John Blackbourn
61ed726067
Mail: Use the standardised spelling of email
in the password reset error message.
...
Fixes #39110
Built from https://develop.svn.wordpress.org/trunk@45405
git-svn-id: http://core.svn.wordpress.org/trunk@45216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-24 22:53:54 +00:00
John Blackbourn
b3e297925c
Mail: Improve the user experience when the password reset email cannot be sent.
...
This introduces a link to the support page for resetting your password, and improves the error by bringing it into the login page instead of a `wp_die()`.
Props neelpatel7295, estelaris, desrosj
Built from https://develop.svn.wordpress.org/trunk@45404
git-svn-id: http://core.svn.wordpress.org/trunk@45215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-24 22:14:52 +00:00
desrosj
d0f46bf73c
I18N: Combine similar strings with minor differences.
...
Props dimadin.
Fixes #47158 .
Built from https://develop.svn.wordpress.org/trunk@45298
git-svn-id: http://core.svn.wordpress.org/trunk@45107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-09 19:48:53 +00:00
John Blackbourn
d4d1267847
I18N: Improvements to and additions of translator comments for various email subject strings.
...
Props ramiy
Fixes #46920
Built from https://develop.svn.wordpress.org/trunk@45204
git-svn-id: http://core.svn.wordpress.org/trunk@45013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-15 22:39:50 +00:00
desrosj
105277f93e
Administration: Move “Recovery Mode” to the beginning of the document title.
...
This improves accessibility, ensuring users utilizing screen readers are informed that the site is in recovery mode.
Props: afercia, TimothyBlynJacobs.
See #46608 .
Built from https://develop.svn.wordpress.org/trunk@45175
git-svn-id: http://core.svn.wordpress.org/trunk@44984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-12 19:05:51 +00:00
Felix Arntz
5754da106b
Administration: Improve user experience and clarify when in recovery mode.
...
This changeset introduces several changes around usability when recovery mode is active:
* Display a notice in the admin clarifying that the user is in recovery mode.
* Use a highlight color for the admin bar link to exit recovery mode.
* Exit recovery mode automatically when logging out.
* Include a recovery mode indicator in the title tag.
Props aandrewdixon, azaozz, dhanukanuwan, flixos90, henrywright, karmatosed, mapk, melchoyce, spacedmonkey, TimothyBlynJacobs, tinkerbelly.
See #46608 .
Built from https://develop.svn.wordpress.org/trunk@45117
git-svn-id: http://core.svn.wordpress.org/trunk@44926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-05 17:00:52 +00:00
Felix Arntz
3a77265148
Bootstrap/Load: Introduce a recovery mode for fixing fatal errors.
...
Using the new fatal handler introduced in [44962], an email is sent to the admin when a fatal error occurs. This email includes a secret link to enter recovery mode. When clicked, the link will be validated and on success a cookie will be placed on the client, enabling recovery mode for that user. This functionality is executed early before plugins and themes are loaded, in order to be unaffected by potential fatal errors these might be causing.
When in recovery mode, broken plugins and themes will be paused for that client, so that they are able to access the admin backend despite of these errors. They are notified about the broken extensions and the errors caused, and can then decide whether they would like to temporarily deactivate the extension or fix the problem and resume the extension.
A link in the admin bar allows the client to exit recovery mode.
Props timothyblynjacobs, afragen, flixos90, nerrad, miss_jwo, schlessera, spacedmonkey, swissspidy.
Fixes #46130 , #44458 .
Built from https://develop.svn.wordpress.org/trunk@44973
git-svn-id: http://core.svn.wordpress.org/trunk@44804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-21 21:53:51 +00:00
desrosj
574f7a221f
Coding Standards: Fix PHPCS issue introduced in [44931].
...
See #44901 .
Built from https://develop.svn.wordpress.org/trunk@44932
git-svn-id: http://core.svn.wordpress.org/trunk@44763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-19 02:48:49 +00:00
desrosj
86eb60b307
Privacy: Remove unnecessary WP_Error
when handling confirmaction
requests.
...
By reordering the logic when handling the `confirmaction` action in `wp-login.php`, the need for a new `WP_Error` object to be created can be eliminated. The error message can be passed directly into a `wp_die()` call, matching the other validation errors in related code.
Props garrett-eclipse, birgire.
Fixes #44901 .
Built from https://develop.svn.wordpress.org/trunk@44931
git-svn-id: http://core.svn.wordpress.org/trunk@44762 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-19 02:38:48 +00:00
Andrea Fercia
31e34400a5
Accessibility: Login: Display error messages when both the username and password fields are empty.
...
For accessibility and usability, if an input error is detected, the item that is in error needs to be identified and the error needs to be described to the user in text (WCAG Success Criterion 3.3.1). The login form displays an error when the username field is empty or when the password field is empty. It omits to do so when both fields are empty.
This change restores the login form behavior to the one that used to work in WordPress 2.3 (!) and displays the related error messages also when both fields are empty.
Props birgire, audrasjb.
See #8938 , #5405 , #3708 .
