Commit Graph

674 Commits

Author SHA1 Message Date
TimothyBlynJacobs
aac98aae97 App Passwords: Prevent conflicts when Basic Auth is already used by the site.
Application Passwords uses Basic Authentication to transfer authentication details. If the site is already using Basic Auth, for instance to implement a private staging environment, then the REST API will treat this as an authentication attempt and would end up generating an error for any REST API request.

Now, Application Password authentication will only be attempted if Application Passwords is in use by a site. This is flagged by setting an option whenever an Application Password is created. An upgrade routine is added to set this option if any App Passwords already exist.

Lastly, creating an Application Password will be prevented if the site appears to already be using Basic Authentication.

Props chexwarrior, georgestephanis, adamsilverstein, helen, Clorith, marybaum, TimothyBlynJacobs.
Fixes #51939.


Built from https://develop.svn.wordpress.org/trunk@49752


git-svn-id: http://core.svn.wordpress.org/trunk@49475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 21:44:07 +00:00
John Blackbourn
f4cda1b62f Docs: Upgrade more parameters in docblocks to used typed array notation.
See #51800, #41756

Built from https://develop.svn.wordpress.org/trunk@49693


git-svn-id: http://core.svn.wordpress.org/trunk@49416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-24 21:27:05 +00:00
John Blackbourn
35f6c356c1 Docs: Document parameters that accept an array of integers using typed array notation.
While many of these parameters also technically accept an array of numerical strings, they are all ultimately cast to an array of integers. Documenting them as such assists developers in understanding the expected types.

See #51800, #41756

Built from https://develop.svn.wordpress.org/trunk@49672


git-svn-id: http://core.svn.wordpress.org/trunk@49395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-19 18:24:09 +00:00
Sergey Biryukov
f7d3a8b5c4 App Passwords: Add missing i18n for an error message.
Follow-up to [49617].

See #51513.
Built from https://develop.svn.wordpress.org/trunk@49627


git-svn-id: http://core.svn.wordpress.org/trunk@49365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-17 10:21:08 +00:00
TimothyBlynJacobs
d9b35c8e98 App Passwords: Unify availability language.
Previously App Passwords used a mix of "enabled" and "available". We've now standardized on using "available".

Additionally, we now use a 501 status code when indicating that App Passwords is not available.

Props SergeyBiryukov, ocean90, TimothyBlynJacobs.
Fixes #51513.

Built from https://develop.svn.wordpress.org/trunk@49617


git-svn-id: http://core.svn.wordpress.org/trunk@49355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-16 22:42:04 +00:00
Helen Hou-Sandí
340c834fa3 Privacy: More precise checking of user request action names.
Props garrett-eclipse.
Fixes #46536.

Built from https://develop.svn.wordpress.org/trunk@49475


git-svn-id: http://core.svn.wordpress.org/trunk@49234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-02 18:42:04 +00:00
Sergey Biryukov
1ce2f12eaf Docs: Correct description for wp_pre_insert_user_data filter.
Props audrasjb.
Fixes #51637.
Built from https://develop.svn.wordpress.org/trunk@49314


git-svn-id: http://core.svn.wordpress.org/trunk@49076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-26 22:53:06 +00:00
John Blackbourn
727922c8eb Docs: Further corrections and promotions for docblocks relating to object types.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49197


git-svn-id: http://core.svn.wordpress.org/trunk@48959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 20:53:08 +00:00
John Blackbourn
c16ae60deb Docs: Fix and upgrade various object docblock notations.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49183


git-svn-id: http://core.svn.wordpress.org/trunk@48945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-17 16:05:09 +00:00
Sergey Biryukov
22c86907c4 Docs: Improve description of the $email parameter in email_exists().
Follow-up to [49148].

Props garrett-eclipse.
See #51379.
Built from https://develop.svn.wordpress.org/trunk@49153


git-svn-id: http://core.svn.wordpress.org/trunk@48915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-15 00:16:08 +00:00
Sergey Biryukov
118b9aea4d Users: Introduce email_exists filter, to complement username_exists.
Props garrett-eclipse, apermo, mukesh27, Mista-Flo, sebastian.pisula, mikelopez.
Fixes #51379. See #35509.
Built from https://develop.svn.wordpress.org/trunk@49148


git-svn-id: http://core.svn.wordpress.org/trunk@48910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-14 19:04:08 +00:00
Dominik Schilling
4dfe5ecfe1 Users: Enable Application Passwords for local development environments, even if HTTPS is not available.
This will make testing the new feature easier since the local development environment is only accessible via HTTP by default.
Also update docs to link to the relevant filters.

See #42790.
Fixes #51503.
Built from https://develop.svn.wordpress.org/trunk@49139


git-svn-id: http://core.svn.wordpress.org/trunk@48901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-13 20:10:04 +00:00
TimothyBlynJacobs
d5ebe12f11 REST API: Introduce Application Passwords for API authentication.
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.

This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.

Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.

Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes #42790.

Built from https://develop.svn.wordpress.org/trunk@49109


git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 22:14:06 +00:00
Sergey Biryukov
1651342d2b Privacy: Improve clarity of privacy error strings.
Primarily this adds "user privacy" to the strings for privacy requests, so they are more easily distinguished from other system actions within logs.

Props garrett-eclipse, carike, birgire.
Fixes #51351.
Built from https://develop.svn.wordpress.org/trunk@49090


git-svn-id: http://core.svn.wordpress.org/trunk@48852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-04 03:23:09 +00:00
Sergey Biryukov
d4a319c453 Users: Check if the user ID passed as selected to wp_dropdown_users() corresponds to an existing user.
This avoids a few PHP notices if the `include_selected` parameter was specified and a non-existing user ID was passed.

