Commit Graph

593 Commits

Author SHA1 Message Date
Sergey Biryukov
3cd067ee34 General: Add missing initial-scale value in viewport meta tags.
The viewport meta should include `initial-scale=1.0` to ensure that high DPI/mobile display works as expected.

References:
* [https://css-tricks.com/probably-use-initial-scale1/ CSS-Tricks: Probably Use initial-scale=1]
* [https://www.sitepoint.com/community/t/is-it-necessary-to-include-initial-scale-1-0-in-the-meta-viewport-tag/455119 SitePoint Forums: Is it necessary to include initial-scale=1.0 in the meta viewport tag?]

Follow-up to [59026].

Props dhruvang21, sabernhardt, kkmuffme, mukesh27, narenin, swissspidy, SergeyBiryukov.
Fixes #61988.
Built from https://develop.svn.wordpress.org/trunk@59027


git-svn-id: http://core.svn.wordpress.org/trunk@58423 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-09-17 00:03:54 +00:00
Sergey Biryukov
144cc650b9 Login and Registration: Remove redundant escaping in wp-login.php.
* `$user_login` in the `login` action is already escaped on output.
* `$user_login` and `$user_email` in the `register` action are already unslashed a few lines above.

Follow-up to [3120], [4339], [8454], [11104], [23416], [23554], [23594], [46640].

Props johnjamesjacoby, rajinsharwar, narenin.
Fixes #55335.
Built from https://develop.svn.wordpress.org/trunk@58623


git-svn-id: http://core.svn.wordpress.org/trunk@58056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-07-02 17:46:15 +00:00
Sergey Biryukov
61b45944d1 Docs: Clarify that the $wp_error parameter of login_header() is nullable.
Follow-up to [7991], [25701], [28792], [43457], [58209], [58220].

See #60668, #60699.
Built from https://develop.svn.wordpress.org/trunk@58224


git-svn-id: http://core.svn.wordpress.org/trunk@57687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-28 11:13:12 +00:00
audrasjb
477e688d1c Login and Registration: login_header() docblock update after [58209].
This changeset indicates that the `$title` parameter is now nullable.

Follow-up to [58209].

Props skithund.
Fixes #60668.



Built from https://develop.svn.wordpress.org/trunk@58220


git-svn-id: http://core.svn.wordpress.org/trunk@57683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-27 21:32:13 +00:00
audrasjb
fb4fcb4388 Login and Registration: Ensure login header title is translatable.
This changeset ensures the login header default title string is translatable in `login_header()`.

Props juliobox, swissspidy, audrasjb.
Fixes #60668.



Built from https://develop.svn.wordpress.org/trunk@58209


git-svn-id: http://core.svn.wordpress.org/trunk@57672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-27 14:11:12 +00:00
Sergey Biryukov
0888e755d7 Login and Registration: Check that post_password is a string in wp-login.php.
This prevents a fatal error if an array is passed instead.

Follow-up to [19925], [34909], [58023].

Props dd32, swissspidy.
Fixes #61136.
Built from https://develop.svn.wordpress.org/trunk@58093


git-svn-id: http://core.svn.wordpress.org/trunk@57558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-03 14:32:17 +00:00
Sergey Biryukov
3c5da9c743 Login and Registration: Check that redirect_to is a string in wp-login.php.
This prevents a fatal error if an array is passed instead.

Follow-up to [2876], [4969], [7524], [8701], [25701], [31417], [49109].

Props TimoTijhof.
Fixes #59373.
Built from https://develop.svn.wordpress.org/trunk@58023


git-svn-id: http://core.svn.wordpress.org/trunk@57489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-04-18 06:24:22 +00:00
audrasjb
5cdfecb35e Docs: Update various HelpHub links to avoid unnecessary redirections.
Follow-up to [57793], [57798], [57800].

Props mkismy.
See #60732, #60699.




Built from https://develop.svn.wordpress.org/trunk@57801


git-svn-id: http://core.svn.wordpress.org/trunk@57302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-03-11 14:08:10 +00:00
joedolson
cb1e71aa25 Administration: Remove empty form action attributes.
Remove the `action` attribute in the login language selector, privacy forms, and classic widget forms.

An empty `action` attribute is invalid HTML4 and unsupported HTML5. The `action` attribute is optional, but must have a valid URL when provided.

