` files for compabitility purposes, however they only include the `@import()` lines.

Fixes #35229

Built from https://develop.svn.wordpress.org/trunk@36341


git-svn-id: http://core.svn.wordpress.org/trunk@36308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-01-18 09:57:29 +00:00
John Blackbourn d4eb85569b Login: Revert [34213] and [35897]. It has become apparent that there is a need for a separate function (and corresponding filter) which allows for the login form action URL to differ from the URL used to access the login form, so that plugins or implementations which change the login URL do not need to worry about handling the form submission at the same URL. 
For now, we'll revert to the pre-4.4 behaviour of hard-coding the login form action URL as `wp-login.php` and look at implementing a separate function and corresponding filter in 4.5.

Props KrissieV, salcode, JPry
Fixes #34925
See #35103

Built from https://develop.svn.wordpress.org/trunk@36042


git-svn-id: http://core.svn.wordpress.org/trunk@36007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-21 03:23:29 +00:00
Pascal Birchler 2981d66990 Login: After [34213], use the `login_post` scheme again for login forms. 
See #34925.
Built from https://develop.svn.wordpress.org/trunk@35897


git-svn-id: http://core.svn.wordpress.org/trunk@35861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-13 14:03:26 +00:00
Drew Jaynes b3d28ad0b9 Administration: Improve the message displayed in the login form modal when a user's session has expired. 
Props obrienlabs.
Fixes #34340.

Built from https://develop.svn.wordpress.org/trunk@35865


git-svn-id: http://core.svn.wordpress.org/trunk@35829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-11 16:01:28 +00:00
Andrea Fercia 2ae5db3856 Accessibility: remove no-purpose title attributes from the login screen. 
Also, it's hard to convey the ironic tone of the sentences used for these title attributes in languages other than English.

Fixes #34943.
Built from https://develop.svn.wordpress.org/trunk@35846


git-svn-id: http://core.svn.wordpress.org/trunk@35810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-09 22:20:29 +00:00
Sergey Biryukov 788ea5ba5a Reset Password: Improve wording for a string used in password reset email. 
Props obrienlabs.
Fixes #34605.
Built from https://develop.svn.wordpress.org/trunk@35559


git-svn-id: http://core.svn.wordpress.org/trunk@35523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-11-06 22:36:25 +00:00
Drew Jaynes ad6a1303dc Login: Pass the username and `WP_User` object to the `retrieve_password_title` filter. 
Adding these parameters creates parity with the `retrieve_password_message` filter, used for modifying the message body of the same password reset email.

Props sudar.
Fixes #34252.

Built from https://develop.svn.wordpress.org/trunk@35093


git-svn-id: http://core.svn.wordpress.org/trunk@35058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-13 00:51:24 +00:00
John Blackbourn d2416ca93a Correctly set the `secure` flag on the post password cookie based on the scheme of the referring URL, if it's available, instead of the home URL. 
Fixes #29641

Built from https://develop.svn.wordpress.org/trunk@34932


git-svn-id: http://core.svn.wordpress.org/trunk@34897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-08 03:09:24 +00:00
John Blackbourn 95045d629b Correctly set the `secure` flag for the test cookie based on the login URL scheme, and the same for the user settings cookies based on the admin URL scheme. 
Fixes #34159

Built from https://develop.svn.wordpress.org/trunk@34931


git-svn-id: http://core.svn.wordpress.org/trunk@34896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-08 03:05:25 +00:00
Sergey Biryukov 399c1f3c83 Reset Password: Move the code for creating password reset key into a new function, `get_password_reset_key()`, and use it in `retrieve_password()`. 
Previously: [25231].

