Commit Graph

355 Commits

Author SHA1 Message Date
Mark Jaquith
423a1a7ca4 New password change/set UI.
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords

see #32589

props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023


git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Dion Hulse
c261ad2c57 Expire password reset links after 24 hours (by default). This causes existing password reset links to become invalid.
Props markjaquith, voldemortensen, johnbillion, MikeHansenMe, dd32
See #32429

Built from https://develop.svn.wordpress.org/trunk@33019


git-svn-id: http://core.svn.wordpress.org/trunk@32990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 06:33:26 +00:00
Scott Taylor
5b9b3cedea When searching for users using the search arg in get_users()/WP_User_Query, also search the user's email, url, and display name.
Adds unit tests.

Props mordauk, wonderboymusic.
Fixes #27304.

Built from https://develop.svn.wordpress.org/trunk@32980


git-svn-id: http://core.svn.wordpress.org/trunk@32951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-28 00:36:24 +00:00
Scott Taylor
d6c644d8df After [32884], update the default value for comment_shortcuts.
Props dlh, rachelbaker, DrewAPicture.
Fixes #31588.

Built from https://develop.svn.wordpress.org/trunk@32904


git-svn-id: http://core.svn.wordpress.org/trunk@32875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-22 20:44:26 +00:00
Dominik Schilling
4423739c65 Use 3-digit x.x.x style for 4.3.0 @since versions.
see #32335, #32430.
Built from https://develop.svn.wordpress.org/trunk@32897


git-svn-id: http://core.svn.wordpress.org/trunk@32868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 11:41:26 +00:00
Drew Jaynes
1077b83a20 Update the DocBlock for wp_insert_post() to exclude now-defunct contact method arguments and clarify others.
Also clarifies information on available hooks and adds a changelog entry for when the contact method arguments were removed.

Props dlh, rachelbaker.
See #31588.

Built from https://develop.svn.wordpress.org/trunk@32884


git-svn-id: http://core.svn.wordpress.org/trunk@32855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-20 02:53:27 +00:00
Scott Taylor
5e994cd6a1 Customizer et al, use elseif in PHP, not else if.
This was corrected via brute force in [31090].

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32874


git-svn-id: http://core.svn.wordpress.org/trunk@32845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-19 22:01:25 +00:00
Boone Gorges
2e5e0bdc78 When updating a user, only send email-change notification if email address is passed.
The notification, introduced in [32380], was firing incorrectly (and throwing
a PHP notice) when `wp_update_user()` was called without including 'user_email'
in the update data.

Props imath.
Fixes #32684. See #32430.
Built from https://develop.svn.wordpress.org/trunk@32838


git-svn-id: http://core.svn.wordpress.org/trunk@32809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-18 13:30:26 +00:00
Mark Jaquith
814865ea9e Send emails when a user's email address or password is changed.
* In case of email change, email goes to the OLD address
* Prevents against issues where an account is compromised (say via cookie interception) and then the attacker silently takes over ownership via pw/email changes — now there will at least be a record that something is up

fixes #32430
props RMarks, MikeHansenMe, tharsheblows, obenland
Built from https://develop.svn.wordpress.org/trunk@32820


git-svn-id: http://core.svn.wordpress.org/trunk@32791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-17 19:31:27 +00:00
Boone Gorges
5dfd6a02a7 Avoid returning duplicate matches when using a meta query in WP_User_Query.
A meta_query containing an `OR` relation can result in the same record matching
multiple clauses, leading to duplicate results. The previous prevention against
duplicates [18178] #17582 became unreliable in 4.1 when `WP_Meta_Query`
introduced support for nested clauses. The current changeset adds a new method
`WP_Meta_Query::has_or_relation()` for checking whether an `OR` relation
appears anywhere in the query, and uses the new method in `WP_User_Query` to
enforce distinct results as necessary.