Props Malae, audrasjb, bartkleinreesink, nicolefurlan, shubhamsedani, costdev, peterwilsoncc, rajinsharwar, joedolson.
Fixes #58226.
Built from https://develop.svn.wordpress.org/trunk@57295


git-svn-id: http://core.svn.wordpress.org/trunk@56801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-01-16 17:31:13 +00:00
Sergey Biryukov
09c9a0a892 Login and Registration: Use correct variable to display a single error message.
When the `wp_login_errors` filter is used to add an error message followed by an instructional message, the former was not displayed and the latter was errouneously displayed twice above the login form.

This commit ensures that the error message is displayed as expected.

Follow-up to [56654].

Props mapumba.
Fixes #59983.
Built from https://develop.svn.wordpress.org/trunk@57142


git-svn-id: http://core.svn.wordpress.org/trunk@56653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-11-29 09:34:28 +00:00
Weston Ruter
583ba4dc6d Script Loader: Remove erroneous type attribute from script tag wrapper on login screen.
This was causing a `_doing_it_wrong()` notice from `wp_remove_surrounding_empty_script_tags()`. In fact, the `type` attribute was added in [56748] to test this incorrect usage notice. This commit reverts that change.

Follow-up to [56748].
Unprops westonruter.
See #58664.

Built from https://develop.svn.wordpress.org/trunk@56750


git-svn-id: http://core.svn.wordpress.org/trunk@56262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-29 22:01:31 +00:00
Weston Ruter
a20cb28d14 Script Loader: Harden removal of script tag wrappers.
* Add `wp_remove_surrounding_empty_script_tags()` to more precisely remove script tag wrappers and warn when doing it wrong.
* Add clarifying comments for XML escaping logic in `wp_get_inline_script_tag()`.
* Leverage `WP_HTML_Tag_Processor` in `test_remove_frameless_preview_messenger_channel`.
* Reuse `assertEqualMarkup` in `test_blocking_dependent_with_delayed_dependency`.
* Normalize whitespace in `parse_markup_fragment` for `assertEqualMarkup`.

Follow-up to [56687].
Props dmsnell, westonruter, flixos90.
See #58664.

Built from https://develop.svn.wordpress.org/trunk@56748


git-svn-id: http://core.svn.wordpress.org/trunk@56260 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-29 19:47:21 +00:00
Weston Ruter
e7747ce23e Script Loader: Use wp_get_script_tag() and wp_get_inline_script_tag()/wp_print_inline_script_tag() helper functions to output scripts on the frontend and login screen.
Using script tag helper functions allows plugins to employ the `wp_script_attributes` and `wp_inline_script_attributes` filters to inject the `nonce` attribute to apply Content Security Policy (e.g. Strict CSP). Use of helper functions also simplifies logic in `WP_Scripts`.

* Update `wp_get_inline_script_tag()` to wrap inline script in CDATA blocks for XHTML-compatibility when not using HTML5.
* Ensure the `type` attribute is printed first in `wp_get_inline_script_tag()` for back-compat.
* Wrap existing `<script>` tags in output buffering to retain IDE supports.
* In `wp_get_inline_script_tag()`, append the newline to `$javascript` before it is passed into the `wp_inline_script_attributes` filter so that the CSP hash can be computed properly.
* In `the_block_template_skip_link()`, opt to enqueue the inline script rather than print it.
* Add `ext-php` to `composer.json` under `suggest` as previously it was an undeclared dependency for running PHPUnit tests.
* Update tests to rely on `DOMDocument` to compare script markup, normalizing unsemantic differences.

Props westonruter, spacedmonkey, flixos90, 10upsimon, dmsnell, mukesh27, joemcgill, swissspidy, azaozz.
Fixes #58664.
See #39941.

Built from https://develop.svn.wordpress.org/trunk@56687


git-svn-id: http://core.svn.wordpress.org/trunk@56199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-25 21:05:21 +00:00
joedolson
491a21da64 Login and Registration: Improve HTML for errors and notices.
Improve markup on Login and Registration errors. Use list markup for multiple issues, paragraph when only one to reduce semantic burden in the most common case. Normalize classes and markup for wrapper using `wp_admin_notice()` and `wp_get_admin_notice()` functions. Move definition of those functions from `wp-admin\includes\misc.php` to `wp-includes\functions.php`. Move tests to functions group. 