Props DH-Shredder.
Fixes #34180.
Built from https://develop.svn.wordpress.org/trunk@34923


git-svn-id: http://core.svn.wordpress.org/trunk@34888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-08 00:11:24 +00:00
John Blackbourn 471752f59a Prevent a PHP notice when POSTing to `wp-login.php?action=register` without a `user_login` or `user_email` field in the POST request. 
Fixes #34192

Built from https://develop.svn.wordpress.org/trunk@34910


git-svn-id: http://core.svn.wordpress.org/trunk@34875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-07 14:43:25 +00:00
John Blackbourn 2d745fabe3 Prevent a PHP notice from appearing on `wp-login.php?action=postpass` when there's no `$_POST['post_password']` parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here). 
Fixes #34160
Props iamfriendly

Built from https://develop.svn.wordpress.org/trunk@34909


git-svn-id: http://core.svn.wordpress.org/trunk@34874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-07 14:30:25 +00:00
Drew Jaynes fa4fed0f80 Login: Pass the `$errors` object as a parameter to the `lostpassword_post` hook. 
Props iamfriendly.
Fixes #32116.

Built from https://develop.svn.wordpress.org/trunk@34885


git-svn-id: http://core.svn.wordpress.org/trunk@34850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-06 23:00:25 +00:00
Scott Taylor 39552b63ca Passwords: fix the markup on the Reset Password Form for `user-pass1` so the JavaScript operates properly. 
Props ldinclaux.
See #33892.
Fixes #33908.

Built from https://develop.svn.wordpress.org/trunk@34371


git-svn-id: http://core.svn.wordpress.org/trunk@34335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-22 03:57:24 +00:00
Sergey Biryukov 19bcadf2a6 Reset Password: Move `<div>` out of `<p>` in `wp-login.php`. 
Props ldinclaux.
Fixes #33892.
Built from https://develop.svn.wordpress.org/trunk@34232


git-svn-id: http://core.svn.wordpress.org/trunk@34196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-16 11:46:25 +00:00
John Blackbourn a9e5cfddc7 Implement `wp_login_url()` and `wp_registration_url()` in places where `wp-login.php` is currently hard-coded. 
See #31495
Props GregLone

Built from https://develop.svn.wordpress.org/trunk@34213


git-svn-id: http://core.svn.wordpress.org/trunk@34177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-15 17:11:35 +00:00
John Blackbourn 3361f90a1c When a user with no role logs in, redirect them to the home page rather than their profile screen which they do not have access to. 
See #25162

Built from https://develop.svn.wordpress.org/trunk@33924


git-svn-id: http://core.svn.wordpress.org/trunk@33893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-09-05 21:34:24 +00:00
Helen Hou-Sandí 1f500055a6 Drop the hyphen from e-mail and standardize on email. 
The AP Stylebook changed this in 2011, and we're woefully inconsistent, so let's go with the standard.

props morganestes, voldemortensen, niallkennedy (for patching on the previous AP style).
fixes #26156.

Built from https://develop.svn.wordpress.org/trunk@33774


git-svn-id: http://core.svn.wordpress.org/trunk@33742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-08-28 03:17:21 +00:00
Mark Jaquith 69107095b7 Autogenerate passwords that more reliably fit within their inputs. 
fixes #33166
Built from https://develop.svn.wordpress.org/trunk@33474


git-svn-id: http://core.svn.wordpress.org/trunk@33441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-29 03:56:24 +00:00
Scott Taylor d92795db13 Passwords UI: clean up the new JS in `wp-admin/js/user-profile.js`. 
Instead of wrapping `#pass1` in a `<span>` dynamically, add the `<span>` to the HTML in PHP. It currently has no styling.

Fixes #33145.

Built from https://develop.svn.wordpress.org/trunk@33450


git-svn-id: http://core.svn.wordpress.org/trunk@33417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-27 21:25:25 +00:00
Konstantin Obenland 45bfab3aa8 Passwords: Add password strength meter feedback for screen readers. 
Also gives context to the show/hide button.

Props rianrietveld, afercia.
Fixes #33032.


