Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
38,053 Commits 48 Branches 718 Tags 906 MiB
Commit Graph

442 Commits

Author SHA1 Message Date
Sergey Biryukov 4848a09b35 I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders. 
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.

Fixes #43523.
Built from https://develop.svn.wordpress.org/trunk@42827


git-svn-id: http://core.svn.wordpress.org/trunk@42657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-03-11 16:44:34 +00:00
Andrew Ozz 791b11bc3f Add a method to confirm user requests by email. First run. 
Props mikejolley.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@42791


git-svn-id: http://core.svn.wordpress.org/trunk@42621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-03-06 23:47:30 +00:00
Sergey Biryukov 0e802a627d General: Introduce `WP_Error::has_errors()` method and use it where appropriate. 
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742.
Built from https://develop.svn.wordpress.org/trunk@42761


git-svn-id: http://core.svn.wordpress.org/trunk@42591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2018-02-27 02:31:31 +00:00
John Blackbourn 3ee38c0a05 Login and Registration: Instruct the browser to disable autocapitalisation for the user login field on the login screen. 
Props drywallbmb
Fixes #42886

Built from https://develop.svn.wordpress.org/trunk@42406


git-svn-id: http://core.svn.wordpress.org/trunk@42235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-12-16 13:41:48 +00:00
Gary Pendergast aaf99e6913 Code is Poetry. 
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-11-30 23:11:00 +00:00
Gary Pendergast 95cfb7f5e4 Login: Swap `bloginfo()` usage for `get_bloginfo()`. 
[41843] introduced a use of `bloginfo()`, where it should be using `get_bloginfo()`.

Props dlh.
Fixes #34625.


Built from https://develop.svn.wordpress.org/trunk@41850


git-svn-id: http://core.svn.wordpress.org/trunk@41684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-13 02:10:48 +00:00
Gary Pendergast a9d38090ac Login: On the single site login screen, match the logo link text with the title. 
Previously, the (W) logo on the single site login screen linked to wordpress.org, with an appropriate `title` attribute, but the link text was the blog name.

To fix this discrepency, the link text is now the same as the `title` attribute.

Props pento, obrienlabs, afercia, flixos90, lukecavanagh, and the infinite stack of bikesheds that WordPress is balanced upon.
Fixes #34625.


Built from https://develop.svn.wordpress.org/trunk@41843


git-svn-id: http://core.svn.wordpress.org/trunk@41677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-12 04:57:46 +00:00
Sergey Biryukov 806c464e4b Login and Registration: Prevent PHP warnings when POSTing to `wp-login.php` with an array as a `user_login` or `user_email` field. 
Props menakas, johnjamesjacoby.
Fixes #40888.
Built from https://develop.svn.wordpress.org/trunk@41782


git-svn-id: http://core.svn.wordpress.org/trunk@41616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-06 17:37:47 +00:00
John Blackbourn f9a5f5485d I18N: Allow the login screen language to be specified via a `wp_lang` query variable, and use this for the interim login modal. 
This allows users who are using the admin area in a language other than the site language to read the notice on the login screen
(which explains that they need to log in again) in their chosen language.

Props Nikschavan, swissspidy

Fixes #40205

Built from https://develop.svn.wordpress.org/trunk@41692


git-svn-id: http://core.svn.wordpress.org/trunk@41526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-02 23:21:47 +00:00
Sergey Biryukov 50e03e19af Login and Registration: Introduce `login_title` filter for the `<title>` tag content on login page. 
The new filter mirrors the `admin_title` filter used on admin pages.