Props extendwings, sabernhardt, afercia, lukecavanagh, rianrietveld, oglekler, sergeybiryukov, costdev, joedolson.
Fixes #30685.
Built from https://develop.svn.wordpress.org/trunk@56654


git-svn-id: http://core.svn.wordpress.org/trunk@56166 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-21 18:24:15 +00:00
costdev
f388dc8e38 Login and Registration: Introduce classes wp-login.php footer links.
This introduces classes for the "Log in", "Register" and "Lost your password?" links in the footer of `wp-login.php` forms so that they may be easily targeted for individual styling.

The new classes are:
- `.wp-login-log-in`
- `.wp-login-register`
- `.wp-login-lost-password`

Props wparslan, thomasplevy, rajinsharwar, audrasjb, joedolson, costdev.
Fixes #57590.
Built from https://develop.svn.wordpress.org/trunk@56628


git-svn-id: http://core.svn.wordpress.org/trunk@56140 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-19 22:45:19 +00:00
Sergey Biryukov
34dd52dea7 Coding Standards: Use instanceof keyword instead of the is_a() function.
This is a micro-optimization that removes a few unnecessary function calls.

Follow-up to [31188], [34369], [38986], [41159], [43211], [43230], [44606], [45757].

Props ayeshrajans, jrf, rajinsharwar, costdev, mukesh27, SergeyBiryukov.
Fixes #58943.
Built from https://develop.svn.wordpress.org/trunk@56352


git-svn-id: http://core.svn.wordpress.org/trunk@55864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-03 12:10:28 +00:00
Sergey Biryukov
59f1c9c205 Code Modernization: Use str_contains() in a few more places.
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [55988], [55990], [56014], [56021], [56031], [56032], [56065], [56241].

See #58206.
Built from https://develop.svn.wordpress.org/trunk@56245


git-svn-id: http://core.svn.wordpress.org/trunk@55757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-17 13:18:27 +00:00
John Blackbourn
974d2e18ec Docs: Correct the formatting of various filter documentation.
See #57840

Built from https://develop.svn.wordpress.org/trunk@56157


git-svn-id: http://core.svn.wordpress.org/trunk@55669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-07 00:36:22 +00:00
Sergey Biryukov
1ce5dc7444 Code Modernization: Replace usage of strpos() with str_contains().
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].

Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988


git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:36:26 +00:00
joedolson
17749f1d23 Login and Registration: Add required to Username/password inputs.
Add the `required` attributes to username and password inputs for login.

Props aznadesign, sanchothefat, alexstine, nant82, swissspidy, afercia, d-signed, joedolson.
Fixes #32510.
Built from https://develop.svn.wordpress.org/trunk@55953


git-svn-id: http://core.svn.wordpress.org/trunk@55465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-20 22:48:21 +00:00
audrasjb
7f247349b6 Docs: Use third-person singular verbs in various function descriptions, as per docblocks standards.
Follow-up to [55911], [55916], [55917].

Props costdev.
See #57840.



Built from https://develop.svn.wordpress.org/trunk@55918


git-svn-id: http://core.svn.wordpress.org/trunk@55430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-14 14:11:16 +00:00
Sergey Biryukov
2ec23a82ed Code Modernization: Replace usage of strpos() with str_starts_with().
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).

WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.

While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.

Follow-up to [52039], [52040], [52326].

Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes #58012.
Built from https://develop.svn.wordpress.org/trunk@55703


git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 15:45:22 +00:00
audrasjb
418a21fdbc Help/About: Use the new /documentation/ URLs for HelpHub links in WordPress Admin.
As `https://wordpress.org/support/` was redirected to `https://wordpress.org/documentation/`, this changeset replaces various `/support/article/*` links with `/documentation/article/*` to avoid an extra redirect.

This also updates links to Support Forums by replacing `https://wordpress.org/support/` URLs with `https://wordpress.org/support/forums/`.

Props SergeyBiryukov, audrasjb, dhrupo, hasanmisbah, sakibmd, sabernhardt.
See #57726.

Built from https://develop.svn.wordpress.org/trunk@55412


git-svn-id: http://core.svn.wordpress.org/trunk@54945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-23 10:38:21 +00:00
Sergey Biryukov
9c5d4ca8d1 I18N: Mark screen reader strings as such with translator comments.
This aims to provide better context for translators and make it easier to determine that some strings contain hidden accessibility text and are not displayed in the UI.

