Commit Graph

497 Commits

Author SHA1 Message Date
Sergey Biryukov
823ec0859a Docs: Correct @staticvar entry for wp_rand().
Props chetan200891, birgire.
Fixes #42796.
Built from https://develop.svn.wordpress.org/trunk@42377


git-svn-id: http://core.svn.wordpress.org/trunk@42206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-07 13:53:47 +00:00
Drew Jaynes
f4faaa53c7 Docs: Improve the usefulness of docs for wp_generate_password() by noting the use of wp_rand() vs rand() or mt_rand().
Props webdevmattcrom.
Fixes #42782.

Built from https://develop.svn.wordpress.org/trunk@42373


git-svn-id: http://core.svn.wordpress.org/trunk@42202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-04 22:40:47 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
John Blackbourn
bb5621a084 General: Pass on the return value from wp_redirect() for wp_safe_redirect().
This brings the behaviour of the two functions in line with each other.

Props Drivingralle

Fixes 42108

Built from https://develop.svn.wordpress.org/trunk@42206


git-svn-id: http://core.svn.wordpress.org/trunk@42035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-20 20:24:48 +00:00
John Blackbourn
3be5d4b4f0 Docs: Improve inline docs for the wp_redirect() and wp_safe_redirect() functions.
See #42505, #42108

Built from https://develop.svn.wordpress.org/trunk@42143


git-svn-id: http://core.svn.wordpress.org/trunk@41974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-10 13:44:47 +00:00
Sergey Biryukov
806b2a5af1 Comments: Change IP references in moderation option labels and email notifications to IP address for clarity.
Props mako09, gk.loveweb, bradparbs.
Fixes #40382.
Built from https://develop.svn.wordpress.org/trunk@41704


git-svn-id: http://core.svn.wordpress.org/trunk@41538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-03 13:09:47 +00:00
John Blackbourn
9fdbe6538e Docs: Remove & prefixes from parameter documentation to avoid doc parsing errors.
Props sudar for the original patch.

See #35974

Built from https://develop.svn.wordpress.org/trunk@41686


git-svn-id: http://core.svn.wordpress.org/trunk@41520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:03:33 +00:00
John Blackbourn
f2a0b5267d Login and Registration: Pass the user session token to the set_auth_cookie and set_logged_in_cookie filters.
This also adds some missing `@since` parameters for other uses of the token so that developers know when the token was first made available to various filters.

Fixes #41849

Built from https://develop.svn.wordpress.org/trunk@41365


git-svn-id: http://core.svn.wordpress.org/trunk@41198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-10 21:09:45 +00:00
John Blackbourn
dee0e3a67b Users: Switch to using array style filters for the newly introduced filters in wp_password_change_notification() and wp_new_user_notification().
This introduces three new filters, replacing those that were introduced in [41153]:

* `wp_password_change_notification_email`
* `wp_new_user_notification_email_admin`
* `wp_new_user_notification_email`

Props pbearne

Fixes #38068

Built from https://develop.svn.wordpress.org/trunk@41213


git-svn-id: http://core.svn.wordpress.org/trunk@41053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 13:21:46 +00:00
Sergey Biryukov
7d2b400876 Users: Use esc_url() instead of esc_attr() to escape the value of the srcset attribute in get_avatar().
Props joemcgill, henry.wright.
Fixes #41215.
Built from https://develop.svn.wordpress.org/trunk@41156


git-svn-id: http://core.svn.wordpress.org/trunk@40996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-26 13:22:44 +00:00
John Blackbourn
b6ca2d77a8 Users: Introduce filters for the contents of email notifications for new user registrations and password resets.
Introduces:

* `wp_password_change_notification_subject`
* `wp_password_change_notification_message`
* `wp_password_change_notification_headers`
* `wp_new_user_notification_admin_subject`
* `wp_new_user_notification_admin_message`
* `wp_new_user_notification_admin_headers`
* `wp_new_user_notification_subject`
* `wp_new_user_notification_message`
* `wp_new_user_notification_headers`

Props pbearne, dipesh.kakadiya

Fixes #38068

Built from https://develop.svn.wordpress.org/trunk@41153


git-svn-id: http://core.svn.wordpress.org/trunk@40993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-26 00:54:43 +00:00
John Blackbourn
9c7c11f268 Users: Clear the user settings cookies when clearing auth cookies.
This prevents lingering cookies when logging out and when switching between user accounts.