Props maxxsnake.
Fixes #32592.
Built from https://develop.svn.wordpress.org/trunk@32713


git-svn-id: http://core.svn.wordpress.org/trunk@32683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-09 17:42:28 +00:00
Sergey Biryukov
50369e1c98 Add @since for check_password_reset_key(), reset_password(), and register_new_user().
see #20279.
Built from https://develop.svn.wordpress.org/trunk@32696


git-svn-id: http://core.svn.wordpress.org/trunk@32666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-05 20:39:26 +00:00
Boone Gorges
2c9a2850b4 Add @since entry for 'has_published_post' argument of WP_User_Query.
Mega-props DrewAPicture.
Fixes #32250.
Built from https://develop.svn.wordpress.org/trunk@32685


git-svn-id: http://core.svn.wordpress.org/trunk@32655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 18:21:26 +00:00
Boone Gorges
0471408596 Normalize whitespace in docblock for WP_User_Query::prepare_query().
Built from https://develop.svn.wordpress.org/trunk@32684


git-svn-id: http://core.svn.wordpress.org/trunk@32654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 13:35:26 +00:00
Boone Gorges
6db02371ec Introduce 'has_published_posts' parameter for WP_User_Query.
This allows user query results to be limited to those users who have published
posts in at least one of the specified post types.

Props joehoyle, boonebgorges.
Fixes #32250.
Built from https://develop.svn.wordpress.org/trunk@32683


git-svn-id: http://core.svn.wordpress.org/trunk@32653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 13:30:26 +00:00
Scott Taylor
d38fed6449 Add missing doc blocks to user.php.
`username_exists()` should return `false` instead of `null`, just like `email_exists()` does, which is right under it.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32637


git-svn-id: http://core.svn.wordpress.org/trunk@32607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 15:51:25 +00:00
Jeremy Felt
a5c688e817 Use site objects rather than get_blog_status() in MS list tables.
Removes several repetitive calls to `get_blog_status()` that are not needed, as the data is already available as part of each site's object.

Fixes #32512.

Built from https://develop.svn.wordpress.org/trunk@32630


git-svn-id: http://core.svn.wordpress.org/trunk@32600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 23:14:29 +00:00
Jeremy Felt
45ad4808d9 Provide all site flag data in objects returned by get_blogs_of_user()
Previously, `archived`, `spam`, and `deleted` properties were forced to `0` when returned by `get_blogs_of_user()`. This was originally introduced in [21794] as a way to prevent notices when properties were expected.

Instead, we can properly fill these properties with those retrieved from `get_blog_details()`.

Props realloc.
Fixes #32281.

Built from https://develop.svn.wordpress.org/trunk@32626


git-svn-id: http://core.svn.wordpress.org/trunk@32596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 21:23:26 +00:00
Scott Taylor
1b52916239 Create a function, wp_roles(), to DRY the inline instantiation of the $wp_roles global.
Add missing doc blocks for `capabilities.php`.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32541


git-svn-id: http://core.svn.wordpress.org/trunk@32511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-22 04:47:24 +00:00
Boone Gorges
9d54232e39 Streamline support for multiple post types in get_posts_by_author_sql().
* Don't accept a comma-separated list, only a single post type or an array of post types. This is easier to document.
* Add changelog entries to all calling functions.

Props DrewAPicture.
Fixes #32243.
Built from https://develop.svn.wordpress.org/trunk@32524


git-svn-id: http://core.svn.wordpress.org/trunk@32494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-21 19:49:29 +00:00
Boone Gorges
67c935ad9c Support multiple post types in count_user_posts() and other functions that use get_posts_by_author_sql().
Props nikonratm.
Fixes #32243.
Built from https://develop.svn.wordpress.org/trunk@32523


git-svn-id: http://core.svn.wordpress.org/trunk@32493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-21 18:43:27 +00:00
Boone Gorges
bbc5a2de2f Ensure that 'who' param is respected when generating meta_query in WP_User_Query.
Since [31669], the 'who' param had been parsed after meta_query was generated,
so that 'who' was effectively ignored.

