Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
26,405 Commits 48 Branches 718 Tags 906 MiB
Commit Graph

357 Commits

Author SHA1 Message Date
Scott Taylor c8852cc909 Use the `WPINC` constant when loading `class-phpass.php` 
Props wojtek.szkutnik
See #14157.

Built from https://develop.svn.wordpress.org/trunk@28903


git-svn-id: http://core.svn.wordpress.org/trunk@28702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-29 22:12:16 +00:00
John Blackbourn 548c41455a Remove the WordPress logo from the focusable elements on the install/update screens. Fixes #28674. Props stompweb 
Built from https://develop.svn.wordpress.org/trunk@28896


git-svn-id: http://core.svn.wordpress.org/trunk@28695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-29 14:10:15 +00:00
John Blackbourn 60ff3a61f9 Conditionally set the the `secure` flag on the test cookie, post password cookie, settings cookies, and comment author cookies depending on whether the front end and/or admin area are served over `https`. Fixes #28427 
Built from https://develop.svn.wordpress.org/trunk@28895


git-svn-id: http://core.svn.wordpress.org/trunk@28694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-29 13:25:16 +00:00
Scott Taylor 6997001d12 Don't annotate `$wp_error` twice in `login_header()` docs. `$wp_error` is always expected to be of type `WP_Error`. 
Props SergeyBiryukov.
Fixes #28518.

Built from https://develop.svn.wordpress.org/trunk@28792


git-svn-id: http://core.svn.wordpress.org/trunk@28605 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-06-20 19:19:14 +00:00
Andrew Nacin d29dc48134 Forcing SSL logins now forces SSL for the entire admin, with no middle ground. 
fixes #10267.

Built from https://develop.svn.wordpress.org/trunk@28609


git-svn-id: http://core.svn.wordpress.org/trunk@28433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-29 03:59:15 +00:00
Scott Taylor aa83aea519 In `wp-login.php`, `break` is unreachable after `exit` 
See #27882.

Built from https://develop.svn.wordpress.org/trunk@28340


git-svn-id: http://core.svn.wordpress.org/trunk@28168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-05-07 03:58:15 +00:00
Drew Jaynes d77e78d685 Clean up duplicate hook notations and adjacency for calls to the `wp_signup_location` filter. 
Also adds braces missed in [25535].

See #26869.

Built from https://develop.svn.wordpress.org/trunk@28215


git-svn-id: http://core.svn.wordpress.org/trunk@28045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-25 07:12:14 +00:00
Drew Jaynes 05537ab967 Ensure the `register` filter hook is only documented once. 
See #26869.

Built from https://develop.svn.wordpress.org/trunk@28208


git-svn-id: http://core.svn.wordpress.org/trunk@28038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-25 06:24:15 +00:00
Andrew Nacin 41d2a7f82b RTL for login screen. 
props yoavf.
fixes #27784.

Built from https://develop.svn.wordpress.org/trunk@28096


git-svn-id: http://core.svn.wordpress.org/trunk@27927 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-13 16:06:14 +00:00
Drew Jaynes 21d15059f4 Improve hook docs for the `resetpass_form` hook added in 3.9. 
See #21044, #27700.

Built from https://develop.svn.wordpress.org/trunk@28017


git-svn-id: http://core.svn.wordpress.org/trunk@27847 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-04-07 22:06:14 +00:00
Andrew Nacin 2f9713104b Only show test cookie warnings on submit as caching/proxies may intercept the test cookie for GET requests. 
Introduce a new string for when headers are sent and link them to http://codex.wordpress.org/Cookies (new page).

props SergeyBiryukov.
fixes #27373.

Built from https://develop.svn.wordpress.org/trunk@27859


git-svn-id: http://core.svn.wordpress.org/trunk@27690 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-30 00:41:15 +00:00
Andrew Nacin c3ca81ba94 Always decode special characters for email subjects. 
props tlovett1, jeremyfelt.
fixes #25346.

Built from https://develop.svn.wordpress.org/trunk@27801


git-svn-id: http://core.svn.wordpress.org/trunk@27636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-28 02:44:15 +00:00
Andrew Nacin 0c16c0477b Reference https://wordpress.org rather than http://wordpress.org in strings, links, comments, etc. 
props Ipstenu, markjaquith.
see #27115.

Built from https://develop.svn.wordpress.org/trunk@27369


git-svn-id: http://core.svn.wordpress.org/trunk@27219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-03-03 02:34:27 +00:00
Sergey Biryukov 5d3e652c23 Add Oxford comma to password hint. 
props trepmal.
fixes #26457.
Built from https://develop.svn.wordpress.org/trunk@27246


git-svn-id: http://core.svn.wordpress.org/trunk@27103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-24 23:31:15 +00:00
Helen Hou-Sandí 060cc19157 Make login styles standalone. see #12506. 
Built from https://develop.svn.wordpress.org/trunk@27199


git-svn-id: http://core.svn.wordpress.org/trunk@27056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-20 03:24:14 +00:00
Andrew Nacin 0e0c2d3cdc New resetpass_form hook in wp-login.php. 
props romaimperator.
fixes #21044.