Props soulseekah, shanee
Fixes #32567

Built from https://develop.svn.wordpress.org/trunk@40580


git-svn-id: http://core.svn.wordpress.org/trunk@40450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-07 16:54:42 +00:00
Pascal Birchler
72c19648bc Load: Only load PasswordHash class when needed.
This reverts [38371] which loaded `class-phpass.php` early in `wp-settings.php` and in turn caused backward compatibility problems.

Props DavidAnderson, ketuchetan.
Fixes #39445.

Built from https://develop.svn.wordpress.org/trunk@40387


git-svn-id: http://core.svn.wordpress.org/trunk@40294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-06 18:01:42 +00:00
Sergey Biryukov
41666b5e0c Mail: Use correct capitalization for PHPMailer methods in wp_mail().
Props Soean, reidbusi.
Fixes #39702.
Built from https://develop.svn.wordpress.org/trunk@40363


git-svn-id: http://core.svn.wordpress.org/trunk@40270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-01 14:34:43 +00:00
John Blackbourn
96b2923e62 Docs: Remove the duplicate hook documentation for the newly introduced send_auth_cookies filter.
See #39367

Built from https://develop.svn.wordpress.org/trunk@40264


git-svn-id: http://core.svn.wordpress.org/trunk@40184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-10 15:03:42 +00:00
John Blackbourn
265a0f4d98 Build/Test tools: Don't override the wp_set_auth_cookie() and wp_clear_auth_cookie() functions.
Overriding pluggable functions in the test suite is asking for trouble in the future. In addition, it means the test suite can't be guaranteed to behave the same as core.

This instead introduces a `send_auth_cookies` filter which can be hooked in during the test suite to prevent these functions from attempting to send cookie headers to the client.

Fixes #39367

Built from https://develop.svn.wordpress.org/trunk@40263


git-svn-id: http://core.svn.wordpress.org/trunk@40183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-10 14:33:46 +00:00
John Blackbourn
4dffd5b82e Build/Test tools: Revert [40239] due to unrelated changes.
See #39486

Built from https://develop.svn.wordpress.org/trunk@40240


git-svn-id: http://core.svn.wordpress.org/trunk@40170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-08 00:05:42 +00:00
John Blackbourn
28055b9ff5 Build/Test tools: In Travis, skip some tests when not on trunk.
This skips time sensitive tests (copyright year and PHP/MySQL version requirements) when tests are run on branches on Travis.

Props netweb, jorbin
Fixes #39486

Built from https://develop.svn.wordpress.org/trunk@40239


git-svn-id: http://core.svn.wordpress.org/trunk@40169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-08 00:01:46 +00:00
Aaron Campbell
288cd46939 Strip control characters before validating redirect.
Built from https://develop.svn.wordpress.org/trunk@40183


git-svn-id: http://core.svn.wordpress.org/trunk@40122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 13:38:41 +00:00
Dion Hulse
577a192ebd Mail: In PHPMailer 5.2.7 the case of the Send() method changed to send(), update our call for consistency with the library.
Props michalzuber.
Fixes #39469.

Built from https://develop.svn.wordpress.org/trunk@39691


git-svn-id: http://core.svn.wordpress.org/trunk@39631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-05 08:10:42 +00:00
Dion Hulse
1a40f6b7ae Mail: Ensure that any phpmailerException exceptions generated by setFrom() are caught to avoid PHP Fatal errors.
This change avoids a PHP fatal error that can be encountered when the specified (or generated) source email is an invalid address, such as `wordpress@_`, it makes no effort to set a valid source, only avoid the fatal error.

See #25239 for correcting the email address.
Fixes #39360.

Built from https://develop.svn.wordpress.org/trunk@39655


git-svn-id: http://core.svn.wordpress.org/trunk@39595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-30 06:44:40 +00:00
John Blackbourn
80a839de13 Docs: Misc corrections and additions to inline documentation.
See #39130
Props keesiemeijer

Built from https://develop.svn.wordpress.org/trunk@39639


git-svn-id: http://core.svn.wordpress.org/trunk@39579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 09:28:40 +00:00
John Blackbourn
c2d709e9d6 I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment.
See #38882

Built from https://develop.svn.wordpress.org/trunk@39326


git-svn-id: http://core.svn.wordpress.org/trunk@39266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 02:46:30 +00:00
John Blackbourn
4cf5550d8d I18n: Begin introducing translator comments for strings which include placeholders but no accompanying translator comment.
Adds context to one string used in two different contexts for the new user and new site signup email notification.