Fixes #42985 .
Built from https://develop.svn.wordpress.org/trunk@44918
git-svn-id: http://core.svn.wordpress.org/trunk@44749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-16 15:22:53 +00:00
Sergey Biryukov
904365731a
Acessibility: Remove title
attribute in login_header()
.
...
* Deprecate `login_headertitle` filter, introduce `login_headertext` as a replacement.
* For backwards compatibility, if a `login_headertitle` is set, it will be used as link text.
* Make the login header logo URL and text consistent between single site and Multisite.
* Avoid ambiguity of where the WordPress logo points to; link to WordPress.org by default.
* `login_headerurl` filter is still available to change the URL of the header logo.
Props afercia, pratikkry, chetan200891.
Fixes #42537 .
Built from https://develop.svn.wordpress.org/trunk@44899
git-svn-id: http://core.svn.wordpress.org/trunk@44730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-14 21:10:50 +00:00
Andrea Fercia
ca53eac85e
Accessibility: Improve the password form buttons accessibility.
...
- makes the "Cancel" button always visible: this allows to generate a new password also on small screens
- moves focus back to the Generate Password button when closing the form
- changes the password reset show/hide button from a clickable `<span>` element to a real `<button>` element
- improves the CSS
Props janak007, afercia.
Fixes #42853 .
Built from https://develop.svn.wordpress.org/trunk@44895
git-svn-id: http://core.svn.wordpress.org/trunk@44726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-13 23:37:57 +00:00
Sergey Biryukov
c78d28d9f1
Login and Registration: Update URLs for browser cookie documentation.
...
Props joostdevalk.
Fixes #46254 .
Built from https://develop.svn.wordpress.org/trunk@44776
git-svn-id: http://core.svn.wordpress.org/trunk@44608 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-28 11:44:52 +00:00
Gary Pendergast
7a617078fa
Coding Standards: Upgrade WPCS to 1.2.1.
...
This upgrade fixes quite a few false positives, as well as auto-fixing some indenting issues.
Fixes #45956 .
Built from https://develop.svn.wordpress.org/trunk@44574
git-svn-id: http://core.svn.wordpress.org/trunk@44405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-12 06:41:52 +00:00
Andrea Fercia
0b5beabd36
Accessibility: Remove negative tabindex from the login, install, and setup pages header.
...
Props bamadesigner, rishishah, jainnidhi.
Fixes #42632 .
Built from https://develop.svn.wordpress.org/trunk@44545
git-svn-id: http://core.svn.wordpress.org/trunk@44376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-10 17:21:52 +00:00
Gary Pendergast
19f9dd29e9
Login: Improve the error message when retrieving a lost password.
...
When an invalid username or email address is entered, the form now displays a better error message.
Props mrtortai, iamfriendly, TomHarrigan, afercia, pento.
Fixes #31788 .
Built from https://develop.svn.wordpress.org/trunk@44489
git-svn-id: http://core.svn.wordpress.org/trunk@44320 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 02:06:50 +00:00
desrosj
f8f58da317
Docs: Update since
annotation for new lost_password
action parameter.
...
Introduced in [43542].
Fixes #44512 .
Built from https://develop.svn.wordpress.org/trunk@44396
git-svn-id: http://core.svn.wordpress.org/trunk@44226 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-04 21:52:50 +00:00
Jeremy Felt
f93e24ca8e
REST API: Render response in user locale with ?_locale=user
.
...
Introduces new `determine_locale()` function for deciding the proper locale to use for a response. Default value is `get_user_locale()` in the admin, and `get_locale()` on the frontend. Because REST API requests are considered frontend requests, `?_locale=user` can be used to render the response in the user's locale.
Also updates `wp-login.php?wp_lang` implementation to benefit from this abstraction.
Merges [43776] from the 5.0 branch to trunk.
Props flixos90, mnelson4, swissspidy, TimothyBlynJacobs.
Fixes #44758 .
Built from https://develop.svn.wordpress.org/trunk@44134
git-svn-id: http://core.svn.wordpress.org/trunk@43964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 01:32:39 +00:00
Peter Wilson
481e5f4b36
Multisite: Improve messaging for previously activated users.
...
Ensure activation of a site is not attempted multiple times and users are shown the correct message if they follow the link a second time.
Built from https://develop.svn.wordpress.org/trunk@44021
git-svn-id: http://core.svn.wordpress.org/trunk@43851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 00:23:24 +00:00
John Blackbourn
aa77e7c27f
Docs: Improve docblocks within wp-login.php
.
...
Props birgire
See #42505
Built from https://develop.svn.wordpress.org/trunk@43644
git-svn-id: http://core.svn.wordpress.org/trunk@43473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-14 13:48:24 +00:00
jrf
c952f8f98f
I18n: Improve translators comments [1].
...
* Add missing translators comments.
* Fix placement of some translators comments.
Translators comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools.
The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translators comments.
Patch `44360-src.2.diff` of the series.