Built from https://develop.svn.wordpress.org/trunk@33353


git-svn-id: http://core.svn.wordpress.org/trunk@33325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-22 00:15:25 +00:00
Konstantin Obenland 1f18ef86a3 Login: Reflect new password flow in registration form. 
Props Ipstenu.
Fixes #32428.


Built from https://develop.svn.wordpress.org/trunk@33265


git-svn-id: http://core.svn.wordpress.org/trunk@33237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-14 16:08:25 +00:00
Konstantin Obenland f020fab7ef Password: Improve display of password meter on login screen. 
Fixes #32925.

Built from https://develop.svn.wordpress.org/trunk@33251


git-svn-id: http://core.svn.wordpress.org/trunk@33223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-14 03:32:24 +00:00
Mark Jaquith 04793dce34 Fix small typo from [33019]. 
see #32429
Built from https://develop.svn.wordpress.org/trunk@33034


git-svn-id: http://core.svn.wordpress.org/trunk@33005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-01 18:16:24 +00:00
Mark Jaquith 423a1a7ca4 New password change/set UI. 
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords

see #32589

props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023


git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-01 14:48:24 +00:00
Dion Hulse c261ad2c57 Expire password reset links after 24 hours (by default). This causes existing password reset links to become invalid. 
Props markjaquith, voldemortensen, johnbillion, MikeHansenMe, dd32
See #32429

Built from https://develop.svn.wordpress.org/trunk@33019


git-svn-id: http://core.svn.wordpress.org/trunk@32990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-07-01 06:33:26 +00:00
Scott Taylor 42d51a4f89 Add doc blocks to functions that are missing them. 
If the function has no need for `@param` or `@return`, do an archeaological dig to find `@since`.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32672


git-svn-id: http://core.svn.wordpress.org/trunk@32642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-05-31 03:18:25 +00:00
Dominik Schilling 64fc7294b6 Use HTTPS URLs for codex.wordpress.org. 
see #27115.
Built from https://develop.svn.wordpress.org/trunk@32116


git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-04-12 21:29:32 +00:00
John Blackbourn 7c5fc2debb Implement an `aria-describedby` attribute for login screen errors, and improve the "Forgot password?" anchor text. 
Props aferica, rianrietveld
Fixes #31143

Built from https://develop.svn.wordpress.org/trunk@31871


git-svn-id: http://core.svn.wordpress.org/trunk@31850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-03-24 16:29:26 +00:00
John Blackbourn 35f4e719b2 Introduce a `logout_redirect` filter so the redirect destination can be changed when a user logs out. Parameters: 
* string  $redirect_to           The redirect destination URL.
 * string  $requested_redirect_to The requested redirect destination URL passed as a parameter.
 * WP_User $user                  The WP_User object for the user that's logging out. 

Fixes #27617
Props SergeyBiryukov, johnbillion

Built from https://develop.svn.wordpress.org/trunk@31417


git-svn-id: http://core.svn.wordpress.org/trunk@31398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-02-11 19:19:26 +00:00
Scott Taylor 60b0cd7943 The keyword `elseif` should be used instead of `else if` so that all control keywords look like single words. 
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-01-08 07:05:25 +00:00
Andrew Nacin 741e0ec6de No need for wp_get_password_hint() to be prefixed as if it is private. 
see #21243.

Built from https://develop.svn.wordpress.org/trunk@30855


git-svn-id: http://core.svn.wordpress.org/trunk@30845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-12-15 08:34:23 +00:00
Drew Jaynes ab3856619e Docs Formatting: Backtick-escape inline code for the `login_form_ . $action` dynamic hook in wp-login.php. 
See #30552.