More to come.

See #38882

Built from https://develop.svn.wordpress.org/trunk@39323


git-svn-id: http://core.svn.wordpress.org/trunk@39263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 01:22:32 +00:00
Helen Hou-Sandí
dab566d973 Mail: Set a better error code when triggering wp_mail_failed.
This error code is now... wait for it... `wp_mail_failed`. Previously, this would have been the originating PHPMailer error code, which could be `0`, which would then fail (pass?) the `empty()` check in the `WP_Error` constructor, thereby rendering the error object fairly useless. The PHPMailer error code is now located within the `WP_Error` data.

props Kau-Boy, stephenharris.
fixes #35598.

Built from https://develop.svn.wordpress.org/trunk@39086


git-svn-id: http://core.svn.wordpress.org/trunk@39028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 04:27:34 +00:00
Drew Jaynes
5f4497f0af Docs: Fix multiple trivial typos throughout a variety of core files.
Props ottok.
Fixes #38489.

Built from https://develop.svn.wordpress.org/trunk@39051


git-svn-id: http://core.svn.wordpress.org/trunk@38993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:28:32 +00:00
Dominik Schilling
7819e2b4ba I18N: Introduce a locale-switching function.
With the introduction of user-specific languages in [38705] it's necessary to be able to switch translations on the fly. For example emails should be sent in the language of the recipient and not the one of the current user.

This introduces a new `WP_Locale_Switcher` class which is used for switching locales and translations. It holds the stack of locales whenever `switch_to_locale( $locale )` is called. With `restore_previous_locale()` you can restore the previous locale. `restore_current_locale()` empties the stack and sets the locale back to the initial value.

`switch_to_locale()` is added to most of core's email functions, either with the value of `get_locale()` (site language) or `get_user_locale()` (user language with fallback to site language).

Props yoavf, tfrommen, swissspidy, pbearne, ocean90.
See #29783.
Fixes #26511.
Built from https://develop.svn.wordpress.org/trunk@38961


git-svn-id: http://core.svn.wordpress.org/trunk@38904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 15:36:31 +00:00
Scott Taylor
a3ffebce30 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38470


git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
John Blackbourn
a1d61a95e1 Security: Return a 403 instead of a 200 HTTP status when check_ajax_referer() fails.
This is, unfortunately, untestable in the current test suite, even in the AJAX tests.

Fixes #36362

Built from https://develop.svn.wordpress.org/trunk@38421


git-svn-id: http://core.svn.wordpress.org/trunk@38362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-28 17:31:30 +00:00
John Blackbourn
b85e322e35 Security: Trigger a _doing_it_wrong() when check_ajax_referer() is called without its first parameter. This brings it inline with check_admin_referer().
Fixes #36361

Built from https://develop.svn.wordpress.org/trunk@38420


git-svn-id: http://core.svn.wordpress.org/trunk@38361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-28 17:15:28 +00:00
Scott Taylor
390ceba6c7 Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38411


git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse
0e31a46161 Bootstrap: Revert [38399] as it's broken /build/ and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335

Built from https://develop.svn.wordpress.org/trunk@38402


git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor
6a529648cf Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38399


git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00
Scott Taylor
481123661c Load: load class-phpass.php (PasswordHash class) early in wp-settings.php, instead of require_once()'ing it in several places.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38371


git-svn-id: http://core.svn.wordpress.org/trunk@38312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 17:40:35 +00:00
Drew Jaynes
f07f1b126e Docs: Add a missing parenthesis in an example in the DocBlock for wp_redirect().
Props shayanys.
See #37770.

Built from https://develop.svn.wordpress.org/trunk@38350


git-svn-id: http://core.svn.wordpress.org/trunk@38291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-25 07:36:31 +00:00
Scott Taylor
b7812bd416 AJAX: add a new function, wp_doing_ajax(), which can replace... (wait for it...) DOING_AJAX checks via the constant.
Props Mte90, sebastian.pisula, swissspidy.
Fixes #25669.

