whyisjake
bb6d812c70
User: Invalidate user_activation_key
on password update.
...
Query: Ensure that only a single post can be returned on date/time based queries.
Cache API: Ensure proper escaping around the stats method in the cache API.
Formatting: Expand `sanitize_file_name` to have better support for utf8 characters.
Brings the changes in [47634], [47635], [47637], and [47638] to the 4.4 branch.
Props: batmoo, ehti, nickdaugherty, peterwilsoncc, sergeybiryukov, sstoqnov, westi, whyisjake, whyisjake, xknown.
Built from https://develop.svn.wordpress.org/branches/4.4@47653
git-svn-id: http://core.svn.wordpress.org/branches/4.4@47430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-29 16:39:23 +00:00
John Blackbourn
866662a9fd
General: Backport PHP 7.1 fixes to the 4.4 branch to avoid fatal errors and warnings.
...
See #41135
Built from https://develop.svn.wordpress.org/branches/4.4@41129
git-svn-id: http://core.svn.wordpress.org/branches/4.4@40969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-24 22:27:31 +00:00
Boone Gorges
43d1ab4720
Use 'invalid_username' error code when tripping 'illegal_user_logins'.
...
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.
Props markjaquith.
Fixes #27317 .
Built from https://develop.svn.wordpress.org/trunk@35772
git-svn-id: http://core.svn.wordpress.org/trunk@35736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 23:25:26 +00:00
Dominik Schilling
7250749032
Reset Password: Add a missing new
operator for WP_Error
in get_password_reset_key()
.
...
Missed in [34923].
Fixes #34180 .
Built from https://develop.svn.wordpress.org/trunk@35764
git-svn-id: http://core.svn.wordpress.org/trunk@35728 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 15:31:26 +00:00
Dominik Schilling
9fb5c540bb
Users: Allow to create users without sending an email to the new user.
...
This adds a checkbox to `wp-admin/user-new.php` to prevent sending an email with the username and a password reset link to the new user. Restores the behavior of pre-4.3.
Fixes #33504 .
Props tharsheblows, SergeyBiryukov, DrewAPicture, ocean90.
Built from https://develop.svn.wordpress.org/trunk@35742
git-svn-id: http://core.svn.wordpress.org/trunk@35706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-25 22:38:29 +00:00
Sergey Biryukov
bc1e479fd0
After [35718], update the location of some files in This filter is documented in
docs.
...
Partially reverts [33954].
Fixes #33413 .
Built from https://develop.svn.wordpress.org/trunk@35725
git-svn-id: http://core.svn.wordpress.org/trunk@35689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-22 03:51:28 +00:00
Andrew Nacin
1579e45d41
Simplify the include graph after work to split out classes.
...
see #33413 . More details there.
Built from https://develop.svn.wordpress.org/trunk@35718
git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
Drew Jaynes
51b778fb03
Docs: The User API is singular.
...
See #33701 .
Built from https://develop.svn.wordpress.org/trunk@34397
git-svn-id: http://core.svn.wordpress.org/trunk@34361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 13:03:24 +00:00
Drew Jaynes
5cf6c74499
Docs: Clarify the file header summary for wp-includes/user.php, the top-level file for the core Users API.
...
Also adds inline DocBlocks for the `require_once()` calls that now bring in core users functionality and the `WP_User_Query` class, as of [33749].
See #33413 . See #33701 .
Built from https://develop.svn.wordpress.org/trunk@33897
git-svn-id: http://core.svn.wordpress.org/trunk@33866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-04 01:33:24 +00:00
Scott Taylor
484331e492
Users: move WP_User_Query
into its own file. user.php
loads the new files, so this is 100% BC if someone is loading user.php
directly (a lot of plugins do). New files created using svn cp
.
...
Creates:
`class-wp-user-query.php`
`user-functions.php`
`user.php` contains only top-level code. Class file only contains the class. Functions file only contains functions.
See #33413 .
Built from https://develop.svn.wordpress.org/trunk@33749
git-svn-id: http://core.svn.wordpress.org/trunk@33717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 04:20:21 +00:00
Drew Jaynes
dbdc8bf149
Docs: Clarify the return description for wp_create_user()
to illustrate that a WP_Error
object will be returned on failure.
...
Props jmayhak
Fixes #33321 .
Built from https://develop.svn.wordpress.org/trunk@33725
git-svn-id: http://core.svn.wordpress.org/trunk@33693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-24 22:23:24 +00:00
Drew Jaynes
5e32a0c646
Docs: Better clarify that the $post_type
parameter for the get_usernumposts
filter and count_user_posts()
can accept either a single post type or array of post types.