Props garyj, alvarogois, michielatyoast
See #44360
Built from https://develop.svn.wordpress.org/trunk@43595
git-svn-id: http://core.svn.wordpress.org/trunk@43424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-30 12:14:24 +00:00
Gary Pendergast
56c162fbc9
Coding Standards: Upgrade WPCS to 1.0.0
...
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.
This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script.
- Auto-fixable coding standards issues will now cause Travis failures.
Fixes #44600 .
Built from https://develop.svn.wordpress.org/trunk@43571
git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Gary Pendergast
8244397ffb
Coding Standards: Prepare for upgrading WPCS to 1.0.0.
...
In order to get the best result when running `phpcbf` across the codebase, there are some manual tweaks we need to make.
These fall into three categories:
- Fixing incorrectly indented code which has flow-on effects when auto-fixing.
- Tweaking the layout of inline PHP inside HTML tags.
- Moving more complex inline PHP inside HTML tags, to execute earlier.
See #44600 .
Built from https://develop.svn.wordpress.org/trunk@43569
git-svn-id: http://core.svn.wordpress.org/trunk@43398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-15 06:22:26 +00:00
John Blackbourn
58509ba12f
Login and Registration: Pass the $errors
parameter to the lost_password
action.
...
Props sebakurzyn
Fixes #44512
Built from https://develop.svn.wordpress.org/trunk@43542
git-svn-id: http://core.svn.wordpress.org/trunk@43371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-28 13:02:25 +00:00
Sergey Biryukov
cf4f8d8737
Login and Registration: Set a better default value for $wp_error
parameter in login_header()
.
...
To prevent someone from passing a string (which would not be added to a new `WP_Error` instance), check for `is_wp_error()` explicitly.
Props desrosj, chetan200891, spyderbytes, lbenicio, sebastien@thivinfo.com , abdullahramzan.
Fixes #44052 .
Built from https://develop.svn.wordpress.org/trunk@43457
git-svn-id: http://core.svn.wordpress.org/trunk@43284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 14:10:26 +00:00
Sergey Biryukov
ae2b929294
Privacy: Update request confirmation notice text for clarity.
...
Props desrosj, melchoyce, garrett-eclipse.
Fixes #43970 .
Built from https://develop.svn.wordpress.org/trunk@43232
git-svn-id: http://core.svn.wordpress.org/trunk@43061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:53:21 +00:00
iandunn
b1cf176f6e
Privacy: Add policy link to login screen.
...
Personal data collection is more likely for registered users than casual visitors, and the privacy policy might have been updated since a user last logged in. Those changes could impact the collection of personal data from registered users, so it makes sense to provide a link to the policy before users log in.
Props voneff, xkon, melchoyce, chetan200891, desrosj.
Fixes #43721 .
Built from https://develop.svn.wordpress.org/trunk@43120
git-svn-id: http://core.svn.wordpress.org/trunk@42949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 19:48:21 +00:00
Andrew Ozz
3a43a64c20
Privacy: fix inconsistencies in new strings.
...
Props audrasjb.
Fixes #43925 .
Built from https://develop.svn.wordpress.org/trunk@43118
git-svn-id: http://core.svn.wordpress.org/trunk@42947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 18:42:21 +00:00
Andrew Ozz
f1703c0e70
Privacy: update the method to confirm user requests by email. Use a single CPT to store the requests and to allow logging/audit trail.
...
Props mikejolley.
See #43443 .
Built from https://develop.svn.wordpress.org/trunk@43008
git-svn-id: http://core.svn.wordpress.org/trunk@42837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 10:12:22 +00:00
Andrew Ozz
d3f054b5a9
Privacy: fixes and updates for the method to confirm user requests by email.
...
- Improve function and variable names.
- Allow extra data to be passed with the request.
- Make the option/user meta names more consistent.
- Adds an inline comment explaining use of hash.
Props mikejolley.
See #43443 .
Built from https://develop.svn.wordpress.org/trunk@42964
git-svn-id: http://core.svn.wordpress.org/trunk@42793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-06 19:10:30 +00:00
Dominik Schilling
14bc2c0a6f
Login: Use wp_safe_redirect()
when redirecting the login page if forced to use HTTPS.
...
Built from https://develop.svn.wordpress.org/trunk@42892
git-svn-id: http://core.svn.wordpress.org/trunk@42722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-03 14:32:31 +00:00
Dominik Schilling
5c291d49de
Pinking shears.
...
See #41057 .
Built from https://develop.svn.wordpress.org/trunk@42843
git-svn-id: http://core.svn.wordpress.org/trunk@42673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-18 14:23:33 +00:00
Sergey Biryukov
4848a09b35
I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders.
...
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.
Fixes #43523 .
Built from https://develop.svn.wordpress.org/trunk@42827
git-svn-id: http://core.svn.wordpress.org/trunk@42657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-11 16:44:34 +00:00
Andrew Ozz
791b11bc3f
Add a method to confirm user requests by email. First run.
...
Props mikejolley.
See #43443 .
