Commit Graph

131 Commits

Author SHA1 Message Date
Mark Jaquith
504101460f Slow down on calling zxcvbn if it isn't loaded.
see #32589
Built from https://develop.svn.wordpress.org/trunk@33033


git-svn-id: http://core.svn.wordpress.org/trunk@33004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 18:13:24 +00:00
Mark Jaquith
423a1a7ca4 New password change/set UI.
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords

see #32589

props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023


git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Konstantin Obenland
7dc1d06e64 Proper heading for admin screens.
First step towards restoring a good heading structure in wp-admin.
The previous `<h1>` contained the site title and a link to the front page and was removed with the toolbar refactoring in 3.2.

Props joedolson, afercia.
Fixes #31650.


Built from https://develop.svn.wordpress.org/trunk@32974


git-svn-id: http://core.svn.wordpress.org/trunk@32945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-27 15:41:25 +00:00
Scott Taylor
c6a4512b1b Add missing doc blocks to wp-admin/includes/*.
Fix some egregious uses of tabbing.
Some functions can simply return `apply_filters(...)` instead of setting a variable that is immediately returned.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32654


git-svn-id: http://core.svn.wordpress.org/trunk@32624 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-29 20:17:26 +00:00
Dominik Schilling
64fc7294b6 Use HTTPS URLs for codex.wordpress.org.
see #27115.
Built from https://develop.svn.wordpress.org/trunk@32116


git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
Helen Hou-Sandí
d85f8fe326 Admin notices: Make (most) core notices dismissible.
These no longer return upon refreshing the page when JS is on and working, so users should be able to dismiss them. This is particularly important on the post edit screen when DFW is triggered, but pretty much all notices can be dismissed if needed. A post on Make/Core will follow with information on how this can be leveraged in plugins.

props valendesigns, afercia, paulwilde, adamsilverstein, helen.
fixes #31233. see #23367.

Built from https://develop.svn.wordpress.org/trunk@31973


git-svn-id: http://core.svn.wordpress.org/trunk@31952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-01 22:06:28 +00:00
Sergey Biryukov
2c98f83b70 Remove duplicate label on Add New User screen.
props abhishekfdd.
fixes #31131.
Built from https://develop.svn.wordpress.org/trunk@31777


git-svn-id: http://core.svn.wordpress.org/trunk@31757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-14 01:04:27 +00:00
Dominik Schilling
72229b25c8 Add New User: Remove trailing whitespace from button labels.
fixes #31175.
Built from https://develop.svn.wordpress.org/trunk@31298


git-svn-id: http://core.svn.wordpress.org/trunk@31279 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-29 14:54:21 +00:00
Scott Taylor
7f8b548df1 In HTML5, the action attribute is no longer required. Remove this attribute when empty.
The admin HTML is served with the HTML5 doctype.

"The action and formaction content attributes, if specified, must have a value that is a valid non-empty URL potentially surrounded by spaces." 
http://www.w3.org/html/wg/drafts/html/master/forms.html#attr-fs-action

Props voldemortensen.
Fixes #30126.

Built from https://develop.svn.wordpress.org/trunk@31200


git-svn-id: http://core.svn.wordpress.org/trunk@31181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 04:16:24 +00:00
Andrew Nacin
741e0ec6de No need for wp_get_password_hint() to be prefixed as if it is private.
see #21243.

Built from https://develop.svn.wordpress.org/trunk@30855


git-svn-id: http://core.svn.wordpress.org/trunk@30845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-15 08:34:23 +00:00
John Blackbourn
bdd00b3902 Improve various hook and filter docs so they are correctly parsed for the code reference.
Fixes #30558
Props DrewAPicture

Built from https://develop.svn.wordpress.org/trunk@30754


git-svn-id: http://core.svn.wordpress.org/trunk@30744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-06 21:32:24 +00:00
John Blackbourn
d88ed475b0 Switch to a 403 response code in places where it is more appropriate than a 500 due to permissions errors.
Fixes #10551
Props nacin

Built from https://develop.svn.wordpress.org/trunk@30356


git-svn-id: http://core.svn.wordpress.org/trunk@30355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-16 06:16:22 +00:00
John Blackbourn
b1ba80de87 Rename _wp_password_hint() to _wp_get_password_hint() to bring it inline with core terminology. Fixes #21243.
Built from https://develop.svn.wordpress.org/trunk@30033


git-svn-id: http://core.svn.wordpress.org/trunk@30033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-26 23:30:18 +00:00
Jeremy Felt
fd149bb220 Deprecate admin_created_user_subject()
When `admin_created_user_subjec()` was merged from MU, the accompanying filter was left behind. As it has never been used by WordPress core, and is not an otherwise useful function, it can be deprecated.

Fixes #29915

Built from https://develop.svn.wordpress.org/trunk@30005


git-svn-id: http://core.svn.wordpress.org/trunk@30005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-24 04:49:20 +00:00
Boone Gorges
24babfddb3 Allow apostrophes in email addresses when adding users via the Dashboard.
Email addresses entered in a number of interfaces were not being stripslashed
properly, with the result that the emails were not being recognized as valid.