Built from https://develop.svn.wordpress.org/trunk@30651


git-svn-id: http://core.svn.wordpress.org/trunk@30641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-30 11:45:23 +00:00
Drew Jaynes 4b6abbaff4 Ensure inline code is markdown-escaped as such, HTML tags are removed from summaries, and that code snippets in descriptions are properly indented. 
Affects DocBlocks for the following core elements:
* Backtick-escape code snippets in the description for `get_object_taxonomies()`
* Backtick-escape inline code in a markdown-formatted unordered list in the description for `get_taxonomy_labels()`
* Remove an HTML tag from the summary for the `Walker_Category_Checklist` class
* Remove an HTML tag from the summary for `wp_category_checklist()`, various formatting
* Remove an HTML tag from the summary for `wp_terms_checklist()`
* Backtick-escape an HTML tag in the description for `wp_popular_terms_checklist()`
* Remove HTML tags from the summaries for `page_template_dropdown()`, `parent_dropdown()`, and `wp_dropdown_roles()`
* Backtick-escape HTML tags in a parameter description for `add_settings_error()`
* Various formatting in the description and summary for `settings_errors()`
* Markdown-indent code snippets in the descriptions for `wpdb::prepare()`, `wpdb::insert()`, `wpdb::replace()`, `wpdb::update()`, and `wpdb::delete()`
* Backtick-escape an HTML tag in a parameter description for `login_header()`
* Remove HTML tags from the summaries for the `lostpassword_form` and `signup_header` hooks

Props rarst.
See #30473.

Built from https://develop.svn.wordpress.org/trunk@30546


git-svn-id: http://core.svn.wordpress.org/trunk@30535 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-24 06:31:21 +00:00
Andrew Nacin b271e36f47 Form validation for password resets. 
Built from https://develop.svn.wordpress.org/trunk@30417


git-svn-id: http://core.svn.wordpress.org/trunk@30412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-20 12:22:22 +00:00
John Blackbourn 066ee3b2b7 Add `$user_login` and `$user_data` parameters to the `retrieve_password_message` filter. 
Props ivankristianto, dcavins
Fixes #25853

Built from https://develop.svn.wordpress.org/trunk@30357


git-svn-id: http://core.svn.wordpress.org/trunk@30356 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-11-16 07:25:22 +00:00
Drew Jaynes 66c47f29bb Correct references of `@uses $wpdb` in core documentation to use `@global`. 
See #30191, [30105].
Fixes #30217.

Built from https://develop.svn.wordpress.org/trunk@30122


git-svn-id: http://core.svn.wordpress.org/trunk@30122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-10-31 17:56:22 +00:00
John Blackbourn b1ba80de87 Rename `_wp_password_hint()` to `_wp_get_password_hint()` to bring it inline with core terminology. Fixes #21243. 
Built from https://develop.svn.wordpress.org/trunk@30033


git-svn-id: http://core.svn.wordpress.org/trunk@30033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-10-26 23:30:18 +00:00
Sergey Biryukov 0eb758720a Move password hint text to a function. Add 'password_hint' filter. 
props convissor.
fixes #21243.
Built from https://develop.svn.wordpress.org/trunk@29962


git-svn-id: http://core.svn.wordpress.org/trunk@29709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-10-18 20:21:18 +00:00
Helen Hou-Sandí 36a1e543d6 Refresh the post-update login message. 
Just a little older in the soul, like your faithful release lead.

fixes #29388.

Built from https://develop.svn.wordpress.org/trunk@29644


git-svn-id: http://core.svn.wordpress.org/trunk@29418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-08-27 05:32:18 +00:00
Andrew Nacin d84507c3ad Password resets: Use network_site_url() for form actions. 
props mdawaffe.
fixes #29156.

Built from https://develop.svn.wordpress.org/trunk@29631


git-svn-id: http://core.svn.wordpress.org/trunk@29405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-08-26 20:01:16 +00:00
Sergey Biryukov 444a25b375 Avoid PHP notices in wp-login.php if password reset cookie is not set. 
props mdawaffe.
see #29060.
Built from https://develop.svn.wordpress.org/trunk@29381


git-svn-id: http://core.svn.wordpress.org/trunk@29159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-08-06 02:17:15 +00:00
Andrew Nacin 4bcf60c885 Don't pass around the password reset key. 
props mdawaffe.
fixes #29060.

