Sergey Biryukov
177fe21194
Asterisk is an allowed character in a URI and should not be stripped out by wp_sanitize_redirect().
...
fixes #28362 .
Built from https://develop.svn.wordpress.org/trunk@28939
git-svn-id: http://core.svn.wordpress.org/trunk@28737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-01 15:56:15 +00:00
Scott Taylor
c8852cc909
Use the WPINC
constant when loading class-phpass.php
...
Props wojtek.szkutnik
See #14157 .
Built from https://develop.svn.wordpress.org/trunk@28903
git-svn-id: http://core.svn.wordpress.org/trunk@28702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-29 22:12:16 +00:00
Andrew Nacin
dc0aca09f5
Fix documentation for wp_create_nonce() which wrongly suggests these tokens are actually numbers used once.
...
Built from https://develop.svn.wordpress.org/trunk@28793
git-svn-id: http://core.svn.wordpress.org/trunk@28606 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-20 20:47:14 +00:00
Scott Taylor
43bf7f271f
Don't use variable variables in wp_salt()
.
...
See #27881 .
Built from https://develop.svn.wordpress.org/trunk@28741
git-svn-id: http://core.svn.wordpress.org/trunk@28555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-11 18:36:15 +00:00
Drew Jaynes
cb0fc9c64b
Update the $secure_logged_in_cookie
variable in the 'secure_logged_in_cookie' hook docs following [28627].
...
See #15330 .
Built from https://develop.svn.wordpress.org/trunk@28628
git-svn-id: http://core.svn.wordpress.org/trunk@28448 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-30 15:20:16 +00:00
Andrew Nacin
733057e7d6
Use a secure logged_in_cookie when the home URL is forced HTTPS (see #27954 ).
...
see #15330 .
Built from https://develop.svn.wordpress.org/trunk@28627
git-svn-id: http://core.svn.wordpress.org/trunk@28447 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-30 15:08:15 +00:00
Scott Taylor
8e98541d5f
Eliminate the use of extract()
in wp_mail()
. Check the filtered array for each value before re-setting variables.
...
See #22400 .
Built from https://develop.svn.wordpress.org/trunk@28425
git-svn-id: http://core.svn.wordpress.org/trunk@28252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 06:17:15 +00:00
Scott Taylor
f5bd0de275
Eliminate the use of extract()
in wp_validate_auth_cookie()
.
...
Don't do anything fancy here, just set the 4 returned properties to variables. This function is semi-important.
See #22400 .
Built from https://develop.svn.wordpress.org/trunk@28424
git-svn-id: http://core.svn.wordpress.org/trunk@28251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-15 06:11:13 +00:00
Andrew Nacin
7f001bfe24
Harden HMAC verification. props duck_.
...
Built from https://develop.svn.wordpress.org/trunk@28053
git-svn-id: http://core.svn.wordpress.org/trunk@27883 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-08 18:06:16 +00:00
Drew Jaynes
684145ca81
Inline documentation fixes related to the determine_current_user
filter
...
See #26706 , #27700 .
Built from https://develop.svn.wordpress.org/trunk@28007
git-svn-id: http://core.svn.wordpress.org/trunk@27837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-04-07 21:18:15 +00:00
Drew Jaynes
100e737eb0
Inline documentation for hooks in wp-includes/pluggable.php.
...
Props kpdesign for some cleanup.
Fixes #26888 .
Built from https://develop.svn.wordpress.org/trunk@27825
git-svn-id: http://core.svn.wordpress.org/trunk@27659 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-28 21:21:15 +00:00
Andrew Nacin
c3ca81ba94
Always decode special characters for email subjects.
...
props tlovett1, jeremyfelt.
fixes #25346 .
Built from https://develop.svn.wordpress.org/trunk@27801
git-svn-id: http://core.svn.wordpress.org/trunk@27636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-28 02:44:15 +00:00
Andrew Nacin
182de5881d
Avoid notices in wp_notify_postauthor() when a post has no author.
...
props drozdz.
fixes #26659 .
Built from https://develop.svn.wordpress.org/trunk@27568
git-svn-id: http://core.svn.wordpress.org/trunk@27411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-17 20:31:14 +00:00
Andrew Nacin
e7be7a0a8d
Use get_comment_link() in wp_notify_postauthor().