Props campusboy1987.
Fixes #51370.
Built from https://develop.svn.wordpress.org/trunk@49036


git-svn-id: http://core.svn.wordpress.org/trunk@48798 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-23 00:27:07 +00:00
John Blackbourn
aef504acfd Docs: Correct the indentation for some array type docs.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49028


git-svn-id: http://core.svn.wordpress.org/trunk@48790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-21 16:46:06 +00:00
Sergey Biryukov
1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov
5f6d6a79e8 Docs: Document that various metadata functions return false for an invalid ID.
Props salcode.
See #40519.
Built from https://develop.svn.wordpress.org/trunk@48658


git-svn-id: http://core.svn.wordpress.org/trunk@48420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-28 10:15:04 +00:00
John Blackbourn
9bc7d0a776 Docs: Another pass at some inline docs fixes mostly made by PHPCBF.
See #49572, #50744
Built from https://develop.svn.wordpress.org/trunk@48590


git-svn-id: http://core.svn.wordpress.org/trunk@48352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 21:11:05 +00:00
John Blackbourn
7f898dd9c4 Docs: Use more appropriate variable names in the inline docs for action and filter parameters.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48585


git-svn-id: http://core.svn.wordpress.org/trunk@48347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 19:06:03 +00:00
Sergey Biryukov
347e831768 Docs: Improve documentation for the $prev_value parameter and return result of various metadata update functions.
Props stevenlinx.
Fixes #50502. See #49572.
Built from https://develop.svn.wordpress.org/trunk@48214


git-svn-id: http://core.svn.wordpress.org/trunk@47983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 21:22:09 +00:00
Sergey Biryukov
40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
desrosj
4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
Andrea Fercia
ae447adaf4 I18N: Restore the "Error:" prefix for error messages.
Partially reverts [48059] as there's no full consensus on the removal of the text prefix. Further actions should be taken to improve consistency and accessibility of the admin notices. Keeps some improvements to the translatable strings from [48059].

Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48115


git-svn-id: http://core.svn.wordpress.org/trunk@47884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-21 14:00:09 +00:00
Sergey Biryukov
d586e4330d Docs: Miscellaneous DocBlock corrections for email filters in wp-includes/user.php.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48107


git-svn-id: http://core.svn.wordpress.org/trunk@47876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:22:07 +00:00
John Blackbourn
1a77bb81d8 Docs: Remove unnecessary variables names from @return tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
Sergey Biryukov
2c19aee6d5 Login and Registration: Introduce lostpassword_errors filter in retrieve_password() for errors encountered on a password reset request.
This complements the `registration_errors` filter in `register_new_user()`.

Props wpdo5ea, dilipbheda.
Fixes #49521.
Built from https://develop.svn.wordpress.org/trunk@48084


git-svn-id: http://core.svn.wordpress.org/trunk@47851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-18 20:24:09 +00:00
Sergey Biryukov
de59ad23a4 Docs: Consistently include an empty line between @since tag and @see, @link, or @global, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48067


git-svn-id: http://core.svn.wordpress.org/trunk@47834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 21:07:14 +00:00
Sergey Biryukov
8fdb0728be Text Changes: Replace "webmaster" with "site admin" in register_new_user().
Follow-up to [48049], accidentally reverted in [48059].

Props kebbet.
See #50394.
Built from https://develop.svn.wordpress.org/trunk@48066


git-svn-id: http://core.svn.wordpress.org/trunk@47833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 20:05:10 +00:00
Andrea Fercia
f83c504b88 I18N: Remove the "Error:" prefix from error messages.
For a number of years, most of the WordPress error messages have been prefixed with "Error:". However, these messages appear in a context where it's already clear an error occurred. Whether it's an error, a warning, or any other classification, that's not so relevant for users. The content of the message is the relevant part. The "Error:" prefix doesn't add great value while it does add unnecessary complexity for the message readability.

Also, revises some of these messages to improve clarity and removes HTML from translatable strings.

Props garrett-eclipse, ramiy, SergeyBiryukov, afercia, sabernhardt, quadthemes, audrasjb. 
See #47003, #43037, #42945, #15887.
Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48059


git-svn-id: http://core.svn.wordpress.org/trunk@47826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 15:35:13 +00:00
Sergey Biryukov
6aa5788189 Text Changes: Replace "Webmaster" in output messages with more appropriate terms:
* "All at `###SITENAME###`" in `wp-admin/ms-delete-site.php`, for consistency with other Multisite emails.
* "Site admin" in `register_new_user()`, for clarity.

Props Presskopp, marybaum.
Fixes #50394.
Built from https://develop.svn.wordpress.org/trunk@48049


git-svn-id: http://core.svn.wordpress.org/trunk@47816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-15 19:41:11 +00:00
Sergey Biryukov
7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
whyisjake
f7b4147bea User: Invalidate user_activation_key on password update.
Props: sstoqnov, sergeybiryukov.


Built from https://develop.svn.wordpress.org/trunk@47634


git-svn-id: http://core.svn.wordpress.org/trunk@47409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-29 15:25:07 +00:00
Sergey Biryukov
427405535f Docs: Synchronize parameter documentation for various metadata functions, update per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47611


git-svn-id: http://core.svn.wordpress.org/trunk@47386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 10:31:09 +00:00
Sergey Biryukov
9aa0fff80e Docs: Document the default value of $single and $prev_value parameters in various metadata functions.
Props denisco.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47610


git-svn-id: http://core.svn.wordpress.org/trunk@47385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 09:40:10 +00:00
Sergey Biryukov
38676936ba Coding Standards: Use strict type check for in_array() and array_search() where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
John Blackbourn
24567bf775 Privacy: Fix the URLs and legacy redirects for the personal data export and erasure screens.
Props Jurgen Oldenburg, garrett-eclipse

Fixes #49476
Built from https://develop.svn.wordpress.org/trunk@47412


git-svn-id: http://core.svn.wordpress.org/trunk@47199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-03 00:50:06 +00:00
Sergey Biryukov
1e81c20ff5 Docs: In wp_insert_user(), correct @type for rich_editing, syntax_highlighting, comment_shortcuts, and show_admin_bar_front arguments.
Follow-up to [47368].

See #49087.
Built from https://develop.svn.wordpress.org/trunk@47369


git-svn-id: http://core.svn.wordpress.org/trunk@47156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 18:20:06 +00:00
Sergey Biryukov
2cd5292def Docs: In wp_insert_user(), clarify that rich_editing, syntax_highlighting, comment_shortcuts, and show_admin_bar_front arguments accept true or false as a string literal, not boolean.
Props garrett-eclipse, audrasjb, valentinbora, bilgilabs, SergeyBiryukov.
Fixes #49087.
Built from https://develop.svn.wordpress.org/trunk@47368


git-svn-id: http://core.svn.wordpress.org/trunk@47155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 18:16:07 +00:00
Sergey Biryukov
652966a2a5 Privacy: Introduce filters for the headers of all the privacy-related e-mails:
* `wp_privacy_personal_data_email_headers`
* `user_request_confirmed_email_headers`
* `user_erasure_complete_email_headers`
* `user_request_action_email_headers`

Props xkon, garrett-eclipse, zaffarn, desrosj.
Fixes #44501.
Built from https://develop.svn.wordpress.org/trunk@47279


git-svn-id: http://core.svn.wordpress.org/trunk@47079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 21:43:07 +00:00
Sergey Biryukov
cbaf9bf9d1 Coding Standards: Use a strict in_array() check for reserved names of user data items in wp_user_personal_data_exporter().
Props azaozz.
Fixes #47509.
Built from https://develop.svn.wordpress.org/trunk@47277


git-svn-id: http://core.svn.wordpress.org/trunk@47077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 20:55:07 +00:00
Sergey Biryukov
5a29f108e0 Privacy: Introduce wp_privacy_additional_user_data filter to make it easier to include additional user meta in a personal data export.
Props pbiron, xkon, garrett-eclipse, azaozz.
Fixes #47509.
Built from https://develop.svn.wordpress.org/trunk@47270


git-svn-id: http://core.svn.wordpress.org/trunk@47070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 18:59:05 +00:00
Sergey Biryukov
3342aafe5e Privacy: Rename wp_get_user_request_data() to wp_get_user_request() for clarity; deprecate the old function.
The function returns an instance of the `WP_User_Request` object itself, not its `$request_data` property.