Built from https://develop.svn.wordpress.org/trunk@29327


git-svn-id: http://core.svn.wordpress.org/trunk@29108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-29 18:19:16 +00:00
Dominik Schilling 2e4be94288 Replace `is_https_url()` with `'https' === parse_url( $url, PHP_URL_SCHEME )`. 
see #28427, #28487.
Built from https://develop.svn.wordpress.org/trunk@29311


git-svn-id: http://core.svn.wordpress.org/trunk@29092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-27 17:46:17 +00:00
Sergey Biryukov f6206e5850 Don't always focus password field on interim login. 
props johnbillion.
fixes #28961.
Built from https://develop.svn.wordpress.org/trunk@29258


git-svn-id: http://core.svn.wordpress.org/trunk@29041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-21 16:21:14 +00:00
Drew Jaynes e731028303 Fix syntax for single- and multi-line comments in root-directory files. 
See #28931.

Built from https://develop.svn.wordpress.org/trunk@29205


git-svn-id: http://core.svn.wordpress.org/trunk@28989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-17 09:12:16 +00:00
John Blackbourn be12ea968a Implement email and url input types where appropriate. Props Kau-Boy. Fixes #22183. 
Built from https://develop.svn.wordpress.org/trunk@29030


git-svn-id: http://core.svn.wordpress.org/trunk@28818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-07-08 17:52:14 +00:00
Sergey Biryukov ec3d119861 Avoid overwriting $error global with an interim variable. 
props MikeLittle.
fixes #28691.
Built from https://develop.svn.wordpress.org/trunk@28925


git-svn-id: http://core.svn.wordpress.org/trunk@28724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-30 14:39:17 +00:00
Scott Taylor c8852cc909 Use the `WPINC` constant when loading `class-phpass.php` 
Props wojtek.szkutnik
See #14157.

Built from https://develop.svn.wordpress.org/trunk@28903


git-svn-id: http://core.svn.wordpress.org/trunk@28702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-29 22:12:16 +00:00
John Blackbourn 548c41455a Remove the WordPress logo from the focusable elements on the install/update screens. Fixes #28674. Props stompweb 
Built from https://develop.svn.wordpress.org/trunk@28896


git-svn-id: http://core.svn.wordpress.org/trunk@28695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-29 14:10:15 +00:00
John Blackbourn 60ff3a61f9 Conditionally set the the `secure` flag on the test cookie, post password cookie, settings cookies, and comment author cookies depending on whether the front end and/or admin area are served over `https`. Fixes #28427 
Built from https://develop.svn.wordpress.org/trunk@28895


git-svn-id: http://core.svn.wordpress.org/trunk@28694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-29 13:25:16 +00:00
Scott Taylor 6997001d12 Don't annotate `$wp_error` twice in `login_header()` docs. `$wp_error` is always expected to be of type `WP_Error`. 
Props SergeyBiryukov.
Fixes #28518.

Built from https://develop.svn.wordpress.org/trunk@28792


git-svn-id: http://core.svn.wordpress.org/trunk@28605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-20 19:19:14 +00:00
Andrew Nacin d29dc48134 Forcing SSL logins now forces SSL for the entire admin, with no middle ground. 
fixes #10267.

Built from https://develop.svn.wordpress.org/trunk@28609


git-svn-id: http://core.svn.wordpress.org/trunk@28433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-29 03:59:15 +00:00
Scott Taylor aa83aea519 In `wp-login.php`, `break` is unreachable after `exit` 
See #27882.

Built from https://develop.svn.wordpress.org/trunk@28340


git-svn-id: http://core.svn.wordpress.org/trunk@28168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-07 03:58:15 +00:00
Drew Jaynes d77e78d685 Clean up duplicate hook notations and adjacency for calls to the `wp_signup_location` filter. 
Also adds braces missed in [25535].

See #26869.