Props imath.
Fixes #32019.
Built from https://develop.svn.wordpress.org/trunk@32207


git-svn-id: http://core.svn.wordpress.org/trunk@32180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 15:16:27 +00:00
Dominik Schilling
64fc7294b6 Use HTTPS URLs for codex.wordpress.org.
see #27115.
Built from https://develop.svn.wordpress.org/trunk@32116


git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
Drew Jaynes
ba1e7a7243 Correct grammar when referring to "a user" vs "an user" in several places.
Props ocean90.
Fixes #31894.

Built from https://develop.svn.wordpress.org/trunk@32025


git-svn-id: http://core.svn.wordpress.org/trunk@32004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-05 14:44:27 +00:00
Boone Gorges
820b895cf6 WP_User_Query: When querying users with 'fields=all', ensure that caps and roles are filled for the current site.
See [15566] for a parallel fix for 'fields=all_with_meta'.

Fixes #31878.
Built from https://develop.svn.wordpress.org/trunk@32001


git-svn-id: http://core.svn.wordpress.org/trunk@31980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-03 14:14:57 +00:00
Scott Taylor
0fccadaa35 When updating the email address for an existing user, make sure the email address is not already in use.
Adds unit tests.

Props rittesh.patel, DrewAPicture.
Fixes #30647.

Built from https://develop.svn.wordpress.org/trunk@31963


git-svn-id: http://core.svn.wordpress.org/trunk@31942 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-01 18:23:28 +00:00
Drew Jaynes
bfdc2f3ac6 Ensure the $wp_hasher global has an entry in the check_password_reset_key() DocBlock.
Props lamosty.
Fixes #31756.

Built from https://develop.svn.wordpress.org/trunk@31883


git-svn-id: http://core.svn.wordpress.org/trunk@31862 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-25 16:24:27 +00:00
John Blackbourn
7c5fc2debb Implement an aria-describedby attribute for login screen errors, and improve the "Forgot password?" anchor text.
Props aferica, rianrietveld
Fixes #31143

Built from https://develop.svn.wordpress.org/trunk@31871


git-svn-id: http://core.svn.wordpress.org/trunk@31850 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-24 16:29:26 +00:00
Boone Gorges
f5513227db Improved 'orderby' meta syntax in WP_User_Query.
Recent commits have added the ability to order query results by specific
clauses of the 'meta_query' parameter (comments [31467], posts [31312] and
[31340]). The current changeset ports the same functionality to `WP_User_Query`.

Also introduced is the ability to pass the value of `$meta_key` to 'orderby'.

The internals of `WP_User_Query::prepare_users()` had to be reordered
somewhat to support these changes, primarily to ensure that the `meta_query`
object generates its SQL clauses before the 'orderby' parameter is parsed.

See #31265.
Built from https://develop.svn.wordpress.org/trunk@31669


git-svn-id: http://core.svn.wordpress.org/trunk@31650 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-07 18:38:27 +00:00
Boone Gorges
f07ebeff91 In WP_User_Query, $meta_query should be a class property rather than a local variable.
This provides better parity with other query classes, and makes it possible to
write more direct unit tests.

See #31265.
Built from https://develop.svn.wordpress.org/trunk@31665


git-svn-id: http://core.svn.wordpress.org/trunk@31646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-07 16:35:27 +00:00
Boone Gorges
503b36dd23 Fix documentation whitespace after [31663].
See #31265.
Built from https://develop.svn.wordpress.org/trunk@31664


git-svn-id: http://core.svn.wordpress.org/trunk@31645 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-07 16:08:27 +00:00
Boone Gorges
1101444648 Improve 'orderby' syntax for WP_User_Query.
This changeset ports a number of 'orderby' features from `WP_Query` and
`WP_Comment_Query`:

* Allow multiple 'orderby' values to be passed as a space-separated list.
* Allow multiple 'orderby' values to be passed as a flat array.
* Allow multi-dimensional 'orderby', with orderby fields as array keys and ASC/DESC as the corresponding values.