Follow-up to [44606].

Props garrett-eclipse.
Fixes #46302.
Built from https://develop.svn.wordpress.org/trunk@47245


git-svn-id: http://core.svn.wordpress.org/trunk@47045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 19:57:05 +00:00
Sergey Biryukov
c14f2b74c0 Privacy: Include session tokens in Personal Data Export.
Session tokens contain an IP address and user agent.

Props garrett-eclipse, nickylimjj, lakenh, xkon, rconde.
Fixes #45889.
Built from https://develop.svn.wordpress.org/trunk@47237


git-svn-id: http://core.svn.wordpress.org/trunk@47037 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 05:44:04 +00:00
Sergey Biryukov
346f505a75 Privacy: Include community-events-location user meta value in Personal Data Export.
The value is used by the WordPress Events and News widget to show relevant WP community events.

The location information may include an IP address, location description, and latitude/longitude coordinates.

Props garrett-eclipse, coreymckrill, xkon.
Fixes #43921.
Built from https://develop.svn.wordpress.org/trunk@47236


git-svn-id: http://core.svn.wordpress.org/trunk@47036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 05:32:06 +00:00
Sergey Biryukov
641c632b0c Coding Standards: Use Yoda conditions where appropriate.
See #49222.
Built from https://develop.svn.wordpress.org/trunk@47219


git-svn-id: http://core.svn.wordpress.org/trunk@47019 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 16:55:09 +00:00
Sergey Biryukov
deb1886078 Accessibility: Text Changes: Use sentence case for the word Error in various error messages, instead of all caps.
Using all caps should be avoided for better readability and because screen readers may pronounce all-caps words as abbreviations.

Props afercia, ryokuhi, sabernhardt, garrett-eclipse.
See #47656, #43037, #42945.
Built from https://develop.svn.wordpress.org/trunk@47156


git-svn-id: http://core.svn.wordpress.org/trunk@46956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-01 21:38:04 +00:00
Sergey Biryukov
001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov
c3f9af4f00 Docs: Adjust documentation for some pre_* filters for consistency.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@47101


git-svn-id: http://core.svn.wordpress.org/trunk@46901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-22 00:25:04 +00:00
Sergey Biryukov
dd79e6e107 Docs: Correct DocBlock formatting for filters accepting the $parsed_args parameter.
Follow-up to [45667].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47096


git-svn-id: http://core.svn.wordpress.org/trunk@46896 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-21 15:41:04 +00:00
Sergey Biryukov
dd4d98a368 Docs: In various @return tags, list the expected type first, instead of false.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
John Blackbourn
f93ee2ca76 Docs: Increase the specificity of various docblock parameter types and return types.
See #48303
Built from https://develop.svn.wordpress.org/trunk@46823


git-svn-id: http://core.svn.wordpress.org/trunk@46623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-12-06 22:43:04 +00:00
Sergey Biryukov
1d1c74385f REST API: Use strict in_array() checks for the list of usernames blacklisted via illegal_user_logins filter.
See #48839.
Built from https://develop.svn.wordpress.org/trunk@46804


git-svn-id: http://core.svn.wordpress.org/trunk@46604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-29 22:04:02 +00:00
Sergey Biryukov
1f816ad18d Docs: Use the {@see ...} tag for the replacement in @deprecated tags, so that Developer Reference could automatically link to the replacement.
Props jrf.
See #48255.
Built from https://develop.svn.wordpress.org/trunk@46685


git-svn-id: http://core.svn.wordpress.org/trunk@46485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-09 13:05:02 +00:00
Sergey Biryukov
f60094679f Coding Standards: Consistently use do_action_deprecated() and apply_filters_deprecated() for deprecated hooks.
Props jrf.
See #48255.
Built from https://develop.svn.wordpress.org/trunk@46684


git-svn-id: http://core.svn.wordpress.org/trunk@46484 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-09 12:59:03 +00:00
John Blackbourn
f545bb3f63 Docs: Improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46660


git-svn-id: http://core.svn.wordpress.org/trunk@46460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:23:02 +00:00
whyisjake
a87271af60 Login and Registration: Allow email logins to be more flexible.
Allows a login to have an apostorphe. Which would normally be created as a mistake, but this allows the login to happen.

Fixes #38744
Props wpkuf, desrosj, socalchristina, bibliofille, santilinwp, nsubugak, sncoker, cafenoirdesign, whyisjake.


Built from https://develop.svn.wordpress.org/trunk@46640


git-svn-id: http://core.svn.wordpress.org/trunk@46440 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-03 20:12:02 +00:00
Andrea Fercia
51814d68af Accessibility: Login and Registration: Improve the invalid username and invalid email messages.
- explicitly informs users they can use their email to log in as an alternative to their username and vice-versa
- shows the `Lost your password?` link only when an wrong password has been entered
- uses a more appropriate copy by changing "invalid" to "unknown"
- removes the all caps `ERROR`

Props subrataemfluence, zalak151291, ryokuhi, SergeyBiryukov, audrasjb, joedolson, marybaum, ramiy, markjaquith, chanthaboune, afercia.
Fixes #43037.

Built from https://develop.svn.wordpress.org/trunk@46417


git-svn-id: http://core.svn.wordpress.org/trunk@46215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-07 11:54:05 +00:00
Sergey Biryukov
dcb08f0637 Docs: Fix placement of some duplicate hook references.
Hook documentation should be on the line directly above the line containing the `do_action()` or `apply_filters()` call. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of duplicate hook references.

Includes minor code layout fixes.