Props nishitlangaliya, henry.wright, SergeyBiryukov.
Fixes #40812.
Built from https://develop.svn.wordpress.org/trunk@41691


git-svn-id: http://core.svn.wordpress.org/trunk@41525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-02 23:00:46 +00:00
Sergey Biryukov 63402326c1 Login and Registration: Make the order of `<title>` tag parts on login page consistent with the rest of admin pages. 
Props nishitlangaliya, henry.wright.
Fixes #40814.
Built from https://develop.svn.wordpress.org/trunk@41690


git-svn-id: http://core.svn.wordpress.org/trunk@41524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-10-02 22:30:46 +00:00
Sergey Biryukov 649eb34d2a Login and Registration: Replace home URL in password reset email with the site name to avoid confusing the user with multiple links. 
Props Presskopp, code-monkey.
Fixes #38328.
Built from https://develop.svn.wordpress.org/trunk@41578


git-svn-id: http://core.svn.wordpress.org/trunk@41411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-23 11:44:46 +00:00
Adam Silverstein 220d5aec74 Login: Password reset - add hide icon & confirm weak password checkbox. 
Extends the password features added in 4.3 to the password reset flow.

Props johnbillion, manolis09, umesh.nevase, Nikschavan.


Built from https://develop.svn.wordpress.org/trunk@41556


git-svn-id: http://core.svn.wordpress.org/trunk@41389 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-09-21 21:29:48 +00:00
John Blackbourn 2cde37040d Login and Registration: Introduce a `login_link_separator` filter to allow the separator between links in the footer of the 
login screen to be filtered.

Props henry.wright

Fixes #40802

Built from https://develop.svn.wordpress.org/trunk@41291


git-svn-id: http://core.svn.wordpress.org/trunk@41131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-08-22 14:23:47 +00:00
Sergey Biryukov 62947553c5 Login and Registration: Prevent the `enable_login_autofocus` filter DocBlock from spilling into JS code. 
Props chris@vendiadvertising.com.
Fixes #41176.
Built from https://develop.svn.wordpress.org/trunk@40954


git-svn-id: http://core.svn.wordpress.org/trunk@40804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-06-26 20:37:42 +00:00
Andrea Fercia 430422b0b7 Login and Registration: Add a filter to disable the initial auto-focus on the login screen. 
Fixes #40301.

Built from https://develop.svn.wordpress.org/trunk@40652


git-svn-id: http://core.svn.wordpress.org/trunk@40515 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-05-12 17:12:46 +00:00
Pascal Birchler 72c19648bc Load: Only load `PasswordHash` class when needed. 
This reverts [38371] which loaded `class-phpass.php` early in `wp-settings.php` and in turn caused backward compatibility problems.

Props DavidAnderson, ketuchetan.
Fixes #39445.

Built from https://develop.svn.wordpress.org/trunk@40387


git-svn-id: http://core.svn.wordpress.org/trunk@40294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-04-06 18:01:42 +00:00
Sergey Biryukov 6de5a9f8e3 Docs: Add a note to `retrieve_password_message` filter that password reset email will not be sent if the filtered message is empty. 
Props sudar.
Fixes #39788.
Built from https://develop.svn.wordpress.org/trunk@40048


git-svn-id: http://core.svn.wordpress.org/trunk@39985 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2017-02-06 04:16:42 +00:00
Boone Gorges 3a0e61e680 Allow apostrophes in email address during wp-login.php registration. 
See #18039 for a related fix when creating users via the Dashboard.

Props tomdxw.
Fixes #34483.
Built from https://develop.svn.wordpress.org/trunk@39544


git-svn-id: http://core.svn.wordpress.org/trunk@39484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-12-08 03:58:45 +00:00
John Blackbourn c2d709e9d6 I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment. 
See #38882

Built from https://develop.svn.wordpress.org/trunk@39326


git-svn-id: http://core.svn.wordpress.org/trunk@39266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-11-21 02:46:30 +00:00
John Blackbourn 4cf5550d8d I18n: Begin introducing translator comments for strings which include placeholders but no accompanying translator comment. 
Adds context to one string used in two different contexts for the new user and new site signup email notification.

More to come.