Props kebbet, mercime, pavelevap, ocean90, swissspidy, Chouby, jipmoors, afercia, desrosj, costdev, audrasjb, SergeyBiryukov.
Fixes #29748.
Built from https://develop.svn.wordpress.org/trunk@55276


git-svn-id: http://core.svn.wordpress.org/trunk@54809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-07 17:10:21 +00:00
Sergey Biryukov
89706afd21 Coding Standards: Bring some consistency to the order of attributes in password fields.
Follow-up to [11359], [13592], [13696], [33023], [33246], [33353], [41556], [46256], [49248], [53111], [55094].

See #56791.
Built from https://develop.svn.wordpress.org/trunk@55145


git-svn-id: http://core.svn.wordpress.org/trunk@54678 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-26 18:12:11 +00:00
audrasjb
0f28fc7aed Login and Registration: Disable spellcheck for password fields.
This changeset adds `spellcheck="false"` attribute to various password fields.

The spellcheck global attribute defines whether the element may be checked for spelling errors. The `false` value indicates that the element should not be checked for spelling errors, which is relevant for a password field.

Furthermore, and as per MDN specs, using spellchecking can have consequences for users' security and privacy. The specification does not regulate how spellchecking is done and the content of the element may be sent to a third party for spellchecking results. Thus, it is recommended to set `spellcheck` attribute to `false` for elements that can contain sensitive information. Which is the case for password fields.

Props dziudek, audrasjb, gainesm, fosuahmed.
Fixes #56763.

Built from https://develop.svn.wordpress.org/trunk@55094


git-svn-id: http://core.svn.wordpress.org/trunk@54627 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-19 08:53:13 +00:00
Sergey Biryukov
665719b9de Docs: Revise comments using “we” in WordPress root directory files.
This updates some inline comments to better match the guidelines and recommendations set forth in the make/core and make/docs handbooks:

> In general, use second person in your documentation. Second person depicts a friendly tone, with a perfect focus on the reader. In addition to this, directly addressing the reader helps avoid passive voice; thereby preventing unwanted confusion.
> ...
> the word “we” should be avoided (...) unless its made very clear which group is speaking.

Includes:
* Replacing first-person usage of "we" with second person point of view.
* Making small clarification adjustments where the voice is much too casual or lacks clear context, especially for non-native English speakers.

References:
* [https://make.wordpress.org/docs/style-guide/language-grammar/grammatical-person/ Style Guide: Grammatical person]
* [https://make.wordpress.org/docs/handbook/documentation-team-handbook/handbooks-style-and-formatting-guide/ Handbooks & HelpHub Style and Formatting Guide]
* [https://make.wordpress.org/core/handbook/best-practices/post-comment-guidelines/#style-and-substance Post & Comment Guidelines: Style and Substance]

Follow-up to [2176], [3430], [4676], [6009], [7991], [12688], [12762], [26008], [28978], [44488], [44962], [51979], [53131], [53132], [53156], [53131], [54200].

Props ironprogrammer, costdev, jorbin, SergeyBiryukov.
See #57052.
Built from https://develop.svn.wordpress.org/trunk@54866


git-svn-id: http://core.svn.wordpress.org/trunk@54418 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-23 15:43:13 +00:00
Sergey Biryukov
5e58ab8b2a Docs: Split the "main part" comment in wp-login.php into two lines.
This aims to better match the multi-line comment format of the documentation standards.

Follow-up to [6643], [52945], [53313].

Props sabernhardt, NekoJonez.
Fixes #56843.
Built from https://develop.svn.wordpress.org/trunk@54848


git-svn-id: http://core.svn.wordpress.org/trunk@54400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-16 13:51:13 +00:00
Sergey Biryukov
d34882e9e6 Docs: Correct the wording in wp_lostpassword_url() description.
This affects:
* The `wp_lostpassword_url()` function.
* The `lost_password_html_link` filter.

The filter description was copied from the function, which appears to be not quite accurate, as the lost password can only be reset, not retrieved.

Follow-up to [11448], [54206].

See #55646.
Built from https://develop.svn.wordpress.org/trunk@54224


git-svn-id: http://core.svn.wordpress.org/trunk@53783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-19 22:26:10 +00:00
davidbaumwald
0da06515aa Login and Registration: Add a new filter for the lost password link.
On the login page, the "Register" link for new users has been filterable for some time.  This change adds the ability to filter the "Lost your password?" link as well.