See #47110.
Built from https://develop.svn.wordpress.org/trunk@46088


git-svn-id: http://core.svn.wordpress.org/trunk@45900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-10 19:23:55 +00:00
Sergey Biryukov
e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov
16b8d91baa I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 17:13:59 +00:00
Sergey Biryukov
ad7b2949ba Users: Adjust [45708] to make sure wp_update_user() does not issue a WP_Error if a single site was previously set up as Multisite and there's still a spam field in the user table.
Add a unit test.

Props azaozz, SergeyBiryukov.
Fixes #45747.
Built from https://develop.svn.wordpress.org/trunk@45874


git-svn-id: http://core.svn.wordpress.org/trunk@45685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-22 01:53:55 +00:00
Sergey Biryukov
022de7321e Users: In wp_insert_user(), account for the wp_pre_insert_user_data filter returning empty data.
Props juliobox, SergeyBiryukov.
Fixes #47902.
Built from https://develop.svn.wordpress.org/trunk@45858


git-svn-id: http://core.svn.wordpress.org/trunk@45669 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-20 17:26:55 +00:00
Sergey Biryukov
d9954ed4cb Privacy: Add descriptions for sections in a personal data export file.
Props garrett-eclipse, Venutius, karmatosed.
Fixes #45491.
Built from https://develop.svn.wordpress.org/trunk@45825


git-svn-id: http://core.svn.wordpress.org/trunk@45636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-18 02:07:57 +00:00
Sergey Biryukov
65420d3c7a Users: Replace raw SQL query in check_password_reset_key() with get_user_by().
Props davidbaumwald, iworks, spacedmonkey.
Fixes #45845.
Built from https://develop.svn.wordpress.org/trunk@45716


git-svn-id: http://core.svn.wordpress.org/trunk@45527 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 19:19:55 +00:00
Sergey Biryukov
ee5e044a2a Users: Use clean_user_cache() in wp_insert_user(), wp_update_user(), wp_set_password(), add_user_to_blog().
Props spacedmonkey.
Fixes #47021.
Built from https://develop.svn.wordpress.org/trunk@45715


git-svn-id: http://core.svn.wordpress.org/trunk@45526 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 17:49:57 +00:00
Sergey Biryukov
75857aa857 Users: Use wp_update_user() in get_password_reset_key().
Props jayswadas, spacedmonkey, donmhico, SergeyBiryukov.
Fixes #45746.
Built from https://develop.svn.wordpress.org/trunk@45714


git-svn-id: http://core.svn.wordpress.org/trunk@45525 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 17:25:55 +00:00
Sergey Biryukov
f6189321e1 Users: Reorganize user_nicename, user_url, user_registered setting in wp_insert_user() for consistency with the order or fields in the database.
See #45746.
Built from https://develop.svn.wordpress.org/trunk@45713


git-svn-id: http://core.svn.wordpress.org/trunk@45524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 17:13:57 +00:00
Sergey Biryukov
b32cff72c2 Users: Deprecate update_user_status() in favor of wp_update_user().
Props spacedmonkey, SergeyBiryukov.
Fixes #45747.
Built from https://develop.svn.wordpress.org/trunk@45708


git-svn-id: http://core.svn.wordpress.org/trunk@45519 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-01 11:28:54 +00:00
Sergey Biryukov
8e85299a00 General: First pass at replacing Codex URLs with a corresponding HelpHub or DevHub article.
Props ianbelanger, tobifjellner, SergeyBiryukov.
See #47771.
Built from https://develop.svn.wordpress.org/trunk@45674


git-svn-id: http://core.svn.wordpress.org/trunk@45485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 22:45:57 +00:00
Sergey Biryukov
18bd01985b Coding Standards: Rename $r variable used with wp_parse_args() to $parsed_args for clarity.
Props freewebmentor.
Fixes #45059.
Built from https://develop.svn.wordpress.org/trunk@45667


git-svn-id: http://core.svn.wordpress.org/trunk@45478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 00:48:58 +00:00
Gary Pendergast
a571a7d621 Code Modernisation: Fix known instances of array access on data types that can't be accessed as arrays.
PHP 7.4 addes a warning when trying access a null/bool/int/float/resource (everything but array, string and object) as if it were an array.

This change fixes all of these warnings visible in unit tests.

Props jrf.
See #47704.



Built from https://develop.svn.wordpress.org/trunk@45639


git-svn-id: http://core.svn.wordpress.org/trunk@45450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-15 06:25:57 +00:00
Gary Pendergast
4803fc405e Coding Standards: Fix the Squiz.PHP.DisallowMultipleAssignments violations in wp-includes.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Andrew Ozz
d0c1b77cda Privacy tools:
- Move the (remaining) privacy tools related functions from `wp-admin/includes/file.php` to `wp-admin/includes/privacy-tools.php`.
- Move the `WP_User_Request` class to a separate file.

See #43895.
Built from https://develop.svn.wordpress.org/trunk@45519


git-svn-id: http://core.svn.wordpress.org/trunk@45330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-10 23:54:53 +00:00
desrosj
012d05f5c0 Docs: Add missing documentation for the locale meta field.
The user’s locale is passed in the `$meta` parameter for `insert_user_meta`. Added in [38705].

Props tmatsuur.
Fixes #47423.
Built from https://develop.svn.wordpress.org/trunk@45479


git-svn-id: http://core.svn.wordpress.org/trunk@45290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-30 14:37:53 +00:00
John Blackbourn
d4d1267847 I18N: Improvements to and additions of translator comments for various email subject strings.
Props ramiy

Fixes #46920

Built from https://develop.svn.wordpress.org/trunk@45204


git-svn-id: http://core.svn.wordpress.org/trunk@45013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-15 22:39:50 +00:00
Gary Pendergast
9a80e2095b Text Changes: Tweak the wording of email notification subjects.
This change brings more coherence between the subject lines of the various emails WordPress will send.

Props ramiy, pento.
Fixes #37940.

Built from https://develop.svn.wordpress.org/trunk@45137


git-svn-id: http://core.svn.wordpress.org/trunk@44946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-08 06:17:51 +00:00
Sergey Biryukov
b6a145ccb5 Privacy: Ensure the privacy data erase fulfillment email is sent in the locale of the user whose data is being erased (or the site's default locale if they are not a registered user) when the administrator fulfilling the request uses a different locale.
Props desrosj, birgire, garrett-eclipse.
Fixes #44721.
Built from https://develop.svn.wordpress.org/trunk@45039


git-svn-id: http://core.svn.wordpress.org/trunk@44848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-27 19:41:53 +00:00
desrosj
38589e14e2 General: Ensure error messages end with a period for consistency.
Props garrett-eclipse, birgire.
See #44901.
Built from https://develop.svn.wordpress.org/trunk@44930


git-svn-id: http://core.svn.wordpress.org/trunk@44761 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-19 02:37:52 +00:00
Felix Arntz
97d33e5231 Multisite: Do not prime site meta caches unless necessary.
Props spacedmonkey.
Fixes #46357. See #46167.