Built from https://develop.svn.wordpress.org/trunk@27068


git-svn-id: http://core.svn.wordpress.org/trunk@26941 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2014-02-02 07:52:13 +00:00
Matt Thomas 4df7acf1d9 Reset the login form inputs to the standard sans-serif font in IE8 to prevent invisible password field inputs when webfonts are used. Fixes #26348, props SergeyBiryukov, iammattthomas. 
Built from https://develop.svn.wordpress.org/trunk@26583


git-svn-id: http://core.svn.wordpress.org/trunk@26473 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-12-03 20:12:11 +00:00
Sergey Biryukov 74f77b85a6 Use get_current_site() instead of the $current_site global when possible. 
props jeremyfelt.
fixes #25158.
Built from https://develop.svn.wordpress.org/trunk@26120


git-svn-id: http://core.svn.wordpress.org/trunk@26032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-11-13 03:23:10 +00:00
Andrew Nacin d0cfa40983 Add jshintrc to qunit. 
props jorbin.
see #25187.

Built from https://develop.svn.wordpress.org/trunk@25992


git-svn-id: http://core.svn.wordpress.org/trunk@25925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-30 14:39:10 +00:00
Andrew Nacin 70fd806759 Revert r25824:25875 from the core.svn.wordpress.org repository. 
These commits were accidentally re-synced commits from develop.svn.wordpress.org due to a race condition. Thankfully, the history of this repository matters fairly little. It also happened only for trunk.


git-svn-id: http://core.svn.wordpress.org/trunk@25876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-25 02:29:52 +00:00
Andrew Nacin 5361a8abca Spell out duplicate hook locations. 
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-24 22:59:20 +00:00
Andrew Nacin de7977d66c Move upgrader_process_complete for core to its proper place in Core_Upgrader. 
This means it will be firing as a JS redirect is taking place if the update is from pre-3.4. Acceptable.

props dd32.
fixes #25659.

Built from https://develop.svn.wordpress.org/trunk@25861


git-svn-id: http://core.svn.wordpress.org/trunk@25861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-24 22:58:23 +00:00
Drew Jaynes 4d1482cd0d Inline documentation for the `WP_Date_Query` class in wp-includes/date.php. 
- Adds a complete hash notation for the `WP_Date_Query` arguments array.
- Adds missing documentation for the `date_query_valid_columns` and `get_date_sql` filter hooks.

Props aeg0125 for the incremental patches.
Fixes #25552.

Built from https://develop.svn.wordpress.org/trunk@25860


git-svn-id: http://core.svn.wordpress.org/trunk@25860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-24 22:58:12 +00:00
Andrew Nacin 8ae8e01b67 Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone. 
see #27704.

Built from https://develop.svn.wordpress.org/trunk@25825


git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-24 22:53:14 +00:00
Ryan Boren b87d4b77e5 Pinking shears 
Built from https://develop.svn.wordpress.org/trunk@25880


git-svn-id: http://core.svn.wordpress.org/trunk@25792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-23 14:38:10 +00:00
Andrew Nacin 74488bdcb0 Spell out duplicate hook locations. 
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-22 17:22:11 +00:00
Drew Jaynes 9ba8ffb5e3 Inline documentation for hooks in wp-login.php. 
Props ShinichiN, kpdesign.
Fixes #25393.

Built from https://develop.svn.wordpress.org/trunk@25701


git-svn-id: http://core.svn.wordpress.org/trunk@25616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-06 16:24:09 +00:00
Andrew Nacin 6113669e22 Hash password reset keys in the database. 
All existing, unused password reset keys are now considered "expired" and the user will be told they should try again.

Introduces a password_reset_key_expired filter to allow plugins to introduce a grace period.

fixes #24783.

Built from https://develop.svn.wordpress.org/trunk@25696


git-svn-id: http://core.svn.wordpress.org/trunk@25611 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-10-06 11:29:11 +00:00
Helen Hou-Sandí 77a7702deb Simplify the login page viewport meta for mobile devices, so it's less restrictive on the user. Allows for developers to override if necessary via the `login_head` action. props azaozz. fixes #24777. 
Built from https://develop.svn.wordpress.org/trunk@25619


git-svn-id: http://core.svn.wordpress.org/trunk@25536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-25 15:20:09 +00:00
Andrew Nacin 70edef0df4 Introduce post_password_expires filter to control the expiration of the post password cookie. 
props Viper007Bond for initial patch.
fixes #21466.

Built from https://develop.svn.wordpress.org/trunk@25450


git-svn-id: http://core.svn.wordpress.org/trunk@25371 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-16 17:40:10 +00:00
Sergey Biryukov 1d79b0bdf3 Move check_password_reset_key(), reset_password(), and register_new_user() from wp-login.php to wp-includes/user.php, to make them reusable. props beaulebens for initial patch. fixes #20279. 
Built from https://develop.svn.wordpress.org/trunk@25231


git-svn-id: http://core.svn.wordpress.org/trunk@25201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-04 08:59:09 +00:00
Sergey Biryukov b1dc91c447 Clear 'default_password_nag' flag when resetting a user's password, since the new password is entered manually. props wikicms. fixes #25206. 
Built from https://develop.svn.wordpress.org/trunk@25203


git-svn-id: http://core.svn.wordpress.org/trunk@25175 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-09-02 03:18:10 +00:00
Andrew Nacin cf02025fe0 Check for a WP_Error return from wp_create_user() in register_new_user(). 
props coffee2code.
fixes #14290.