...
Fixes pagination for the link directly to the moderated comment.
props eatingrules.
fixes #26133 .
Built from https://develop.svn.wordpress.org/trunk@27567
git-svn-id: http://core.svn.wordpress.org/trunk@27410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-17 20:20:15 +00:00
Andrew Nacin
acba3131d7
Allow for custom authentication handlers for all requests.
...
Turn the logic used by wp_get_current_user() into a determine_current_user filter.
props rmccue.
fixes #26706 .
Built from https://develop.svn.wordpress.org/trunk@27484
git-svn-id: http://core.svn.wordpress.org/trunk@27328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-09 15:23:15 +00:00
Drew Jaynes
db605f4767
Improve inline documentation for wp_new_user_notification()
.
...
Props antorome for the initial patch.
Fixes #26703 .
Built from https://develop.svn.wordpress.org/trunk@27149
git-svn-id: http://core.svn.wordpress.org/trunk@27016 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-09 21:07:12 +00:00
Sergey Biryukov
1f86e0c1e1
Fix typo in wp_set_auth_cookie() description.
...
props drozdz.
fixes #27046 .
Built from https://develop.svn.wordpress.org/trunk@27116
git-svn-id: http://core.svn.wordpress.org/trunk@26983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-07 09:47:12 +00:00
Drew Jaynes
cd8cedc40d
First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin.
...
Props JustinSainton, SergeyBiryukov, DrewAPicture.
Fixes #26713 .
Built from https://develop.svn.wordpress.org/trunk@26868
git-svn-id: http://core.svn.wordpress.org/trunk@26754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-24 18:57:12 +00:00
Drew Jaynes
223a2c7138
Inline documentation for the following filter hooks in wp-includes/pluggable.php:
...
* `comment_notification_recipients`
* `comment_notification_notify_author`
Also removes some generic `@uses` tags from various related doc blocks.
Props markjaquith.
Fixes #25699 .
Built from https://develop.svn.wordpress.org/trunk@26388
git-svn-id: http://core.svn.wordpress.org/trunk@26288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-26 04:10:09 +00:00
Mark Jaquith
c2cdbf9648
Fix comment_notification_recipients
filter behavior so that it is still respected even on comments left by the post author
...
The code was bailing on this-is-a-comment-on-your-own-post detection, ignoring additional recipients. Now:
* Logic check is done within `wp_notify_postauthor()`
* Logic check is overridable via `comment_notification_notify_author` filter (default still false)
* The code doesn't bail on comment-on-own-post detection, but just removes the author from the array
* The code instead now bails if the recipients list is empty, so `comment_notification_recipients` works properly
props ethitter.
fixes #25699
Built from https://develop.svn.wordpress.org/trunk@26367
git-svn-id: http://core.svn.wordpress.org/trunk@26268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-25 01:47:10 +00:00
Peter Westwood
bca9252522
Deprecate the second argument for wp_notify_postauthor because it is unecessary. Fixes #17862 props scribu and wonderboymusic.
...
Built from https://develop.svn.wordpress.org/trunk@26358
git-svn-id: http://core.svn.wordpress.org/trunk@26259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-24 16:26:10 +00:00
Sergey Biryukov
12d10da7e6
Remove redundant cleanup of PHPMailer addresses in wp_mail().
...
props bananastalktome.
fixes #25789 .
Built from https://develop.svn.wordpress.org/trunk@26121
git-svn-id: http://core.svn.wordpress.org/trunk@26033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 03:45:11 +00:00
Sergey Biryukov
eae4e5936f
Use case-insensitive comparison for email addresses. fixes #25779 .
...
Built from https://develop.svn.wordpress.org/trunk@26115
git-svn-id: http://core.svn.wordpress.org/trunk@26027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 02:41:09 +00:00
Sergey Biryukov
9c3b98e6d3
Avoid PHP notices in wp_notify_postauthor() when using a custom comment type.
...
Use a switch statement for consistency with wp_notify_moderator().
fixes #25880 .