Fixes #18039.
Built from https://develop.svn.wordpress.org/trunk@29966


git-svn-id: http://core.svn.wordpress.org/trunk@29713 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-19 20:30:19 +00:00
Sergey Biryukov
0eb758720a Move password hint text to a function. Add 'password_hint' filter.
props convissor.
fixes #21243.
Built from https://develop.svn.wordpress.org/trunk@29962


git-svn-id: http://core.svn.wordpress.org/trunk@29709 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-18 20:21:18 +00:00
Jeremy Felt
3a8676278d Do not send a welcome notification when noconfirmation has been flagged
When adding a new user to a site on the network, 2 emails are sent out - one for confirmation and one as a welcome. If the option for no confirmation is selected, neither should send.

props transom
Fixes #16235

Built from https://develop.svn.wordpress.org/trunk@29880


git-svn-id: http://core.svn.wordpress.org/trunk@29637 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-12 01:11:18 +00:00
Sergey Biryukov
c4fce2f163 Reverse the order of roles in help text on Add New User screen to match [25695].
fixes #28914.
Built from https://develop.svn.wordpress.org/trunk@29233


git-svn-id: http://core.svn.wordpress.org/trunk@29017 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 23:48:15 +00:00
John Blackbourn
be12ea968a Implement email and url input types where appropriate. Props Kau-Boy. Fixes #22183.
Built from https://develop.svn.wordpress.org/trunk@29030


git-svn-id: http://core.svn.wordpress.org/trunk@28818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-08 17:52:14 +00:00
Sergey Biryukov
4a11203b06 Clarify a string on Add New User screen.
props vancoder, collinsinternet.
fixes #27398.
Built from https://develop.svn.wordpress.org/trunk@29009


git-svn-id: http://core.svn.wordpress.org/trunk@28797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-07 00:54:14 +00:00
Scott Taylor
9a286d75fd Don't use variable variables in user-new.php. Test by causing errors when creating a new user.
See #27881.

Built from https://develop.svn.wordpress.org/trunk@28745


git-svn-id: http://core.svn.wordpress.org/trunk@28559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-06-11 19:54:13 +00:00
Sergey Biryukov
df597224e5 Add paragraph tags to 'Add Existing User' section on 'Add New User' screen in multisite.
props jkudish, topher1kenobe.
fixes #20271.
Built from https://develop.svn.wordpress.org/trunk@28642


git-svn-id: http://core.svn.wordpress.org/trunk@28460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-05-30 21:51:14 +00:00
Andrew Nacin
5851e00b93 Add a value to the password checkbox when creating a new user so the toggle is remembered.
props chriseverson, SergeyBiryukov.
fixes #27006.

Built from https://develop.svn.wordpress.org/trunk@27838


git-svn-id: http://core.svn.wordpress.org/trunk@27672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-29 06:23:17 +00:00
Andrew Nacin
c3ca81ba94 Always decode special characters for email subjects.
props tlovett1, jeremyfelt.
fixes #25346.

Built from https://develop.svn.wordpress.org/trunk@27801


git-svn-id: http://core.svn.wordpress.org/trunk@27636 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-28 02:44:15 +00:00
Andrew Nacin
dce0b9adea Use SSL when linking to WordPress.org. see #27115.
Built from https://develop.svn.wordpress.org/trunk@27469


git-svn-id: http://core.svn.wordpress.org/trunk@27314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-08 04:14:15 +00:00
Sergey Biryukov
5d3e652c23 Add Oxford comma to password hint.
props trepmal.
fixes #26457.
Built from https://develop.svn.wordpress.org/trunk@27246


git-svn-id: http://core.svn.wordpress.org/trunk@27103 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-24 23:31:15 +00:00
Andrew Ozz
8d6059b383 Remove all screen_icon() calls and deprecate the functions, props TobiasBg, fixes #26119
Built from https://develop.svn.wordpress.org/trunk@26518


git-svn-id: http://core.svn.wordpress.org/trunk@26411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-02 03:53:11 +00:00
Drew Jaynes
ee8aa9ee4c Inline documentation for hooks in wp-admin/user-new.php & wp-admin/user-edit.php.
Also fixes one parameter type in wp-includes/user.php.

Fixes #25726.

Built from https://develop.svn.wordpress.org/trunk@26493


git-svn-id: http://core.svn.wordpress.org/trunk@26387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-01 01:35:10 +00:00
Andrew Nacin
70fd806759 Revert r25824:25875 from the core.svn.wordpress.org repository.
These commits were accidentally re-synced commits from develop.svn.wordpress.org due to a race condition. Thankfully, the history of this repository matters fairly little. It also happened only for trunk.


git-svn-id: http://core.svn.wordpress.org/trunk@25876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-25 02:29:52 +00:00
Andrew Nacin
5361a8abca Spell out duplicate hook locations.
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:59:20 +00:00
Andrew Nacin
8ae8e01b67 Remove the old wp_auto_updates_maybe_update cron event. Schedule the new wp_maybe_auto_update event at 7 a.m. and 7 p.m. in the site's timezone.
see #27704.