Built from https://develop.svn.wordpress.org/trunk@25174


git-svn-id: http://core.svn.wordpress.org/trunk@25148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-08-29 22:16:09 +00:00
Andrew Ozz 29739b2508 In wp-login.php check if cookies are enabled before attempting to log the user in with wp_signon(), fixes #24961. 
Built from https://develop.svn.wordpress.org/trunk@25045


git-svn-id: http://core.svn.wordpress.org/trunk@25032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-08-17 01:01:09 +00:00
Andrew Nacin d2224d687c Use commas, not semicolons, to separate meta viewport values. props bobbravo2. see #24777. 
git-svn-id: http://core.svn.wordpress.org/trunk@24779 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-07-23 07:27:56 +00:00
Mark Jaquith c8853cff92 Set `autocomplete="off"` on the password reset form itself, in addition to the individual inputs, to work around a Chrome bug. 
fixes #24364. props azaozz.

git-svn-id: http://core.svn.wordpress.org/trunk@24553 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-07-03 21:29:53 +00:00
Andrew Nacin 95800ae4f2 Validate post password hash. 
git-svn-id: http://core.svn.wordpress.org/trunk@24466 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-06-21 03:00:26 +00:00
Andrew Nacin cfa947193f Revert [24291] pending further discussion and sleuthing. see #24364. 
git-svn-id: http://core.svn.wordpress.org/trunk@24317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-05-22 18:37:43 +00:00
Andrew Ozz dbda48bd2a Fix Chrome disregarding autocomplete="off" for password fields. Add autocomplete="off" to forms where the users can choose new password. Fixes #24364. 
git-svn-id: http://core.svn.wordpress.org/trunk@24291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-05-18 22:56:21 +00:00
Andrew Ozz 19c3b4bfdc Logged out warnings: 
- Don't use <base> tag to set target="_blank". It can break form submission. Instead, set target only on links with JS.
- Fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN == true.
- Properly show/hide the "Close" button when the dialog is shown multiple times.
See #23295

git-svn-id: http://core.svn.wordpress.org/trunk@24208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-05-08 22:45:58 +00:00
Sergey Biryukov 57c10eadbb Use ellipsis instead of three dots. props tjsingleton, jordie23, wojtek.szkutnik, DrewAPicture, SergeyBiryukov. see #8714. 
git-svn-id: http://core.svn.wordpress.org/trunk@24207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-05-08 21:27:31 +00:00
Andrew Ozz badaefce06 Logged out warnings: 
- Don't remove login error messages coming from wp_signon().
- When the login form is shown in iframe, open all links in a new tab/window.
- Add filter for the login form error message.
See #23295

git-svn-id: http://core.svn.wordpress.org/trunk@24179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-05-06 21:35:50 +00:00
Andrew Nacin a9712e0183 Add wp_registration_url() and register_url filter. 
props scribu, JustinSainton, SergeyBiryukov.
fixes #17950.



git-svn-id: http://core.svn.wordpress.org/trunk@24053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-04-22 20:21:22 +00:00
Andrew Ozz 04c5aefbea Logged out warnings: add fallback text dialog for: 
- The login page has "X-Frame-Options: DENY" header.
- Cross-domain when displaying on the front-end on multisite with domain mapping.
- The site forces ssl login but not ssl admin.

Add onbeforeunload prompt to counter (frame-busting) JS redirects. Move the JS and CSS into separate files. See #23295.

git-svn-id: http://core.svn.wordpress.org/trunk@23805 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-27 08:43:11 +00:00
Andrew Ozz 5398ac438c Logged out warnings: clear previous errors when interim_login is set, see #23295 
git-svn-id: http://core.svn.wordpress.org/trunk@23691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-13 23:32:52 +00:00
Andrew Ozz e9245269a7 Autosave to the browser's sessionStorage, compare this autosave to the post content on page load and let the user restore it when the data is not the same. First run, see #23220 
git-svn-id: http://core.svn.wordpress.org/trunk@23683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-13 10:08:16 +00:00
Mark Jaquith 3fcf3e1134 Unhyphenate "log-in". see #23295 
git-svn-id: http://core.svn.wordpress.org/trunk@23625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-06 20:06:19 +00:00
Ryan Boren 315bfb019a Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes(). 
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-03 21:11:40 +00:00
Sergey Biryukov ed830a979b Consistently apply 'register' filter. props wonderboymusic for initial patch. fixes #14406. 
git-svn-id: http://core.svn.wordpress.org/trunk@23558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-01 16:43:18 +00:00
Ryan Boren 43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767 
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2013-03-01 16:28:40 +00:00