See #31265.
Built from https://develop.svn.wordpress.org/trunk@31663


git-svn-id: http://core.svn.wordpress.org/trunk@31644 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-07 16:06:27 +00:00
Drew Jaynes
3b267afbf4 Correct a typo in the hash notation for wp_insert_user(): The argument name should be $user_registered not $date_registered.
Props floriansimeth.
Fixes #31513.

Built from https://develop.svn.wordpress.org/trunk@31608


git-svn-id: http://core.svn.wordpress.org/trunk@31589 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-04 09:51:26 +00:00
Boone Gorges
17330354bc Add orderby=meta_value_num support to WP_User_Query.
Props tyxla, genkisan.
Fixes #27887.
Built from https://develop.svn.wordpress.org/trunk@31369


git-svn-id: http://core.svn.wordpress.org/trunk@31350 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-08 16:59:22 +00:00
Sergey Biryukov
a47a5a1779 In wp_update_user(), make sure $userdata['ID'] is set before using it.
props tyxla.
fixes #31097.
Built from https://develop.svn.wordpress.org/trunk@31269


git-svn-id: http://core.svn.wordpress.org/trunk@31250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-22 14:46:23 +00:00
Scott Taylor
fe6b5983df In PHP 5.0.0, is_a() became deprecated in favour of the instanceof operator. Calling is_a() would result in an E_STRICT warning.
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.

To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.

`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.

Props markoheijnen, wonderboymusic.
Fixes #25672.

Built from https://develop.svn.wordpress.org/trunk@31188


git-svn-id: http://core.svn.wordpress.org/trunk@31169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 01:06:24 +00:00
Scott Taylor
a79c242038 In WP_User_Query, only call magic method internals against a whitelist of properties, $compat_fields.
See #30891.

Built from https://develop.svn.wordpress.org/trunk@31144


git-svn-id: http://core.svn.wordpress.org/trunk@31125 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-11 22:00:23 +00:00
Scott Taylor
0a511680f4 Adding a @return annotation to constructors is generally not recommended as a constructor does not have a meaningful return value. Constructors do not have meaningful return values, anything that is returned from here is discarded.
See #30799.

Built from https://develop.svn.wordpress.org/trunk@31126


git-svn-id: http://core.svn.wordpress.org/trunk@31107 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-10 06:54:23 +00:00
Scott Taylor
60b0cd7943 The keyword elseif should be used instead of else if so that all control keywords look like single words.
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31090


git-svn-id: http://core.svn.wordpress.org/trunk@31071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-08 07:05:25 +00:00
Andrew Nacin
741e0ec6de No need for wp_get_password_hint() to be prefixed as if it is private.
see #21243.

Built from https://develop.svn.wordpress.org/trunk@30855


git-svn-id: http://core.svn.wordpress.org/trunk@30845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-15 08:34:23 +00:00
Drew Jaynes
23707b1ada Convert various uses of (optional) in core parameter descriptions to use the style prescribed in the inline documentation standards for PHP.
The style for marking parameters optional in inline PHP docs is: `@param type $var Optional. Description. Accepts. Default.`, where Accepts can be omitted on a case-by-case basis.

Props coffee2code.
Fixes #30591.

Built from https://develop.svn.wordpress.org/trunk@30753


git-svn-id: http://core.svn.wordpress.org/trunk@30743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-06 21:24:45 +00:00
Scott Taylor
04a4cf6156 Improve the @param docs for src/wp-includes/user.php.
See #30224.