Built from https://develop.svn.wordpress.org/trunk@42791
git-svn-id: http://core.svn.wordpress.org/trunk@42621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-06 23:47:30 +00:00
Sergey Biryukov
0e802a627d
General: Introduce WP_Error::has_errors()
method and use it where appropriate.
...
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742 .
Built from https://develop.svn.wordpress.org/trunk@42761
git-svn-id: http://core.svn.wordpress.org/trunk@42591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-27 02:31:31 +00:00
John Blackbourn
3ee38c0a05
Login and Registration: Instruct the browser to disable autocapitalisation for the user login field on the login screen.
...
Props drywallbmb
Fixes #42886
Built from https://develop.svn.wordpress.org/trunk@42406
git-svn-id: http://core.svn.wordpress.org/trunk@42235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-16 13:41:48 +00:00
Gary Pendergast
aaf99e6913
Code is Poetry.
...
WordPress' code just... wasn't.
This is now dealt with.
Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057 .
Built from https://develop.svn.wordpress.org/trunk@42343
git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Gary Pendergast
95cfb7f5e4
Login: Swap bloginfo()
usage for get_bloginfo()
.
...
[41843] introduced a use of `bloginfo()`, where it should be using `get_bloginfo()`.
Props dlh.
Fixes #34625 .
Built from https://develop.svn.wordpress.org/trunk@41850
git-svn-id: http://core.svn.wordpress.org/trunk@41684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-13 02:10:48 +00:00
Gary Pendergast
a9d38090ac
Login: On the single site login screen, match the logo link text with the title.
...
Previously, the (W) logo on the single site login screen linked to wordpress.org, with an appropriate `title` attribute, but the link text was the blog name.
To fix this discrepency, the link text is now the same as the `title` attribute.
Props pento, obrienlabs, afercia, flixos90, lukecavanagh, and the infinite stack of bikesheds that WordPress is balanced upon.
Fixes #34625 .
Built from https://develop.svn.wordpress.org/trunk@41843
git-svn-id: http://core.svn.wordpress.org/trunk@41677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-12 04:57:46 +00:00
Sergey Biryukov
806c464e4b
Login and Registration: Prevent PHP warnings when POSTing to wp-login.php
with an array as a user_login
or user_email
field.
...
Props menakas, johnjamesjacoby.
Fixes #40888 .
Built from https://develop.svn.wordpress.org/trunk@41782
git-svn-id: http://core.svn.wordpress.org/trunk@41616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-06 17:37:47 +00:00
John Blackbourn
f9a5f5485d
I18N: Allow the login screen language to be specified via a wp_lang
query variable, and use this for the interim login modal.
...
This allows users who are using the admin area in a language other than the site language to read the notice on the login screen
(which explains that they need to log in again) in their chosen language.
Props Nikschavan, swissspidy
Fixes #40205
Built from https://develop.svn.wordpress.org/trunk@41692
git-svn-id: http://core.svn.wordpress.org/trunk@41526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 23:21:47 +00:00
Sergey Biryukov
50e03e19af
Login and Registration: Introduce login_title
filter for the <title>
tag content on login page.
...
The new filter mirrors the `admin_title` filter used on admin pages.
Props nishitlangaliya, henry.wright, SergeyBiryukov.
Fixes #40812 .
Built from https://develop.svn.wordpress.org/trunk@41691
git-svn-id: http://core.svn.wordpress.org/trunk@41525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 23:00:46 +00:00
Sergey Biryukov
63402326c1
Login and Registration: Make the order of <title>
tag parts on login page consistent with the rest of admin pages.
...
Props nishitlangaliya, henry.wright.
Fixes #40814 .
Built from https://develop.svn.wordpress.org/trunk@41690
git-svn-id: http://core.svn.wordpress.org/trunk@41524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:30:46 +00:00
Sergey Biryukov
649eb34d2a
Login and Registration: Replace home URL in password reset email with the site name to avoid confusing the user with multiple links.
...
Props Presskopp, code-monkey.
Fixes #38328 .
Built from https://develop.svn.wordpress.org/trunk@41578
git-svn-id: http://core.svn.wordpress.org/trunk@41411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-23 11:44:46 +00:00
Adam Silverstein
220d5aec74
Login: Password reset - add hide icon & confirm weak password checkbox.
...
Extends the password features added in 4.3 to the password reset flow.
Props johnbillion, manolis09, umesh.nevase, Nikschavan.
Built from https://develop.svn.wordpress.org/trunk@41556
git-svn-id: http://core.svn.wordpress.org/trunk@41389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-21 21:29:48 +00:00
John Blackbourn
2cde37040d
Login and Registration: Introduce a login_link_separator
filter to allow the separator between links in the footer of the
...
login screen to be filtered.
Props henry.wright
Fixes #40802
Built from https://develop.svn.wordpress.org/trunk@41291
git-svn-id: http://core.svn.wordpress.org/trunk@41131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 14:23:47 +00:00
Sergey Biryukov
62947553c5
Login and Registration: Prevent the enable_login_autofocus
filter DocBlock from spilling into JS code.