Built from https://develop.svn.wordpress.org/trunk@25825


git-svn-id: http://core.svn.wordpress.org/trunk@25825 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-24 22:53:14 +00:00
Ryan Boren
b87d4b77e5 Pinking shears
Built from https://develop.svn.wordpress.org/trunk@25880


git-svn-id: http://core.svn.wordpress.org/trunk@25792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-23 14:38:10 +00:00
Andrew Nacin
74488bdcb0 Spell out duplicate hook locations.
props DrewAPicture.
fixes #25658.

Built from https://develop.svn.wordpress.org/trunk@25868


git-svn-id: http://core.svn.wordpress.org/trunk@25780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-10-22 17:22:11 +00:00
Helen Hou-Sandí
6cee949cab Add a user_new_form hook, with context. props johnjamesjacoby, strangerstudios, jeremyfelt, DrewAPicture. fixes #18709.
Built from https://develop.svn.wordpress.org/trunk@25629


git-svn-id: http://core.svn.wordpress.org/trunk@25546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-26 01:48:10 +00:00
Andrew Nacin
fd57b239d2 Don't rely on include_path to include files.
Always use dirname() or, once available, ABSPATH.

props ketwaroo, hakre.
fixes #17092.

Built from https://develop.svn.wordpress.org/trunk@25616


git-svn-id: http://core.svn.wordpress.org/trunk@25533 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-25 00:18:11 +00:00
Sergey Biryukov
637fa4f1af Inline documentation for hooks in wp-admin/user-new.php.
props bftrick.
see #25229.
Built from https://develop.svn.wordpress.org/trunk@25470


git-svn-id: http://core.svn.wordpress.org/trunk@25391 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-09-17 08:33:10 +00:00
Ryan Boren
dd7a9120df Bestow sentience upon users. Level up their pronoun.
Props johnbillion
fixes #24513


git-svn-id: http://core.svn.wordpress.org/trunk@24992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-06 16:04:07 +00:00
Mark Jaquith
bd94dc655c Combat Chrome's insanely aggressive user/pass autofilling ಠ_ಠ
Chrome now ignores `autocomplete="off"` in <input>, so this hack uses
a hidden, non-named, non-empty input, right before the password field.

see #24364. props azaozz, nacin, bobbingwide, aaroncampbell.

git-svn-id: http://core.svn.wordpress.org/trunk@24552 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-03 21:24:02 +00:00
Mark Jaquith
5b8aad1039 Rejigger some whitespace in anticipation of a fix for #24364.
see #24364

git-svn-id: http://core.svn.wordpress.org/trunk@24551 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-03 21:23:55 +00:00
Dominik Schilling
2446c80c49 Add a label to the second password field on User New and User Edit screen. props MikeHansenMe. fixes #20294.
git-svn-id: http://core.svn.wordpress.org/trunk@24531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-30 11:13:34 +00:00
Andrew Nacin
cfa947193f Revert [24291] pending further discussion and sleuthing. see #24364.
git-svn-id: http://core.svn.wordpress.org/trunk@24317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-22 18:37:43 +00:00
Andrew Ozz
dbda48bd2a Fix Chrome disregarding autocomplete="off" for password fields. Add autocomplete="off" to forms where the users can choose new password. Fixes #24364.
git-svn-id: http://core.svn.wordpress.org/trunk@24291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-18 22:56:21 +00:00
Sergey Biryukov
4471620636 Fix copy/paste error in user-new.php. props tivnet. fixes #24022.
git-svn-id: http://core.svn.wordpress.org/trunk@23950 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-04-10 16:13:59 +00:00
Ryan Boren
15a06a35ab Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #WP21767


git-svn-id: http://core.svn.wordpress.org/trunk@23591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 16:30:38 +00:00
Ryan Boren
43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
08269aa6b0 Remove unused error string. props pavelevap. fixes #22107.
git-svn-id: http://core.svn.wordpress.org/trunk@23412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 05:36:28 +00:00
Andrew Ozz
cbd737470c Kill use of colons in class names, props SergeyBiryukov, fixes #21152
git-svn-id: http://core.svn.wordpress.org/trunk@22396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-06 01:01:52 +00:00
ryan
104b50cf58 s/newuserconfimation/newuserconfirmation/
Props Jayjdk, lesteph
fixes #21415


git-svn-id: http://core.svn.wordpress.org/trunk@21362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-30 16:13:18 +00:00
ryan
5ac8a32840 Translate role names in the new user notification email. Props obenland. fixes #20764
git-svn-id: http://core.svn.wordpress.org/trunk@21316 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-24 17:32:40 +00:00