Props wparslan, audrasjb, rafiahmedd, SergeyBiryukov, antonvlasenko, hellofromTonya.
Fixes #55388.
Built from https://develop.svn.wordpress.org/trunk@54206


git-svn-id: http://core.svn.wordpress.org/trunk@53765 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-19 17:09:08 +00:00
John Blackbourn
79db573265 Docs: Various corrections and improvements to inline documentation.
See #55646

Built from https://develop.svn.wordpress.org/trunk@53827


git-svn-id: http://core.svn.wordpress.org/trunk@53386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-04 14:52:11 +00:00
joedolson
9f851abc3f Coding Standards: Missed space in code indentation in [53707].
Fixes code style issue from [53707].

Follow up to [53707].

See #54483.

Built from https://develop.svn.wordpress.org/trunk@53708


git-svn-id: http://core.svn.wordpress.org/trunk@53267 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-15 23:59:09 +00:00
joedolson
38a13f94ba Login: Explicitly associate errors with input fields.
Add an `aria-describedby` relationship between login email/password input fields and displayed login error messages.

Props patrickgroot, rollybueno, afercia.
Fixes #54483.
Built from https://develop.svn.wordpress.org/trunk@53707


git-svn-id: http://core.svn.wordpress.org/trunk@53266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-07-15 23:40:10 +00:00
audrasjb
bbe60d66c3 Text Changes: Improve consistency of admin error notices.
This changeset replaces `<strong>Error</strong>:` with `<strong>Error:</strong>`, for better consistency.

Props transl8or, mihaidumitrascu, audrasjb.
Fixes #50785.

Built from https://develop.svn.wordpress.org/trunk@53458


git-svn-id: http://core.svn.wordpress.org/trunk@53047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-02 15:05:13 +00:00
Sergey Biryukov
01d172b581 General: Replace all esc_url_raw() calls in core with sanitize_url().
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.

Follow-up to [11383], [13096], [51597], [53452].

Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes #55852.
Built from https://develop.svn.wordpress.org/trunk@53455


git-svn-id: http://core.svn.wordpress.org/trunk@53044 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-01 18:14:10 +00:00
Sergey Biryukov
4fc2b46aa0 Docs: Further clarify a comment for the main part of wp-login.php.
Follow-up to [52945].

Fixes #54746.
Built from https://develop.svn.wordpress.org/trunk@53313


git-svn-id: http://core.svn.wordpress.org/trunk@52902 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-29 14:36:10 +00:00
joedolson
b518b73602 Users: Use autocomplete values on user profiles.
Assign appropriate autocomplete values for new and edited user, user email, and password fields.

Props clonemykey, sabernhardt, WraithKenny, bookdude13, konradyoast.
Fixes #43886, #52714.
Built from https://develop.svn.wordpress.org/trunk@53111


git-svn-id: http://core.svn.wordpress.org/trunk@52700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-08 17:40:07 +00:00
Peter Wilson
d798e60859 Login, Registration: Fix coding standards errors in [53067].
See #35500.


Built from https://develop.svn.wordpress.org/trunk@53068


git-svn-id: http://core.svn.wordpress.org/trunk@52657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-05 04:18:03 +00:00
Peter Wilson
d4f060b216 Login, Registration: Prevent password reset to whitespace alone.
Prevent users from using the password reset form to set their password to whitespace alone (tabs, spaces). This matches the processing used during the authentication flow, ensuring users do not inadvertently get locked out of their account.

Props antonrinas, swissspidy, voldemortensen, hellofromTonya, henry.wright, costdev.
Fixes #35500.


Built from https://develop.svn.wordpress.org/trunk@53067


git-svn-id: http://core.svn.wordpress.org/trunk@52656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-04-05 03:27:03 +00:00
joedolson
9131d74641 Login and Registration: Add autocomplete attributes.
Set valid autocomplete attributes for registration and login fields for username, email, and current password. Autocomplete values are required in WCAG 2.1 at level AA for login forms.

Props johnjamesjacoby, dhanendran, rianrietveld, joedolson, peterwilsoncc.
Fixes #41136.

Built from https://develop.svn.wordpress.org/trunk@53041


git-svn-id: http://core.svn.wordpress.org/trunk@52630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-31 17:13:01 +00:00
Peter Wilson
5c2f80f60f Registration/Login: Coding standards fixes for wp-login.php.
Props alkesh7, Presskopp, audrasjb.
Fixes #54746.
See #54728.