Built from https://develop.svn.wordpress.org/trunk@44926


git-svn-id: http://core.svn.wordpress.org/trunk@44757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-18 15:56:51 +00:00
Andrea Fercia
31e34400a5 Accessibility: Login: Display error messages when both the username and password fields are empty.
For accessibility and usability, if an input error is detected, the item that is in error needs to be identified and the error needs to be described to the user in text (WCAG Success Criterion 3.3.1). The login form displays an error when the username field is empty or when the password field is empty. It omits to do so when both fields are empty.

This change restores the login form behavior to the one that used to work in WordPress 2.3 (!) and displays the related error messages also when both fields are empty.

Props birgire, audrasjb.
See #8938, #5405, #3708.
Fixes #42985.

Built from https://develop.svn.wordpress.org/trunk@44918


git-svn-id: http://core.svn.wordpress.org/trunk@44749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-16 15:22:53 +00:00
desrosj
35b558a3a0 Privacy: Allow new requests to be created after a user’s existing one has been completed.
When dealing with personal data exports and erasure requests, it is important to have a log of all the requests for a specific person. This is often required to confirm when and how many times requests were completed and fulfilled properly. 

This change allows a new request to be created after a previous data request has reached completed status (`request-completed`) instead of requiring admins to delete or re-initiate the existing request. The latter approach removes the historical log of requests for that user when creating a new request.

Full unit tests for the `wp_create_user_request()` function are also included.

Props garrett-eclipse, cc0a, birgire, desrosj.
Fixes #44707.
Built from https://develop.svn.wordpress.org/trunk@44906


git-svn-id: http://core.svn.wordpress.org/trunk@44737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-15 16:27:49 +00:00
Sergey Biryukov
e0e99fe82e Users: Revert [44780] pending test failure investigation.
See #45845.
Built from https://develop.svn.wordpress.org/trunk@44784


git-svn-id: http://core.svn.wordpress.org/trunk@44616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-28 22:58:50 +00:00
Sergey Biryukov
43324cec8b Users: Replace raw SQL query in check_password_reset_key() with get_user_by().
Props davidbaumwald, iworks, spacedmonkey.
Fixes #45845.
Built from https://develop.svn.wordpress.org/trunk@44780


git-svn-id: http://core.svn.wordpress.org/trunk@44612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-28 14:39:50 +00:00
desrosj
50ddffbac3 Privacy: Use consistent variable naming when working with privacy requests.
Throughout the core privacy functions, `WP_User_Request` instances were stored in variables named both `$request`, and `$request_data`. This changes all occurrences of `$request_data` to `$request` for better consistency.

Props nateallen, bruceallen, garrett-eclipse.
Fixes #44708.
Built from https://develop.svn.wordpress.org/trunk@44606


git-svn-id: http://core.svn.wordpress.org/trunk@44437 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 22:35:52 +00:00
Gary Pendergast
c062e39ac8 Docs: Tweak the docblock for setup_userdata().
This is a followup to [44603]. The default value should be last, not somewhere in the middle.

Props swissspidy.
Fixes #44697.


Built from https://develop.svn.wordpress.org/trunk@44605


git-svn-id: http://core.svn.wordpress.org/trunk@44436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 10:29:50 +00:00
Gary Pendergast
e0c4e5b610 Users: Correct the default value in setup_userdata().
The `$for_user_id` parameter is an `int`, not a `string`, so the default value should be `0`, rather than an empty string.

Props subrataemfluence.
Fixes #44697.


Built from https://develop.svn.wordpress.org/trunk@44603


git-svn-id: http://core.svn.wordpress.org/trunk@44434 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 06:33:50 +00:00
Gary Pendergast
8ddef3e98d Users: Check that a valid user is passed to get_password_reset_key().
Props edocev.
Fixes #44601.


Built from https://develop.svn.wordpress.org/trunk@44602


git-svn-id: http://core.svn.wordpress.org/trunk@44433 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 06:27:49 +00:00
Gary Pendergast
120710d8f8 Coding Standards: Move assignments out of conditions in wp-includes/user.php.
Props subrataemfluence.
See #44315.


Built from https://develop.svn.wordpress.org/trunk@44597


git-svn-id: http://core.svn.wordpress.org/trunk@44428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-15 05:38:49 +00:00
Gary Pendergast
0b44fae46b Privacy: Fix a code formatting error introduced in [44491].
See #44908.


Built from https://develop.svn.wordpress.org/trunk@44494


git-svn-id: http://core.svn.wordpress.org/trunk@44325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 04:33:50 +00:00
Gary Pendergast
53e40b7fda Privacy: Remove some unnecessary parameters being passed to wp_update_post() by wp_generate_user_request_key().
Props garrett-eclipse.
Fixes #44908.


Built from https://develop.svn.wordpress.org/trunk@44491


git-svn-id: http://core.svn.wordpress.org/trunk@44322 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-09 03:51:48 +00:00
Gary Pendergast
0f3835d394 Users: Add the pre_count_users filter.
Props spacedmonkey.
Fixes #43693.


Built from https://develop.svn.wordpress.org/trunk@44473


git-svn-id: http://core.svn.wordpress.org/trunk@44304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 09:49:50 +00:00
Gary Pendergast
e83f753246 Coding Standards: Fix an error introduced in [44465].
See #45748.


Built from https://develop.svn.wordpress.org/trunk@44470


git-svn-id: http://core.svn.wordpress.org/trunk@44301 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 09:03:50 +00:00
Gary Pendergast
8d2ee69f9d Users: Use email_exists() in send_confirmation_on_profile_email(), instead of a manual query.
This gives us caching, and removes the use of the `$wpdb` global.

Props spacedmonkey, pento.
Fixes #45748.


Built from https://develop.svn.wordpress.org/trunk@44465


git-svn-id: http://core.svn.wordpress.org/trunk@44296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 06:07:51 +00:00
Sergey Biryukov
7ee752e40c Privacy: When clicking a confirmation link for a privacy request, return a WP_Error object if the link has expired.
Returning a string caused a success message to be displayed instead of the correct error message.