...
Props chris@vendiadvertising.com .
Fixes #41176 .
Built from https://develop.svn.wordpress.org/trunk@40954
git-svn-id: http://core.svn.wordpress.org/trunk@40804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-26 20:37:42 +00:00
Andrea Fercia
430422b0b7
Login and Registration: Add a filter to disable the initial auto-focus on the login screen.
...
Fixes #40301 .
Built from https://develop.svn.wordpress.org/trunk@40652
git-svn-id: http://core.svn.wordpress.org/trunk@40515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-12 17:12:46 +00:00
Pascal Birchler
72c19648bc
Load: Only load PasswordHash
class when needed.
...
This reverts [38371] which loaded `class-phpass.php` early in `wp-settings.php` and in turn caused backward compatibility problems.
Props DavidAnderson, ketuchetan.
Fixes #39445 .
Built from https://develop.svn.wordpress.org/trunk@40387
git-svn-id: http://core.svn.wordpress.org/trunk@40294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-06 18:01:42 +00:00
Sergey Biryukov
6de5a9f8e3
Docs: Add a note to retrieve_password_message
filter that password reset email will not be sent if the filtered message is empty.
...
Props sudar.
Fixes #39788 .
Built from https://develop.svn.wordpress.org/trunk@40048
git-svn-id: http://core.svn.wordpress.org/trunk@39985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-06 04:16:42 +00:00
Boone Gorges
3a0e61e680
Allow apostrophes in email address during wp-login.php registration.
...
See #18039 for a related fix when creating users via the Dashboard.
Props tomdxw.
Fixes #34483 .
Built from https://develop.svn.wordpress.org/trunk@39544
git-svn-id: http://core.svn.wordpress.org/trunk@39484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-08 03:58:45 +00:00
John Blackbourn
c2d709e9d6
I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment.
...
See #38882
Built from https://develop.svn.wordpress.org/trunk@39326
git-svn-id: http://core.svn.wordpress.org/trunk@39266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 02:46:30 +00:00
John Blackbourn
4cf5550d8d
I18n: Begin introducing translator comments for strings which include placeholders but no accompanying translator comment.
...
Adds context to one string used in two different contexts for the new user and new site signup email notification.
More to come.
See #38882
Built from https://develop.svn.wordpress.org/trunk@39323
git-svn-id: http://core.svn.wordpress.org/trunk@39263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 01:22:32 +00:00
Jeremy Felt
1560fbcbc5
Multisite: Use get_network()
and get_current_network_id()
for current network data.
...
`get_network()` falls back to the current network when called without any arguments. Between this and `get_current_network_id()`, we can replace almost all instances of the global `$current_site` and all instances of `get_current_site()`.
This effectively deprecates `get_current_site()`, something that we'll do in a future ticket.
Props flixos90.
Fixes #37414 .
Built from https://develop.svn.wordpress.org/trunk@38814
git-svn-id: http://core.svn.wordpress.org/trunk@38757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-19 04:47:30 +00:00
Helen Hou-Sandí
e4bfe48ebc
Login: Don't rely on wp_is_mobile()
for functionality.
...
Making behavior changes based on some broad definition of what mobile is rarely, if ever, makes sense. Each bit of functionality should be more clearly targeted, whether that's for screen size, performance, or some kind of touch capability.
props akibjorklund.
see #33704 .
Built from https://develop.svn.wordpress.org/trunk@38739
git-svn-id: http://core.svn.wordpress.org/trunk@38682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-06 15:52:30 +00:00
Sergey Biryukov
b4aaf3925d
Login and Registration: Change login label to Username or Email Address
for clarity.
...
Props GaryJ.
Fixes #37871 .
Built from https://develop.svn.wordpress.org/trunk@38477
git-svn-id: http://core.svn.wordpress.org/trunk@38418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 18:51:28 +00:00
Scott Taylor
cabb4a03c8
Multisite: use get_current_site()
instead of $GLOBALS['current_site']
(stop yelling!) in a few remaining spots.
...
See #37699 .
Built from https://develop.svn.wordpress.org/trunk@38458
git-svn-id: http://core.svn.wordpress.org/trunk@38399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 05:04:29 +00:00
John Blackbourn
dbdc1c28b1
I18N: Correct various instances of incorrect usage of esc_attr_e()
.
...
Fixes #37457
Props henry.wright, afercia
Built from https://develop.svn.wordpress.org/trunk@38424
git-svn-id: http://core.svn.wordpress.org/trunk@38365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-28 18:06:30 +00:00
Scott Taylor
481123661c
Load: load class-phpass.php
(PasswordHash
class) early in wp-settings.php
, instead of require_once()
'ing it in several places.
...
See #36335 .
Built from https://develop.svn.wordpress.org/trunk@38371
git-svn-id: http://core.svn.wordpress.org/trunk@38312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 17:40:35 +00:00
Drew Jaynes
22adda2aa0
Hooks: Standardize naming of dynamic hooks to use interpolation vs concatenation.
...