See #38882

Built from https://develop.svn.wordpress.org/trunk@39323


git-svn-id: http://core.svn.wordpress.org/trunk@39263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-11-21 01:22:32 +00:00
Jeremy Felt 1560fbcbc5 Multisite: Use `get_network()` and `get_current_network_id()` for current network data. 
`get_network()` falls back to the current network when called without any arguments. Between this and `get_current_network_id()`, we can replace almost all instances of the global `$current_site` and all instances of `get_current_site()`.

This effectively deprecates `get_current_site()`, something that we'll do in a future ticket.

Props flixos90.
Fixes #37414.

Built from https://develop.svn.wordpress.org/trunk@38814


git-svn-id: http://core.svn.wordpress.org/trunk@38757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-19 04:47:30 +00:00
Helen Hou-Sandí e4bfe48ebc Login: Don't rely on `wp_is_mobile()` for functionality. 
Making behavior changes based on some broad definition of what mobile is rarely, if ever, makes sense. Each bit of functionality should be more clearly targeted, whether that's for screen size, performance, or some kind of touch capability.

props akibjorklund.
see #33704.

Built from https://develop.svn.wordpress.org/trunk@38739


git-svn-id: http://core.svn.wordpress.org/trunk@38682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-10-06 15:52:30 +00:00
Sergey Biryukov b4aaf3925d Login and Registration: Change login label to `Username or Email Address` for clarity. 
Props GaryJ.
Fixes #37871.
Built from https://develop.svn.wordpress.org/trunk@38477


git-svn-id: http://core.svn.wordpress.org/trunk@38418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 18:51:28 +00:00
Scott Taylor cabb4a03c8 Multisite: use `get_current_site()` instead of `$GLOBALS['current_site']` (stop yelling!) in a few remaining spots. 
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38458


git-svn-id: http://core.svn.wordpress.org/trunk@38399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-31 05:04:29 +00:00
John Blackbourn dbdc1c28b1 I18N: Correct various instances of incorrect usage of `esc_attr_e()`. 
Fixes #37457
Props henry.wright, afercia

Built from https://develop.svn.wordpress.org/trunk@38424


git-svn-id: http://core.svn.wordpress.org/trunk@38365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-28 18:06:30 +00:00
Scott Taylor 481123661c Load: load `class-phpass.php` (`PasswordHash` class) early in `wp-settings.php`, instead of `require_once()`'ing it in several places. 
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38371


git-svn-id: http://core.svn.wordpress.org/trunk@38312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-26 17:40:35 +00:00
Drew Jaynes 22adda2aa0 Hooks: Standardize naming of dynamic hooks to use interpolation vs concatenation. 
Benefits gained in discoverability and self-documentation throughout core trump the negligible performance hit in using interpolation in hook names.

Props ramiy.
See #37748.

Built from https://develop.svn.wordpress.org/trunk@38307


git-svn-id: http://core.svn.wordpress.org/trunk@38248 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-22 18:25:31 +00:00
Scott Taylor cd6d2bae92 Login: `retrieve_password()` does not need to import 2 globals that it does not use. 
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38304


git-svn-id: http://core.svn.wordpress.org/trunk@38245 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-08-22 04:48:28 +00:00
Sergey Biryukov 0cdf2d371b I18N: Add context and translator comments to `Back to %s` strings. 
Fixes #37095.
Built from https://develop.svn.wordpress.org/trunk@37703


git-svn-id: http://core.svn.wordpress.org/trunk@37669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-14 21:51:28 +00:00
Sergey Biryukov 7ddbbfec08 Users: `wp_signon()` expects an array as the `$credentials` argument, not a string. 
If an empty string was passed, redeclare it as an empty array to avoid a warning and a fatal error in PHP 7.1.0 Alpha 1.

Props simonvik.
Fixes #37071.
Built from https://develop.svn.wordpress.org/trunk@37697


git-svn-id: http://core.svn.wordpress.org/trunk@37663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-06-14 15:34:29 +00:00
Drew Jaynes f82641ad0e Docs: Standardize filter docs in root folder files to use third-person singular verbs per the inline documentation standards for PHP. 
Fixes #36913.