Built from https://develop.svn.wordpress.org/trunk@38334


git-svn-id: http://core.svn.wordpress.org/trunk@38275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 14:33:30 +00:00
Boone Gorges
54fe38c7cc Mail: Don't set Sender field when setting From.
[38058] changed `wp_mail()` so that it used PHPMailer's `setFrom()`
method rather than setting the From and FromName headers directly. See
behavior of setting the `Sender` field. This causes `mail` to be
called with the `-f` flag, which causes outgoing email to fail on some
server environments.

Props Clorith, iandunn, DrewAPicture.
Fixes #37736.
Built from https://develop.svn.wordpress.org/trunk@38286


git-svn-id: http://core.svn.wordpress.org/trunk@38227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-20 02:17:38 +00:00
Boone Gorges
905f4ec0f8 Mail: Improve handling of UTF-8 address headers.
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.

For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.

Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes #21659.
Built from https://develop.svn.wordpress.org/trunk@38058


git-svn-id: http://core.svn.wordpress.org/trunk@37999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 18:04:28 +00:00
Drew Jaynes
6c7148943b Docs: Standardize capitalization of Ajax throughout core documentation per the core spelling guide.
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.

Part props ocean90.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@38028


git-svn-id: http://core.svn.wordpress.org/trunk@37969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-10 00:51:30 +00:00
Sergey Biryukov
139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for _doing_it_wrong(), _deprecated_function(), _deprecated_argument(), and _deprecated_file() throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Jeremy Felt
6f3f00ea97 Multisite: Change WP_Network id property to an integer.
For consistency and developer sanity.

Props flixos90.
Fixes #37050.

Built from https://develop.svn.wordpress.org/trunk@37870


git-svn-id: http://core.svn.wordpress.org/trunk@37811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-26 14:26:29 +00:00
Sergey Biryukov
bbd663415c Text Changes: Simplify two strings in wp_password_change_notification().
Add translator comments.

Props ramiy.
See #35736.
Built from https://develop.svn.wordpress.org/trunk@37704


git-svn-id: http://core.svn.wordpress.org/trunk@37670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 22:09:28 +00:00
Jeremy Felt
d75f77a410 Admin: Allow for the consistent filtering of auth_redirect_scheme
Fixes #37047.

Built from https://develop.svn.wordpress.org/trunk@37651


git-svn-id: http://core.svn.wordpress.org/trunk@37617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-07 20:49:30 +00:00
Drew Jaynes
9193013158 Docs: Apply inline @see tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

Fixes #36921.

Built from https://develop.svn.wordpress.org/trunk@37544


git-svn-id: http://core.svn.wordpress.org/trunk@37512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 19:02:28 +00:00
Drew Jaynes
6c534918d4 Docs: Standardize filter docs in wp-includes/pluggable.php to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37508


git-svn-id: http://core.svn.wordpress.org/trunk@37476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:35:27 +00:00
Eric Lewis
02a4e761f2 Users: Correct inline docs for cookie expiration.
Props kjbenk.
Fixes #35568.

Built from https://develop.svn.wordpress.org/trunk@37315


git-svn-id: http://core.svn.wordpress.org/trunk@37281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-27 02:52:28 +00:00
Sergey Biryukov
c371296223 Users: In wp_new_user_notification(), sdd 'user' option for the $notify parameter, which allows for sending notification only to the user created.
Props akibjorklund.
Fixes #36009.
Built from https://develop.svn.wordpress.org/trunk@37276


git-svn-id: http://core.svn.wordpress.org/trunk@37242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-21 10:20:27 +00:00
Drew Jaynes
11ab384086 Docs: Improve 4.5 changelog entries introduced in [36992] for wp_authenticate(), and the authenticate and wp_login_failed hooks.
See #9568. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37030


git-svn-id: http://core.svn.wordpress.org/trunk@36997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-17 08:06:27 +00:00
John Blackbourn
621085a360 Users: Add @since entries to wp_authenticate() and its filters now that the $username parameter can also be an email address.
See #9568, #35986

Built from https://develop.svn.wordpress.org/trunk@36992


git-svn-id: http://core.svn.wordpress.org/trunk@36959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-14 22:31:27 +00:00
Sergey Biryukov
ef7a559e2e Docs: Correct filter reference in pre_get_avatar filter description.
Props henry.wright.
Fixes #36031.
Built from https://develop.svn.wordpress.org/trunk@36800


git-svn-id: http://core.svn.wordpress.org/trunk@36767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-02 03:41:28 +00:00