Benefits gained in discoverability and self-documentation throughout core trump the negligible performance hit in using interpolation in hook names.
Props ramiy.
See #37748 .
Built from https://develop.svn.wordpress.org/trunk@38307
git-svn-id: http://core.svn.wordpress.org/trunk@38248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-22 18:25:31 +00:00
Scott Taylor
cd6d2bae92
Login: retrieve_password()
does not need to import 2 globals that it does not use.
...
See #37699 .
Built from https://develop.svn.wordpress.org/trunk@38304
git-svn-id: http://core.svn.wordpress.org/trunk@38245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-22 04:48:28 +00:00
Sergey Biryukov
0cdf2d371b
I18N: Add context and translator comments to Back to %s
strings.
...
Fixes #37095 .
Built from https://develop.svn.wordpress.org/trunk@37703
git-svn-id: http://core.svn.wordpress.org/trunk@37669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 21:51:28 +00:00
Sergey Biryukov
7ddbbfec08
Users: wp_signon()
expects an array as the $credentials
argument, not a string.
...
If an empty string was passed, redeclare it as an empty array to avoid a warning and a fatal error in PHP 7.1.0 Alpha 1.
Props simonvik.
Fixes #37071 .
Built from https://develop.svn.wordpress.org/trunk@37697
git-svn-id: http://core.svn.wordpress.org/trunk@37663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 15:34:29 +00:00
Drew Jaynes
f82641ad0e
Docs: Standardize filter docs in root folder files to use third-person singular verbs per the inline documentation standards for PHP.
...
Fixes #36913 .
Built from https://develop.svn.wordpress.org/trunk@37535
git-svn-id: http://core.svn.wordpress.org/trunk@37503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 16:44:27 +00:00
Boone Gorges
720e2af290
During password reset, user-submitted login/email should be stripslashed.
...
This prevents errors when an email address contains an apostrophe. See [29966]
for similar treatment of a related problem.
Props dcavins.
Fixes #36322 .
Built from https://develop.svn.wordpress.org/trunk@37474
git-svn-id: http://core.svn.wordpress.org/trunk@37442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-20 19:21:30 +00:00
Sergey Biryukov
c8fe7cc538
Login/Registration: Add login_header
action that fires in the login page header after the body tag is opened and complements login_footer
.
...
Props borkweb, iamfriendly, voldemortensen.
Fixes #22139 .
Built from https://develop.svn.wordpress.org/trunk@37243
git-svn-id: http://core.svn.wordpress.org/trunk@37209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-18 23:54:29 +00:00
Jeremy Felt
27e29666a8
Multisite: Handle redirect to a user's subdomain properly during login
...
`wp-login.php` uses `wp_safe_redirect()` for all redirects, even those that do not involve unsafe data from the request or referer.
When a user of a subdomain site attempts to login to a network site they do not have access to, the host in the redirect URL is treated as unsafe by `wp_safe_redirect()` as it has no immediate awareness as to which hosts are valid on the network. On a subdirectoy network, everything works as expected because the host is the same.
In this specific block of `wp-login.php`, all URLs are generated by WordPress and we can use `wp_redirect()` to handle the redirects. Users authenticating via other network sites will now be redirected properly. Hosts passed via the `redirect_to` query var will continue to be handled by `wp_safe_redirect()`.
Fixes #30598 .
Built from https://develop.svn.wordpress.org/trunk@36867
git-svn-id: http://core.svn.wordpress.org/trunk@36834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-06 03:06:29 +00:00
Dominik Schilling
7ebe2c1e7a
Authentication: Allow users to log in using their email address.
...
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.
Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568 .
Built from https://develop.svn.wordpress.org/trunk@36617
git-svn-id: http://core.svn.wordpress.org/trunk@36584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-22 23:15:27 +00:00
Sergey Biryukov
6e60f8b6f8
Login: In login_header()
, use correct separator for RTL locales.
...
Props ramiy.
Fixes #35737 .
Built from https://develop.svn.wordpress.org/trunk@36487
git-svn-id: http://core.svn.wordpress.org/trunk@36454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-06 22:56:27 +00:00
Dion Hulse
987ce83cfc
CSS: Stop using wp-admin.min.css
and instead queue the individual stylesheets up through load-styles.php
.
...
We still generate the `wp-admin.*` files for compabitility purposes, however they only include the `@import()` lines.
Fixes #35229
Built from https://develop.svn.wordpress.org/trunk@36341
git-svn-id: http://core.svn.wordpress.org/trunk@36308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-18 09:57:29 +00:00
John Blackbourn
d4eb85569b
Login: Revert [34213] and [35897]. It has become apparent that there is a need for a separate function (and corresponding filter) which allows for the login form action URL to differ from the URL used to access the login form, so that plugins or implementations which change the login URL do not need to worry about handling the form submission at the same URL.
...
For now, we'll revert to the pre-4.4 behaviour of hard-coding the login form action URL as `wp-login.php` and look at implementing a separate function and corresponding filter in 4.5.