Built from https://develop.svn.wordpress.org/trunk@52945


git-svn-id: http://core.svn.wordpress.org/trunk@52534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-03-17 04:57:03 +00:00
davidbaumwald
55aaefe766 Login and Registration: Remove aria-expanded from "Generate Password" button.
During password resets, the 'Generate Password" button has a `aria-expanded="true"` attribute, but the button itself does not expand or collapse anything.  This change adds a `skip-aria-expanded` class to the button which is referenced in JavaScript to skip updating the `aria-expanded` attribute on the button itself when clicked.  

This change also resets the `aria-expanded` attribute to `false` for the parent form after it's submitted.

Props alexstine, johnjamesjacoby, sabernhardt.
Fixes #54538.
Built from https://develop.svn.wordpress.org/trunk@52450


git-svn-id: http://core.svn.wordpress.org/trunk@52042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-05 17:37:03 +00:00
audrasjb
937398741b Login and registration: Rename login_language_switcher_args to login_language_dropdown_args.
This change adds better consistency with the other `*_dropdown_args` filters, like `taxonomy_parent_dropdown_args` or `widget_archives_dropdown_args`. It is also more consistent with the new `login_display_language_dropdown` filter.

Props SergeyBiryukov, faisal03.
Fixes #54696.

Built from https://develop.svn.wordpress.org/trunk@52435


git-svn-id: http://core.svn.wordpress.org/trunk@52027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-04 08:30:04 +00:00
audrasjb
4f16b910f3 Login and registration: Rename two filters related to language dropdown for better consistency.
This change renames two filters introduced in WP 5.9 development cycle. It replaces `display_login_language_dropdown` with `login_display_language_dropdown` and `wp_login_language_switcher_args` with `login_language_switcher_args`, for better consistency with the other existing `login_*` filters.

Props kebbet, mukesh27, audrasjb, Clorith, hellofromTonya.
Fixes #54696.

Built from https://develop.svn.wordpress.org/trunk@52432


git-svn-id: http://core.svn.wordpress.org/trunk@52024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-01-03 22:14:00 +00:00
audrasjb
3366e3859f Login and Registration: Use secondary button style for the Language switcher.
This change avoids having two primary buttons in the login screen.

Props rainbowgeek, audrasjb.
Fixes #54692.

Built from https://develop.svn.wordpress.org/trunk@52417


git-svn-id: http://core.svn.wordpress.org/trunk@52009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-25 11:36:59 +00:00
audrasjb
5e08149bf4 Coding Standards: Remove unwanted whitespaces after [52404].
Follow-up to [52404].

See #54675.

Built from https://develop.svn.wordpress.org/trunk@52405


git-svn-id: http://core.svn.wordpress.org/trunk@51997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-21 19:00:00 +00:00
audrasjb
d0b3567730 Login and registration: Add a filter to allow to disable the Login screen language dropdown.
This change introduces the `display_login_language_dropdown` filter which allows to disable the Login screen language dropdown. 

Follow-up to [52058].

Props rickcurran, audrasjb, ocean90, hellofromtonya, costdev, johnbillion.
Fixes #54675.

Built from https://develop.svn.wordpress.org/trunk@52404


git-svn-id: http://core.svn.wordpress.org/trunk@51996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-21 18:52:03 +00:00
John Blackbourn
39bff93b6b Docs: Various inline documentation corrections and improvements.
See #53399

Built from https://develop.svn.wordpress.org/trunk@52332


git-svn-id: http://core.svn.wordpress.org/trunk@51924 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-07 12:20:02 +00:00
audrasjb
0a8b1555b8 Login and Registration: auto-focus the reset password field.
Although auto-focusing form fields can be arguable in some cases, it makes sense when there is a very specific task to accomplish and when there is no relevant content before the auto-focused field.

This change brings consistency between various forms generated by `wp-login.php`.

Props afercia, donmhico, sabernhardt.
Fixes #40302.

Built from https://develop.svn.wordpress.org/trunk@52193


git-svn-id: http://core.svn.wordpress.org/trunk@51785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-17 00:14:01 +00:00
davidbaumwald
372c7476b2 Login and Registration: Pass $errors parameter to registration_redirect filter.
On user registration, the `$errors` variable is the result of `register_new_user` which contains either the newly registered user's ID on success or a `WP_Error` object on failure.  This change passes that context to the `registration_redirect` filter.

Props Collizo4sky, aadilali, mukesh27, audrasjb.
Fixes #53992.
Built from https://develop.svn.wordpress.org/trunk@52091


git-svn-id: http://core.svn.wordpress.org/trunk@51683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-09 23:47:59 +00:00