Built from https://develop.svn.wordpress.org/trunk@28215


git-svn-id: http://core.svn.wordpress.org/trunk@28045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-25 07:12:14 +00:00
Drew Jaynes 05537ab967 Ensure the `register` filter hook is only documented once. 
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28208


git-svn-id: http://core.svn.wordpress.org/trunk@28038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-25 06:24:15 +00:00
Andrew Nacin 41d2a7f82b RTL for login screen. 
props yoavf.
fixes #27784.

Built from https://develop.svn.wordpress.org/trunk@28096


git-svn-id: http://core.svn.wordpress.org/trunk@27927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-13 16:06:14 +00:00
Drew Jaynes 21d15059f4 Improve hook docs for the `resetpass_form` hook added in 3.9. 
See #21044, #27700.

Built from https://develop.svn.wordpress.org/trunk@28017


git-svn-id: http://core.svn.wordpress.org/trunk@27847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-07 22:06:14 +00:00
Andrew Nacin 2f9713104b Only show test cookie warnings on submit as caching/proxies may intercept the test cookie for GET requests. 
Introduce a new string for when headers are sent and link them to http://codex.wordpress.org/Cookies (new page).

props SergeyBiryukov.
fixes #27373.

Built from https://develop.svn.wordpress.org/trunk@27859


git-svn-id: http://core.svn.wordpress.org/trunk@27690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-30 00:41:15 +00:00
Andrew Nacin c3ca81ba94 Always decode special characters for email subjects. 
props tlovett1, jeremyfelt.
fixes #25346.

Built from https://develop.svn.wordpress.org/trunk@27801


git-svn-id: http://core.svn.wordpress.org/trunk@27636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-28 02:44:15 +00:00
Andrew Nacin 0c16c0477b Reference https://wordpress.org rather than http://wordpress.org in strings, links, comments, etc. 
props Ipstenu, markjaquith.
see #27115.

Built from https://develop.svn.wordpress.org/trunk@27369


git-svn-id: http://core.svn.wordpress.org/trunk@27219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-03 02:34:27 +00:00
Sergey Biryukov 5d3e652c23 Add Oxford comma to password hint. 
props trepmal.
fixes #26457.
Built from https://develop.svn.wordpress.org/trunk@27246


git-svn-id: http://core.svn.wordpress.org/trunk@27103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-24 23:31:15 +00:00
Helen Hou-Sandí 060cc19157 Make login styles standalone. see #12506. 
Built from https://develop.svn.wordpress.org/trunk@27199


git-svn-id: http://core.svn.wordpress.org/trunk@27056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-20 03:24:14 +00:00
Andrew Nacin 0e0c2d3cdc New resetpass_form hook in wp-login.php. 
props romaimperator.
fixes #21044.

Built from https://develop.svn.wordpress.org/trunk@27068


git-svn-id: http://core.svn.wordpress.org/trunk@26941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-02 07:52:13 +00:00
Matt Thomas 4df7acf1d9 Reset the login form inputs to the standard sans-serif font in IE8 to prevent invisible password field inputs when webfonts are used. Fixes #26348, props SergeyBiryukov, iammattthomas. 
Built from https://develop.svn.wordpress.org/trunk@26583


git-svn-id: http://core.svn.wordpress.org/trunk@26473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-12-03 20:12:11 +00:00
Sergey Biryukov 74f77b85a6 Use get_current_site() instead of the $current_site global when possible. 
props jeremyfelt.
fixes #25158.
Built from https://develop.svn.wordpress.org/trunk@26120


git-svn-id: http://core.svn.wordpress.org/trunk@26032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-11-13 03:23:10 +00:00
Andrew Nacin d0cfa40983 Add jshintrc to qunit. 
props jorbin.
see #25187.

Built from https://develop.svn.wordpress.org/trunk@25992


git-svn-id: http://core.svn.wordpress.org/trunk@25925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-30 14:39:10 +00:00