Props KrissieV, salcode, JPry
Fixes #34925
See #35103
Built from https://develop.svn.wordpress.org/trunk@36042
git-svn-id: http://core.svn.wordpress.org/trunk@36007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-21 03:23:29 +00:00
Pascal Birchler
2981d66990
Login: After [34213], use the login_post
scheme again for login forms.
...
See #34925 .
Built from https://develop.svn.wordpress.org/trunk@35897
git-svn-id: http://core.svn.wordpress.org/trunk@35861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-13 14:03:26 +00:00
Drew Jaynes
b3d28ad0b9
Administration: Improve the message displayed in the login form modal when a user's session has expired.
...
Props obrienlabs.
Fixes #34340 .
Built from https://develop.svn.wordpress.org/trunk@35865
git-svn-id: http://core.svn.wordpress.org/trunk@35829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-11 16:01:28 +00:00
Andrea Fercia
2ae5db3856
Accessibility: remove no-purpose title attributes from the login screen.
...
Also, it's hard to convey the ironic tone of the sentences used for these title attributes in languages other than English.
Fixes #34943 .
Built from https://develop.svn.wordpress.org/trunk@35846
git-svn-id: http://core.svn.wordpress.org/trunk@35810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-09 22:20:29 +00:00
Sergey Biryukov
788ea5ba5a
Reset Password: Improve wording for a string used in password reset email.
...
Props obrienlabs.
Fixes #34605 .
Built from https://develop.svn.wordpress.org/trunk@35559
git-svn-id: http://core.svn.wordpress.org/trunk@35523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-06 22:36:25 +00:00
Drew Jaynes
ad6a1303dc
Login: Pass the username and WP_User
object to the retrieve_password_title
filter.
...
Adding these parameters creates parity with the `retrieve_password_message` filter, used for modifying the message body of the same password reset email.
Props sudar.
Fixes #34252 .
Built from https://develop.svn.wordpress.org/trunk@35093
git-svn-id: http://core.svn.wordpress.org/trunk@35058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-13 00:51:24 +00:00
John Blackbourn
d2416ca93a
Correctly set the secure
flag on the post password cookie based on the scheme of the referring URL, if it's available, instead of the home URL.
...
Fixes #29641
Built from https://develop.svn.wordpress.org/trunk@34932
git-svn-id: http://core.svn.wordpress.org/trunk@34897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 03:09:24 +00:00
John Blackbourn
95045d629b
Correctly set the secure
flag for the test cookie based on the login URL scheme, and the same for the user settings cookies based on the admin URL scheme.
...
Fixes #34159
Built from https://develop.svn.wordpress.org/trunk@34931
git-svn-id: http://core.svn.wordpress.org/trunk@34896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 03:05:25 +00:00
Sergey Biryukov
399c1f3c83
Reset Password: Move the code for creating password reset key into a new function, get_password_reset_key()
, and use it in retrieve_password()
.
...
Previously: [25231].
Props DH-Shredder.
Fixes #34180 .
Built from https://develop.svn.wordpress.org/trunk@34923
git-svn-id: http://core.svn.wordpress.org/trunk@34888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 00:11:24 +00:00
John Blackbourn
471752f59a
Prevent a PHP notice when POSTing to wp-login.php?action=register
without a user_login
or user_email
field in the POST request.
...
Fixes #34192
Built from https://develop.svn.wordpress.org/trunk@34910
git-svn-id: http://core.svn.wordpress.org/trunk@34875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:43:25 +00:00
John Blackbourn
2d745fabe3
Prevent a PHP notice from appearing on wp-login.php?action=postpass
when there's no $_POST['post_password']
parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here).
...
Fixes #34160
Props iamfriendly
Built from https://develop.svn.wordpress.org/trunk@34909
git-svn-id: http://core.svn.wordpress.org/trunk@34874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 14:30:25 +00:00
Drew Jaynes
fa4fed0f80
Login: Pass the $errors
object as a parameter to the lostpassword_post
hook.
...
Props iamfriendly.
Fixes #32116 .
Built from https://develop.svn.wordpress.org/trunk@34885
git-svn-id: http://core.svn.wordpress.org/trunk@34850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-06 23:00:25 +00:00
Scott Taylor
39552b63ca
Passwords: fix the markup on the Reset Password Form for user-pass1
so the JavaScript operates properly.
...
Props ldinclaux.
See #33892 .
Fixes #33908 .
Built from https://develop.svn.wordpress.org/trunk@34371
git-svn-id: http://core.svn.wordpress.org/trunk@34335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 03:57:24 +00:00
Sergey Biryukov
19bcadf2a6
Reset Password: Move <div>
out of <p>
in wp-login.php
.
...
Props ldinclaux.
Fixes #33892 .
Built from https://develop.svn.wordpress.org/trunk@34232
git-svn-id: http://core.svn.wordpress.org/trunk@34196 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 11:46:25 +00:00
John Blackbourn
a9e5cfddc7
Implement wp_login_url()
and wp_registration_url()
in places where wp-login.php
is currently hard-coded.
...