Built from https://develop.svn.wordpress.org/trunk@26114
git-svn-id: http://core.svn.wordpress.org/trunk@26026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-13 02:32:10 +00:00
Sergey Biryukov
40391f4e37
Fall back to comment author email in get_avatar() if the user who left the comment no longer exists.
...
props mauryaratan, lite3.
fixes #25803 .
Built from https://develop.svn.wordpress.org/trunk@26000
git-svn-id: http://core.svn.wordpress.org/trunk@25933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-02 12:20:11 +00:00
Andrew Nacin
70fd806759
Revert r25824:25875 from the core.svn.wordpress.org repository.
...
These commits were accidentally re-synced commits from develop.svn.wordpress.org due to a race condition. Thankfully, the history of this repository matters fairly little. It also happened only for trunk.
git-svn-id: http://core.svn.wordpress.org/trunk@25876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-25 02:29:52 +00:00
Andrew Nacin
8ae8e01b67
Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
...
see #27704 .
Built from https://develop.svn.wordpress.org/trunk@25825
git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Andrew Nacin
9c6a15ef8f
Maintain the same output for get_avatar() as 3.6. see [25895].
...
Built from https://develop.svn.wordpress.org/trunk@25899
git-svn-id: http://core.svn.wordpress.org/trunk@25811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 19:32:09 +00:00
Andrew Nacin
af4535596b
Always escape URLs at the last possible moment.
...
Built from https://develop.svn.wordpress.org/trunk@25895
git-svn-id: http://core.svn.wordpress.org/trunk@25807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 18:52:11 +00:00
Andrew Nacin
e2413462de
Move the trim() from wp_set_password() to inside wp_hash_password().
...
props rpattillo, joehoyle.
fixes #24973 . see #23494 .
Built from https://develop.svn.wordpress.org/trunk@25709
git-svn-id: http://core.svn.wordpress.org/trunk@25623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-07 13:54:10 +00:00
Scott Taylor
c2312dfe4c
Use elseif
when slurping the nonce
in check_ajax_referer()
to avoid accidentally overwriting it.
...
Fail wonderboymusic in [25433].
Props ocean90.
Fixes #25369 .
See [25433].
Built from https://develop.svn.wordpress.org/trunk@25550
git-svn-id: http://core.svn.wordpress.org/trunk@25470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-21 16:26:12 +00:00
Scott Taylor
5df8338e0a
Fix some undefined index notices related to Comment unit tests:
...
* There are several places where a `$_POST` index was unchecked before setting a variable
* In `wp_notify_postauthor()`, `$comment` was being returned null, but its properties were being accessed.
* In `check_ajax_referer()`, 3 different values can be checked for nonce on `$_REQUEST`, but only 1 had an `isset()`
See #25282 .
Built from https://develop.svn.wordpress.org/trunk@25433
git-svn-id: http://core.svn.wordpress.org/trunk@25355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-13 22:18:08 +00:00
Andrew Nacin
cf3fddde96
Validate referrers to prevent off-domain redirects.
...
Built from https://develop.svn.wordpress.org/trunk@25318
git-svn-id: http://core.svn.wordpress.org/trunk@25280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-10 18:07:10 +00:00
Andrew Nacin
9fdfa7ef5c
Short descriptions for inline docs should end with a period, per the vast majority of core. see #25229 .
...
Built from https://develop.svn.wordpress.org/trunk@25273
git-svn-id: http://core.svn.wordpress.org/trunk@25239 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-06 01:38:09 +00:00
Sergey Biryukov
9769012244
Add phpdoc for 'wp_redirect' and 'wp_redirect_status' filters. props DrewAPicture. fixes #25215 .
...
Built from https://develop.svn.wordpress.org/trunk@25230
git-svn-id: http://core.svn.wordpress.org/trunk@25200 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-04 08:31:09 +00:00
Sergey Biryukov
6760d294bb
Update phpdoc for get_user_to_edit(), get_userdata(), and get_user_by(). props tivnet. fixes #24992 .
...
Built from https://develop.svn.wordpress.org/trunk@25204
git-svn-id: http://core.svn.wordpress.org/trunk@25176 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-02 03:25:09 +00:00
Andrew Ozz
3c3ec6dd8c
Logging in: when the Remember Me checkbox is checked, make sure the browser continues to send the expired cookies so the "login grace period" for POST and AJAX requests works. Fixes #24735 .