Props desrosj.
Fixes #44685.
Built from https://develop.svn.wordpress.org/trunk@43623


git-svn-id: http://core.svn.wordpress.org/trunk@43452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:44:24 +00:00
Gary Pendergast
56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov
08af3900c3 Privacy: Ensure the user request email is sent in the requested user's locale (or the site's default locale if they are not a registered user) when the administrator creating the request uses a different locale.
Props desrosj, Chouby, iandunn, lbenicio, birgire, earnjam, swissspidy, garrett-eclipse.
Fixes #43985.
Built from https://develop.svn.wordpress.org/trunk@43568


git-svn-id: http://core.svn.wordpress.org/trunk@43397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-13 16:32:27 +00:00
Andrew Ozz
b1330814e2 Privacy: Add $request to $email_data to make it available to all filters.
Props desrosj.
Fixes #44379.
Built from https://develop.svn.wordpress.org/trunk@43477


git-svn-id: http://core.svn.wordpress.org/trunk@43304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:53:25 +00:00
Andrew Ozz
04b8839454 Privacy: Add filter for the subject of the erasure complete notification emails.
Props desrosj.
Fixes #44265.
Built from https://develop.svn.wordpress.org/trunk@43475


git-svn-id: http://core.svn.wordpress.org/trunk@43302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:42:25 +00:00
Sergey Biryukov
357a663899 Privacy: Change @since entry for user_request_confirmed_email_subject filter added in [43373] to 4.9.8.
See #44382.
Built from https://develop.svn.wordpress.org/trunk@43451


git-svn-id: http://core.svn.wordpress.org/trunk@43278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 12:12:25 +00:00
Felix Arntz
057b221af7 Privacy: Use consistent values for the site name and URL used in notification emails.
The functions `send_confirmation_on_profile_email()`, `_wp_privacy_send_request_confirmation_notification()`, `_wp_privacy_send_erasure_fulfillment_notification()`, and `wp_send_user_request()` all include a title and URL indicating the current site. However, so far they have dealt with those values inconsistently, sometimes using the site values, other times using the network values if in a multisite. This changeset ensures that only the current site is taken into account in all cases and that special characters in the site name are consistently decoded.

Props subrataemfluence, desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43388


git-svn-id: http://core.svn.wordpress.org/trunk@43216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 17:00:25 +00:00
Andrew Ozz
be6aa715fe Privacy: use wp_login_url() for the link in the user confirmation email.
Props desrosj, usmankhalid.
Fixes #44353.
Built from https://develop.svn.wordpress.org/trunk@43379


git-svn-id: http://core.svn.wordpress.org/trunk@43207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:47 +00:00
Andrew Ozz
3ce87b62f9 Privacy: add user request type to the admin notification email subject.
Props birgire, desrosj.
Fixes #44099.
Built from https://develop.svn.wordpress.org/trunk@43375


git-svn-id: http://core.svn.wordpress.org/trunk@43203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:03 +00:00
Andrew Ozz
ac269e570e Privacy: filter the email subject in _wp_privacy_send_request_confirmation_notification().
Props garrett-eclipse, birgire, desrosj.
Fixes #44382.
Built from https://develop.svn.wordpress.org/trunk@43373


git-svn-id: http://core.svn.wordpress.org/trunk@43201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:41:13 +00:00
John Blackbourn
0aa2902436 Security: Harden the random aspect of the hash used for user profile and admin email address changes.
Props BjornW

Fixes #43771

Built from https://develop.svn.wordpress.org/trunk@43367


git-svn-id: http://core.svn.wordpress.org/trunk@43195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:43 +00:00
Sergey Biryukov
33c708feca Privacy: Remove unnecessary This email has been sent to ###EMAIL### from privacy emails.
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.

Props iandunn, ianbelanger, desrosj.
Fixes #44030.
Built from https://develop.svn.wordpress.org/trunk@43353


git-svn-id: http://core.svn.wordpress.org/trunk@43181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:32:48 +00:00
Sergey Biryukov
e0e564d84b Users: In wp_validate_user_request_key(), properly return the WP_Error object in case the confirmation email has expired.
Props itowhid06.
Fixes #44298.
Built from https://develop.svn.wordpress.org/trunk@43331


git-svn-id: http://core.svn.wordpress.org/trunk@43159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:23:27 +00:00
Andrew Ozz
3ee58b55b1 Privacy: improve inline documentation.
Props desrosj.
Fixes #44075.
Built from https://develop.svn.wordpress.org/trunk@43256


git-svn-id: http://core.svn.wordpress.org/trunk@43085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 14:53:21 +00:00
iandunn
b26ab11343 Privacy: Expose erasure notification recipient to filter callbacks.
The previous `user_email` value was redundant, because it always matched `$request_data->email`. That value might be different from where the message is sent, though, if the `user_erasure_fulfillment_email_to` filter is used. If they are different, then callbacks for the `user_confirmed_action_email_content` filter may want to distinguish between the email address of the user making the request, and the email address that the confirmation notification is being sent to.

Props desrosj, iandunn.
See #43973.

Built from https://develop.svn.wordpress.org/trunk@43236


git-svn-id: http://core.svn.wordpress.org/trunk@43065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 21:20:22 +00:00
Sergey Biryukov
ae2b929294 Privacy: Update request confirmation notice text for clarity.
Props desrosj, melchoyce, garrett-eclipse.
Fixes #43970.
Built from https://develop.svn.wordpress.org/trunk@43232


git-svn-id: http://core.svn.wordpress.org/trunk@43061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:53:21 +00:00
Sergey Biryukov
bed52dda40 Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.
Props desrosj, allendav, garrett-eclipse.
Fixes #43973.
Built from https://develop.svn.wordpress.org/trunk@43230


git-svn-id: http://core.svn.wordpress.org/trunk@43059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:43:22 +00:00
Andrew Ozz
7d9265e5c5 Privacy: cleanup of the "Export Personal Data" and "Erase Personal Data" screens.
Props desrosj, xkon.
See #43929.
Built from https://develop.svn.wordpress.org/trunk@43212


git-svn-id: http://core.svn.wordpress.org/trunk@43041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 10:01:21 +00:00
iandunn
06fd54dab6 Privacy: Notify admin via email when a request is confirmed.
Previously the admin didn't have any way to know if a pending request was ready to be processed, aside from manually checking the Export/Erase pages. Sending them an email is a much more convenient option.

Props garrett-eclipse, desrosj, iandunn.
See #43967.