See #31495
Props GregLone
Built from https://develop.svn.wordpress.org/trunk@34213
git-svn-id: http://core.svn.wordpress.org/trunk@34177 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 17:11:35 +00:00
John Blackbourn
3361f90a1c
When a user with no role logs in, redirect them to the home page rather than their profile screen which they do not have access to.
...
See #25162
Built from https://develop.svn.wordpress.org/trunk@33924
git-svn-id: http://core.svn.wordpress.org/trunk@33893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 21:34:24 +00:00
Helen Hou-Sandí
1f500055a6
Drop the hyphen from e-mail and standardize on email.
...
The AP Stylebook changed this in 2011, and we're woefully inconsistent, so let's go with the standard.
props morganestes, voldemortensen, niallkennedy (for patching on the previous AP style).
fixes #26156 .
Built from https://develop.svn.wordpress.org/trunk@33774
git-svn-id: http://core.svn.wordpress.org/trunk@33742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-28 03:17:21 +00:00
Mark Jaquith
69107095b7
Autogenerate passwords that more reliably fit within their inputs.
...
fixes #33166
Built from https://develop.svn.wordpress.org/trunk@33474
git-svn-id: http://core.svn.wordpress.org/trunk@33441 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 03:56:24 +00:00
Scott Taylor
d92795db13
Passwords UI: clean up the new JS in wp-admin/js/user-profile.js
.
...
Instead of wrapping `#pass1` in a `<span>` dynamically, add the `<span>` to the HTML in PHP. It currently has no styling.
Fixes #33145 .
Built from https://develop.svn.wordpress.org/trunk@33450
git-svn-id: http://core.svn.wordpress.org/trunk@33417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-27 21:25:25 +00:00
Konstantin Obenland
45bfab3aa8
Passwords: Add password strength meter feedback for screen readers.
...
Also gives context to the show/hide button.
Props rianrietveld, afercia.
Fixes #33032 .
Built from https://develop.svn.wordpress.org/trunk@33353
git-svn-id: http://core.svn.wordpress.org/trunk@33325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 00:15:25 +00:00
Konstantin Obenland
1f18ef86a3
Login: Reflect new password flow in registration form.
...
Props Ipstenu.
Fixes #32428 .
Built from https://develop.svn.wordpress.org/trunk@33265
git-svn-id: http://core.svn.wordpress.org/trunk@33237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 16:08:25 +00:00
Konstantin Obenland
f020fab7ef
Password: Improve display of password meter on login screen.
...
Fixes #32925 .
Built from https://develop.svn.wordpress.org/trunk@33251
git-svn-id: http://core.svn.wordpress.org/trunk@33223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-14 03:32:24 +00:00
Mark Jaquith
04793dce34
Fix small typo from [33019].
...
see #32429
Built from https://develop.svn.wordpress.org/trunk@33034
git-svn-id: http://core.svn.wordpress.org/trunk@33005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 18:16:24 +00:00
Mark Jaquith
423a1a7ca4
New password change/set UI.
...
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords
see #32589
props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023
git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Dion Hulse
c261ad2c57
Expire password reset links after 24 hours (by default). This causes existing password reset links to become invalid.
...
Props markjaquith, voldemortensen, johnbillion, MikeHansenMe, dd32
See #32429
Built from https://develop.svn.wordpress.org/trunk@33019
git-svn-id: http://core.svn.wordpress.org/trunk@32990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 06:33:26 +00:00
Scott Taylor
42d51a4f89
Add doc blocks to functions that are missing them.
...
If the function has no need for `@param` or `@return`, do an archeaological dig to find `@since`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32672
git-svn-id: http://core.svn.wordpress.org/trunk@32642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-31 03:18:25 +00:00
Dominik Schilling
64fc7294b6
Use HTTPS URLs for codex.wordpress.org.
...
see #27115 .
Built from https://develop.svn.wordpress.org/trunk@32116
git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
John Blackbourn
7c5fc2debb
Implement an aria-describedby
attribute for login screen errors, and improve the "Forgot password?" anchor text.
...
Props aferica, rianrietveld
Fixes #31143
Built from https://develop.svn.wordpress.org/trunk@31871
git-svn-id: http://core.svn.wordpress.org/trunk@31850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-24 16:29:26 +00:00
John Blackbourn
35f4e719b2
Introduce a logout_redirect
filter so the redirect destination can be changed when a user logs out. Parameters:
...
* string $redirect_to The redirect destination URL.
* string $requested_redirect_to The requested redirect destination URL passed as a parameter.
* WP_User $user The WP_User object for the user that's logging out.
Fixes #27617
Props SergeyBiryukov, johnbillion
Built from https://develop.svn.wordpress.org/trunk@31417
git-svn-id: http://core.svn.wordpress.org/trunk@31398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-11 19:19:26 +00:00
Scott Taylor
60b0cd7943
The keyword elseif
should be used instead of else if
so that all control keywords look like single words.
...
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs.
See #30799 .
Built from https://develop.svn.wordpress.org/trunk@31090
git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00