Built from https://develop.svn.wordpress.org/trunk@37535


git-svn-id: http://core.svn.wordpress.org/trunk@37503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-23 16:44:27 +00:00
Boone Gorges 720e2af290 During password reset, user-submitted login/email should be stripslashed. 
This prevents errors when an email address contains an apostrophe. See [29966]
for similar treatment of a related problem.

Props dcavins.
Fixes #36322.
Built from https://develop.svn.wordpress.org/trunk@37474


git-svn-id: http://core.svn.wordpress.org/trunk@37442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-05-20 19:21:30 +00:00
Sergey Biryukov c8fe7cc538 Login/Registration: Add `login_header` action that fires in the login page header after the body tag is opened and complements `login_footer`. 
Props borkweb, iamfriendly, voldemortensen.
Fixes #22139.
Built from https://develop.svn.wordpress.org/trunk@37243


git-svn-id: http://core.svn.wordpress.org/trunk@37209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-04-18 23:54:29 +00:00
Jeremy Felt 27e29666a8 Multisite: Handle redirect to a user's subdomain properly during login 
`wp-login.php` uses `wp_safe_redirect()` for all redirects, even those that do not involve unsafe data from the request or referer.

When a user of a subdomain site attempts to login to a network site they do not have access to, the host in the redirect URL is treated as unsafe by `wp_safe_redirect()` as it has no immediate awareness as to which hosts are valid on the network. On a subdirectoy network, everything works as expected because the host is the same.

In this specific block of `wp-login.php`, all URLs are generated by WordPress and we can use `wp_redirect()` to handle the redirects. Users authenticating via other network sites will now be redirected properly. Hosts passed via the `redirect_to` query var will continue to be handled by `wp_safe_redirect()`.

Fixes #30598.

Built from https://develop.svn.wordpress.org/trunk@36867


git-svn-id: http://core.svn.wordpress.org/trunk@36834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-03-06 03:06:29 +00:00
Dominik Schilling 7ebe2c1e7a Authentication: Allow users to log in using their email address. 
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.

Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568.
Built from https://develop.svn.wordpress.org/trunk@36617


git-svn-id: http://core.svn.wordpress.org/trunk@36584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-02-22 23:15:27 +00:00
Sergey Biryukov 6e60f8b6f8 Login: In `login_header()`, use correct separator for RTL locales. 
Props ramiy.
Fixes #35737.

Built from https://develop.svn.wordpress.org/trunk@36487


git-svn-id: http://core.svn.wordpress.org/trunk@36454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-02-06 22:56:27 +00:00
Dion Hulse 987ce83cfc CSS: Stop using `wp-admin.min.css` and instead queue the individual stylesheets up through `load-styles.php`. 
We still generate the `wp-admin.*` files for compabitility purposes, however they only include the `@import()` lines.

Fixes #35229

Built from https://develop.svn.wordpress.org/trunk@36341


git-svn-id: http://core.svn.wordpress.org/trunk@36308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2016-01-18 09:57:29 +00:00
John Blackbourn d4eb85569b Login: Revert [34213] and [35897]. It has become apparent that there is a need for a separate function (and corresponding filter) which allows for the login form action URL to differ from the URL used to access the login form, so that plugins or implementations which change the login URL do not need to worry about handling the form submission at the same URL. 
For now, we'll revert to the pre-4.4 behaviour of hard-coding the login form action URL as `wp-login.php` and look at implementing a separate function and corresponding filter in 4.5.