Built from https://develop.svn.wordpress.org/trunk@43211


git-svn-id: http://core.svn.wordpress.org/trunk@43040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 05:00:20 +00:00
Andrew Ozz
89a11a8c42 Privacy: remove leftover comment after [43197].
See #43968.
Built from https://develop.svn.wordpress.org/trunk@43199


git-svn-id: http://core.svn.wordpress.org/trunk@43028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 17:57:20 +00:00
Andrew Ozz
f665d16945 Privacy: add request type and filter to the subject of request confirmation emails for GDPR.
Props desrosj, azaozz.
See #43968.
Built from https://develop.svn.wordpress.org/trunk@43197


git-svn-id: http://core.svn.wordpress.org/trunk@43026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 17:51:21 +00:00
Sergey Biryukov
db66ae1123 Docs: Remove unused ###USERNAME### placeholder reference from user_request_action_email_content filter documentation.
Props desrosj.
Fixes #44016.
Built from https://develop.svn.wordpress.org/trunk@43189


git-svn-id: http://core.svn.wordpress.org/trunk@43018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 14:38:21 +00:00
Sergey Biryukov
8bc4e6d94f Privacy: Use the terms "erase"/"erasure" instead of "remove"/"removal" for personal data.
Props allendav.
Fixes #43920.
Built from https://develop.svn.wordpress.org/trunk@43175


git-svn-id: http://core.svn.wordpress.org/trunk@43004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-07 16:45:22 +00:00
iandunn
3d4c461e50 Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Fixes #43931.

Built from https://develop.svn.wordpress.org/trunk@43154


git-svn-id: http://core.svn.wordpress.org/trunk@42983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:28:21 +00:00
Andrew Ozz
3a43a64c20 Privacy: fix inconsistencies in new strings.
Props audrasjb.
Fixes #43925.
Built from https://develop.svn.wordpress.org/trunk@43118


git-svn-id: http://core.svn.wordpress.org/trunk@42947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 18:42:21 +00:00
Andrew Ozz
f4e6b7a29c Privacy: add user information to the personal data export file.
Props TZ-Media, desrosj.
See #43547.

Built from https://develop.svn.wordpress.org/trunk@43055


git-svn-id: http://core.svn.wordpress.org/trunk@42884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 13:59:21 +00:00
Andrew Ozz
bfc9c2f469 Fix docs and white space.
Props desrosj.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@43014


git-svn-id: http://core.svn.wordpress.org/trunk@42843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-28 12:04:21 +00:00
Andrew Ozz
b044b4053e Privacy: add means to export personal data by username or email address. Generate a zipped export file containing all data. First run.
Props allendav.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43012


git-svn-id: http://core.svn.wordpress.org/trunk@42841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 19:54:21 +00:00
Andrew Ozz
e9eb7518c0 Privacy: update and enhance the method to confirm user requests by email. Introduce WP_User_Request to hold all request vars similarly to WP_Post.
Props mikejolley.
See #43443.

Built from https://develop.svn.wordpress.org/trunk@43011


git-svn-id: http://core.svn.wordpress.org/trunk@42840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 17:31:22 +00:00
Andrew Ozz
f1703c0e70 Privacy: update the method to confirm user requests by email. Use a single CPT to store the requests and to allow logging/audit trail.
Props mikejolley.
See #43443.

Built from https://develop.svn.wordpress.org/trunk@43008


git-svn-id: http://core.svn.wordpress.org/trunk@42837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 10:12:22 +00:00
Andrew Ozz
108578a8ec Privacy: add new wp-admin screens for exporting and removing of personal data.
Props @melchoyce, @mikejolley, @allendav, @xkon.
See #43481.
Built from https://develop.svn.wordpress.org/trunk@42967


git-svn-id: http://core.svn.wordpress.org/trunk@42796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-10 18:02:30 +00:00
Andrew Ozz
d3f054b5a9 Privacy: fixes and updates for the method to confirm user requests by email.
- Improve function and variable names.
- Allow extra data to be passed with the request.
- Make the option/user meta names more consistent.
- Adds an inline comment explaining use of hash.

Props mikejolley.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@42964


git-svn-id: http://core.svn.wordpress.org/trunk@42793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-06 19:10:30 +00:00
Sergey Biryukov
4848a09b35 I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders.
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.

Fixes #43523.
Built from https://develop.svn.wordpress.org/trunk@42827


git-svn-id: http://core.svn.wordpress.org/trunk@42657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-11 16:44:34 +00:00
Andrew Ozz
791b11bc3f Add a method to confirm user requests by email. First run.
Props mikejolley.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@42791


git-svn-id: http://core.svn.wordpress.org/trunk@42621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-06 23:47:30 +00:00
Sergey Biryukov
7b7ca428f3 Docs: Clarify that wp_update_user() accepts an array as $userdata argument.
Props nextendweb.
Fixes #43051.
Built from https://develop.svn.wordpress.org/trunk@42774


git-svn-id: http://core.svn.wordpress.org/trunk@42604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-04 18:12:31 +00:00
Sergey Biryukov
0e802a627d General: Introduce WP_Error::has_errors() method and use it where appropriate.
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742.
Built from https://develop.svn.wordpress.org/trunk@42761


git-svn-id: http://core.svn.wordpress.org/trunk@42591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-27 02:31:31 +00:00
Drew Jaynes
6e665d1f15 Docs: Link to the "Conditional Tags" article in the Theme Developer Handbook from the descriptions for a variety of core conditional tag functions.
These notations largely serve to direct consumers (of both the source and the parsed code reference) to extended information on individual and related conditional tags throughout WordPress. The changeset also standardizes corresponding DocBlock summaries to use third-person singular verbs.

Notations been added for the following functions:

* comments_open()
* email exists()
* has_excerpt()
* has_post_thumbnail()
* has_tag()
* in_category()
* in_the_loop()
* is_404()
* is_active_sidebar()
* is_active_widget()
* is_admin()
* is_admin_bar_showing()
* is_archive()
* is_attachment()
* is_author()
* is_blog_installed()
* is_category()
* is_comments_popup()
* is_date()
* is_day()
* is_dynamic_sidebar()
* is_feed()
* is_front_page()
* is_home()
* is_local_attachment()
* is_main_query
* is_month()
* is_multi_author
* is_new_day()
* is_page()
* is_page_template()
* is_paged()
* is_plugin_active()
* is_plugin_active_for_network()
* is_plugin_inactive()
* is_plugin_page()
* is_post_type_archive()
* is_preview()
* is_rtl()
* is_search()
* is_single()
* is_singular()
* is_sticky()
* is_tag()
* is_tax()
* is_taxonomy_hierarchical()
* is_time()
* is_trackback()
* is_user_logged_in()
* is_year()
* pings_open()
* post_type_exists()
* taxonomy_exists()
* term_exists()
* username exists()
* wp_attachment_is_image()
* wp_script_is()

Props janalwin.
Fixes #43254.