Built from https://develop.svn.wordpress.org/trunk@30666


git-svn-id: http://core.svn.wordpress.org/trunk@30656 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 22:11:23 +00:00
Drew Jaynes
bffe95d34c Docs Formatting: Backtick-escape inline code for all remaining dynamic hook docs in wp-includes/*.
Affects DocBlocks for the following hooks:
* `auth_post_meta_{$meta_key}`
* `term_links-$taxonomy`
* `customize_render_control_ . $this->id`
* `customize_render_panel_{$this->id}`
* `customize_render_section_{$this->id}`
* `customize_preview_{$this->id}`
* `customize_save_ . $this->id_data[ 'base' ]`
* `customize_update_ . $this->type`
* `customize_value_ . $this->id_data[ 'base' ]`
* `customize_sanitize_js_{$this->id}`
* `comment_form_field_{$name}`
* `comment_{$old_status}_to_{$new_status}`
* `comment_{$new_status}_{$comment->comment_type}`
* `extra_{$context}_headers`
* `get_template_part_{$slug}`
* `get_the_generator_{$type}`
* `get_{$adjacent}_post_join`
* `get_{$adjacent}_post_where`
* `get_{$adjacent}_post_sort`
* `{$adjacent}_post_rel_link`
* `{$adjacent}_post_link`
* `{$adjacent}_image_link`
* `blog_option_{$option}`
* `$permastructname . _rewrite_rules`
* `{$type}_template`
* `theme_mod_{$name}`
* `pre_set_theme_mod_$name`
* `current_theme_supports-{$feature}`
* `get_user_option_{$option}`
* `edit_user_{$field}`
* `pre_user_{$field}`
* `user_{$field}`

See #30552.

Built from https://develop.svn.wordpress.org/trunk@30656


git-svn-id: http://core.svn.wordpress.org/trunk@30646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-30 12:10:23 +00:00
Drew Jaynes
e11c0a9d3e 4.1 Docs Audit: Fix formatting for changelog entries in count_user_posts() and the get_usernumposts hook.
See #30469.

Built from https://develop.svn.wordpress.org/trunk@30623


git-svn-id: http://core.svn.wordpress.org/trunk@30613 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-28 12:29:23 +00:00
Andrew Nacin
fce07e17eb Invalidate password keys when a user's email changes.
Built from https://develop.svn.wordpress.org/trunk@30430


git-svn-id: http://core.svn.wordpress.org/trunk@30425 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-20 13:40:23 +00:00
Boone Gorges
92e3890daa Correct @since tag in count_user_posts() docs.
Props pavelevap, DrewAPicture.
See #21364.
Built from https://develop.svn.wordpress.org/trunk@30328


git-svn-id: http://core.svn.wordpress.org/trunk@30327 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-13 12:15:23 +00:00
Boone Gorges
a0b8caa29b Introduce $post_type param for count_user_posts().
Props Caspie, engelen, DrewAPicture.
Fixes #21364.
Built from https://develop.svn.wordpress.org/trunk@30322


git-svn-id: http://core.svn.wordpress.org/trunk@30321 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-13 02:19:22 +00:00
Drew Jaynes
66c47f29bb Correct references of @uses $wpdb in core documentation to use @global.
See #30191, [30105].
Fixes #30217.

Built from https://develop.svn.wordpress.org/trunk@30122


git-svn-id: http://core.svn.wordpress.org/trunk@30122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-31 17:56:22 +00:00
Drew Jaynes
f8657d5890 Remove redundant and erroneous @uses tag from most core inline documentation.
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.

Fixes #30191.

Built from https://develop.svn.wordpress.org/trunk@30105


git-svn-id: http://core.svn.wordpress.org/trunk@30105 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-30 01:05:24 +00:00
Konstantin Kovshenin
73f6a574b7 Use a nested meta query when querying by role in WP_User_Query.
If a user query includes a meta query together with a role argument,
nest the original meta query and append the role meta query with an
AND relationship.

fixes #23849, #27026.

Built from https://develop.svn.wordpress.org/trunk@30094


git-svn-id: http://core.svn.wordpress.org/trunk@30094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-29 21:41:22 +00:00
John Blackbourn
b1ba80de87 Rename _wp_password_hint() to _wp_get_password_hint() to bring it inline with core terminology. Fixes #21243.
Built from https://develop.svn.wordpress.org/trunk@30033


git-svn-id: http://core.svn.wordpress.org/trunk@30033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-26 23:30:18 +00:00