Props KrissieV, salcode, JPry
Fixes #34925
See #35103

Built from https://develop.svn.wordpress.org/trunk@36042


git-svn-id: http://core.svn.wordpress.org/trunk@36007 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-21 03:23:29 +00:00
Pascal Birchler 2981d66990 Login: After [34213], use the `login_post` scheme again for login forms. 
See #34925.
Built from https://develop.svn.wordpress.org/trunk@35897


git-svn-id: http://core.svn.wordpress.org/trunk@35861 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-13 14:03:26 +00:00
Drew Jaynes b3d28ad0b9 Administration: Improve the message displayed in the login form modal when a user's session has expired. 
Props obrienlabs.
Fixes #34340.

Built from https://develop.svn.wordpress.org/trunk@35865


git-svn-id: http://core.svn.wordpress.org/trunk@35829 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-11 16:01:28 +00:00
Andrea Fercia 2ae5db3856 Accessibility: remove no-purpose title attributes from the login screen. 
Also, it's hard to convey the ironic tone of the sentences used for these title attributes in languages other than English.

Fixes #34943.
Built from https://develop.svn.wordpress.org/trunk@35846


git-svn-id: http://core.svn.wordpress.org/trunk@35810 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-12-09 22:20:29 +00:00
Sergey Biryukov 788ea5ba5a Reset Password: Improve wording for a string used in password reset email. 
Props obrienlabs.
Fixes #34605.
Built from https://develop.svn.wordpress.org/trunk@35559


git-svn-id: http://core.svn.wordpress.org/trunk@35523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-11-06 22:36:25 +00:00
Drew Jaynes ad6a1303dc Login: Pass the username and `WP_User` object to the `retrieve_password_title` filter. 
Adding these parameters creates parity with the `retrieve_password_message` filter, used for modifying the message body of the same password reset email.

Props sudar.
Fixes #34252.

Built from https://develop.svn.wordpress.org/trunk@35093


git-svn-id: http://core.svn.wordpress.org/trunk@35058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-13 00:51:24 +00:00
John Blackbourn d2416ca93a Correctly set the `secure` flag on the post password cookie based on the scheme of the referring URL, if it's available, instead of the home URL. 
Fixes #29641

Built from https://develop.svn.wordpress.org/trunk@34932


git-svn-id: http://core.svn.wordpress.org/trunk@34897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-08 03:09:24 +00:00
John Blackbourn 95045d629b Correctly set the `secure` flag for the test cookie based on the login URL scheme, and the same for the user settings cookies based on the admin URL scheme. 
Fixes #34159

Built from https://develop.svn.wordpress.org/trunk@34931


git-svn-id: http://core.svn.wordpress.org/trunk@34896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-08 03:05:25 +00:00
Sergey Biryukov 399c1f3c83 Reset Password: Move the code for creating password reset key into a new function, `get_password_reset_key()`, and use it in `retrieve_password()`. 
Previously: [25231].

Props DH-Shredder.
Fixes #34180.
Built from https://develop.svn.wordpress.org/trunk@34923


git-svn-id: http://core.svn.wordpress.org/trunk@34888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-08 00:11:24 +00:00
John Blackbourn 471752f59a Prevent a PHP notice when POSTing to `wp-login.php?action=register` without a `user_login` or `user_email` field in the POST request. 
Fixes #34192

Built from https://develop.svn.wordpress.org/trunk@34910


git-svn-id: http://core.svn.wordpress.org/trunk@34875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-07 14:43:25 +00:00
John Blackbourn 2d745fabe3 Prevent a PHP notice from appearing on `wp-login.php?action=postpass` when there's no `$_POST['post_password']` parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here). 
Fixes #34160
Props iamfriendly

Built from https://develop.svn.wordpress.org/trunk@34909


git-svn-id: http://core.svn.wordpress.org/trunk@34874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-07 14:30:25 +00:00
Drew Jaynes fa4fed0f80 Login: Pass the `$errors` object as a parameter to the `lostpassword_post` hook. 
Props iamfriendly.
Fixes #32116.

Built from https://develop.svn.wordpress.org/trunk@34885


git-svn-id: http://core.svn.wordpress.org/trunk@34850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 2015-10-06 23:00:25 +00:00