Built from https://develop.svn.wordpress.org/trunk@42710


git-svn-id: http://core.svn.wordpress.org/trunk@42538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-13 16:54:31 +00:00
John Blackbourn
91464bce65 Docs: Add missing code formatting to various @since entries.
See #42505

Built from https://develop.svn.wordpress.org/trunk@42678


git-svn-id: http://core.svn.wordpress.org/trunk@42506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-09 16:55:31 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
John Blackbourn
2ad86e1e82 Docs: Correct some @since MU notation that was broken in [41200].
Every function introduced by MU was introduced in 3.0.0 as this was when MU was merged.

See #41509

Built from https://develop.svn.wordpress.org/trunk@41714


git-svn-id: http://core.svn.wordpress.org/trunk@41548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-03 17:44:48 +00:00
John Blackbourn
4a16295dc5 Docs: Standardise the format used for documenting parameters passed by reference.
See #35974, #41017

Built from https://develop.svn.wordpress.org/trunk@41688


git-svn-id: http://core.svn.wordpress.org/trunk@41522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:14:46 +00:00
Felix Arntz
eedca8f3da Multisite: Fix wp_get_users_with_no_role() possibly including users with a role on a different site.
Prior to this change, when passing another site than the current one to `wp_get_users_with_no_role()` through its `$site_id` parameter, the function still used the roles available on the current site, which would cause users with other roles that possibly exist on the other site to show up as users without a role. Switching the site before retrieving the available rules fixes the issue.

Fixes #42015.

Built from https://develop.svn.wordpress.org/trunk@41654


git-svn-id: http://core.svn.wordpress.org/trunk@41488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 04:10:45 +00:00
Felix Arntz
5edfea22b9 Multisite: Fix count_users() possibly querying incorrect roles when passed a different site ID.
The `time` strategy in `count_users()` queries users by role. However, the roles queried for were not affected by passing another site than the current one through the `$site_id` parameter, causing users having roles that were not queried for to appear as users without a role. This changeset fixes the issue by switching the site before retrieving the roles to query for.

Fixes #42014.

Built from https://develop.svn.wordpress.org/trunk@41653


git-svn-id: http://core.svn.wordpress.org/trunk@41487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 03:54:45 +00:00
Sergey Biryukov
5046ef73c3 Docs: Correct description for insert_user_meta filter.
Props milana_cap, desrosj.
Fixes #41951.
Built from https://develop.svn.wordpress.org/trunk@41564


git-svn-id: http://core.svn.wordpress.org/trunk@41397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 13:14:45 +00:00
Weston Ruter
90bedf8f9d Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion.
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.

Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes #12423, #39892.

Built from https://develop.svn.wordpress.org/trunk@41376


git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-13 06:08:47 +00:00
John Blackbourn
28eda6f4bc General: Improve terminology used when referring to installations of WordPress and its extensions.
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.

This change fixes the usage in user-facing text and in developer documentation.

Fixes #41620

Built from https://develop.svn.wordpress.org/trunk@41289


git-svn-id: http://core.svn.wordpress.org/trunk@41129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 11:52:48 +00:00
Drew Jaynes
d2b78649a2 Docs: Document user object parameters for a variety of functions in wp-includes/user.php as WP_User type instead of the more generic object type.
Props sebastianpisula.
Fixes #40945.

Built from https://develop.svn.wordpress.org/trunk@41272


git-svn-id: http://core.svn.wordpress.org/trunk@41112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-19 20:19:44 +00:00
John Blackbourn
c184d766e9 Docs: Correct and improve the documentation for the send_confirmation_on_profile_email() function and the new_user_email_content filter.
See #41017

Built from https://develop.svn.wordpress.org/trunk@41209


git-svn-id: http://core.svn.wordpress.org/trunk@41049 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-02 20:43:44 +00:00
Drew Jaynes
0401cee8b3 Docs: Reduce confusion in @since MU notationss by indicating the WP version (3.0.0) the code was merged into core while retaining the original context.
Props sathyapulse.
Fixes #41509.

Built from https://develop.svn.wordpress.org/trunk@41200


git-svn-id: http://core.svn.wordpress.org/trunk@41040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-01 20:44:43 +00:00
Drew Jaynes
7f5e00ba29 Docs: Remove an unrelated description about post meta from the DocBlock for add_user_meta().
Clean up syntax.

See #41017.

Built from https://develop.svn.wordpress.org/trunk@41186


git-svn-id: http://core.svn.wordpress.org/trunk@41026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-30 14:32:45 +00:00
John Blackbourn
fb515a8a63 Users: Further fixes to entitiy decoding in the user email address change confirmation email, and the corresponding tests.
See #16470, #40015

Built from https://develop.svn.wordpress.org/trunk@41171


git-svn-id: http://core.svn.wordpress.org/trunk@41011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 14:59:43 +00:00
John Blackbourn
ff20054573 Users: Add the new email address to the email address change notification email.
Fixes #39112

Built from https://develop.svn.wordpress.org/trunk@41166


git-svn-id: http://core.svn.wordpress.org/trunk@41006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:57:43 +00:00
John Blackbourn
30d5450508 Users: Re-add entity decoding to the site name before it's used in the email address change confirmation email.
This was accidentally removed in [41163].

See #40015, #16470

Built from https://develop.svn.wordpress.org/trunk@41165


git-svn-id: http://core.svn.wordpress.org/trunk@41005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:55:43 +00:00
John Blackbourn
62fe4be994 Users: Require a confirmation link in an email to be clicked when a user attempts to change their email address.
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their account.

Props rodrigosprimo, tharsheblows, johnbillion

Fixes #16470

Built from https://develop.svn.wordpress.org/trunk@41163


git-svn-id: http://core.svn.wordpress.org/trunk@41003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:10:42 +00:00
John Blackbourn
6b22dbe59a Login and Registration: Introduce a username_exists filter, which allows for control over registration of usernames.
Props shamim51

Fixes #39320

Built from https://develop.svn.wordpress.org/trunk@41158


git-svn-id: http://core.svn.wordpress.org/trunk@40998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-26 16:25:40 +00:00
John Blackbourn
b4c2f16d01 Users: Ensure that users with no role on a site are taken into consideration when listing users on Multisite.
This ensures that users who are a member of a site but have no role are correctly listed on the Users screen and can be filtered from the 'None' role filter.

Props tobi823, flixos90, scottlee

Fixes #36196

Built from https://develop.svn.wordpress.org/trunk@41138


git-svn-id: http://core.svn.wordpress.org/trunk@40978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-25 00:24:43 +00:00