...
Built from https://develop.svn.wordpress.org/trunk@25107
git-svn-id: http://core.svn.wordpress.org/trunk@25089 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-23 21:27:08 +00:00
Sergey Biryukov
688ecb9fcc
Use correct variable. see #22922 .
...
Built from https://develop.svn.wordpress.org/trunk@25105
git-svn-id: http://core.svn.wordpress.org/trunk@25087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-23 20:57:11 +00:00
Andrew Nacin
0adcab1f7f
Add filters to the recipients of emails sent by wp_notify_postauthor() and wp_notify_moderator().
...
The new filters are called comment_notification_recipients and comment_moderation_recipients.
Add the context of $comment_id to the comment_moderation_headers filter, to match the comment_notification_headers filter.
props chipbennett.
fixes #22922 , #20353 .
Built from https://develop.svn.wordpress.org/trunk@25104
git-svn-id: http://core.svn.wordpress.org/trunk@25086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-23 19:36:10 +00:00
Ryan Boren
26eb1dc6ee
Return true from wp_redirect() when redirect successful. Update phpdoc.
...
Props tivnet
fixes #24969
git-svn-id: http://core.svn.wordpress.org/trunk@24996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-06 17:44:32 +00:00
Andrew Nacin
0f84b87380
Do not notify the post author about comments if they are no longer a member of the blog.
...
This updates [23294] to use capability checks to determine if the user can still edit a post, which works for super admins. Additionally, it hides Trash/Spam action links when the user is still a member of the blog but cannot (or can no longer) moderate the comment.
fixes #23136 .
git-svn-id: http://core.svn.wordpress.org/trunk@24649 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-10 22:01:12 +00:00
Sergey Biryukov
8655b33360
Make wp_mail() return the actual result of PHPMailer::Send() instead of always returning true. props chmac. fixes #23642 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-29 23:03:13 +00:00
Andrew Nacin
e27d41d8e7
Add strict check to wp_verify_nonce() to avoid issues when it is improperly called.
...
git-svn-id: http://core.svn.wordpress.org/trunk@24461 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 02:11:31 +00:00
Peter Westwood
b85cb06509
Pluggable Auth: When setting new passwords for users trim any leading or trailing space to match what we do when we test passwords.
...
Fixes #23494
git-svn-id: http://core.svn.wordpress.org/trunk@23814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-27 14:15:13 +00:00
Mark Jaquith
576e487663
Minor revisions PHP reorg, code cleanup, restores _post_restored_from functionality.
...
props adamsilverstein. see #23497
git-svn-id: http://core.svn.wordpress.org/trunk@23811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-27 11:56:28 +00:00
Peter Westwood
9d6988a221
Revisions: UI Update.
...
* Refines the UI to make it clearer and easier to use
* Introduces weighted tickmarks
* Fixes comparison bugs.
See #23497 props adamsilverstein
git-svn-id: http://core.svn.wordpress.org/trunk@23769 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-21 15:54:11 +00:00
Peter Westwood
51db623107
Revisions: Updates to the new Revisions UI.
...
Various Updates including:
* i18n fixes
* Added tracking of what revision ID was restored
* async fetching of diffs so that slider works sooner even with many revisions
See #23497 props adamsilverstein, ethitter
git-svn-id: http://core.svn.wordpress.org/trunk@23639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-07 15:32:26 +00:00
Ryan Boren
6c14f1a116
Remove unnecessary stripslashes().
...
see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 20:55:30 +00:00
Ryan Boren
43a7e695e9
Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
...
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Peter Westwood
9bd192fab3
Revisions: First pass an implementing a new UI/UX for reviewing the revisions of posts. See #23497 props adamsilverstein for the initial patch.
...
This implements a new revisions ui using Backbone and preserves all the old methods of "integration" so the change should be transparent to plugins using revisi
ons with CPTs.
This is the first pass and so there are a number of things still to be resolved, more details in the ticket. Feedback welcomed.
git-svn-id: http://core.svn.wordpress.org/trunk@23506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-28 15:14:34 +00:00