...
Props tyxla
See #33481 . Fixes #33520 .
Built from https://develop.svn.wordpress.org/trunk@33716
git-svn-id: http://core.svn.wordpress.org/trunk@33683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-23 17:46:24 +00:00
Boone Gorges
6ab7493b27
Pass the $public_only
value to 'get_usernumposts' filter.
...
[32523] introduced the `$public_only` parameter to `count_user_posts()`. That
changeset was supposed to pass `$public_only` to the 'get_usernumposts' filter
at the end of the function, but only the documentation was modified, not the
filter itself.
This changeset also fixes an incorrect variable name in the docblock for
the same filter.
Props swisspidy, tmatsuur.
Fixes #33481 for trunk.
Built from https://develop.svn.wordpress.org/trunk@33710
git-svn-id: http://core.svn.wordpress.org/trunk@33677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-22 18:59:26 +00:00
Scott Taylor
c192d90fa1
In wp_insert_user()
, add a filter: insert_user_meta
, to filter a user's meta values and keys before the user is created or updated.
...
Props tharsheblows, chriscct7, DrewAPicture.
Fixes #31549 .
Built from https://develop.svn.wordpress.org/trunk@33708
git-svn-id: http://core.svn.wordpress.org/trunk@33675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-22 17:12:25 +00:00
Drew Jaynes
0e4285c451
Docs: Fix a typo in the DocBlock description for _get_additional_user_keys()
, introduced in [33687].
...
Props dimadin
See #29120 .
Built from https://develop.svn.wordpress.org/trunk@33690
git-svn-id: http://core.svn.wordpress.org/trunk@33657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-21 16:01:28 +00:00
Drew Jaynes
6d405d34da
Docs: Clarify the DocBlock summary and add a description and return description for _get_additional_user_keys()
.
...
As noted in the description, returned keys being set is dependent on the existence of those keys in user meta at the point where `_get_additional_user_keys()` is called in `wp_update_user()`.
Fixes #29120 .
Built from https://develop.svn.wordpress.org/trunk@33687
git-svn-id: http://core.svn.wordpress.org/trunk@33654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-21 05:33:25 +00:00
Konstantin Obenland
e6bc6242ad
Passwords: Restore second parameter for wp_new_user_notification()
.
...
After [33023] users would always be notified, this restores previous behavior.
Props markjaquith, ocean90.
Fixes #33358 .
Built from https://develop.svn.wordpress.org/trunk@33620
git-svn-id: http://core.svn.wordpress.org/trunk@33587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-17 14:25:27 +00:00
Mark Jaquith
97280576c0
Change send_pass_change_email to send_password_change_email (better name).
...
see #32430
Built from https://develop.svn.wordpress.org/trunk@33486
git-svn-id: http://core.svn.wordpress.org/trunk@33453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 14:52:26 +00:00
Drew Jaynes
a929b8efe5
Fix the same typo again in the hook doc summary for the send_pass_change_email
filter.
...
I speak English, I do.
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@33248
git-svn-id: http://core.svn.wordpress.org/trunk@33220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:27:24 +00:00
Drew Jaynes
9de2f22655
Fix a typo in the hook docs summary for the send_pass_change_email
filter.
...
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@33247
git-svn-id: http://core.svn.wordpress.org/trunk@33219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:25:24 +00:00
Drew Jaynes
8ef2cd1537
Fix the inline documentation syntax in the hook docs for the email_change_email
filter, introduced in 4.3.
...
Also update the filter summary to reflect that the file is for an "email" change, not a "password" change.
See [32820]. See #32891 .
Built from https://develop.svn.wordpress.org/trunk@33245
git-svn-id: http://core.svn.wordpress.org/trunk@33217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:15:24 +00:00
Drew Jaynes
86f21b4d90
Fix the inline documentation syntax in the hook docs for the password_change_email
filter, introduced in 4.3.
...
See [32820]. See #32891 .
Built from https://develop.svn.wordpress.org/trunk@33244
git-svn-id: http://core.svn.wordpress.org/trunk@33216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:11:24 +00:00
Drew Jaynes
284b726bfb
Fix the inline documentation syntax in the hook docs for the send_email_change_email
filter, added in 4.3.
...
See [32820]. See #32891 .
Built from https://develop.svn.wordpress.org/trunk@33243
git-svn-id: http://core.svn.wordpress.org/trunk@33215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:08:24 +00:00
Drew Jaynes
96ed7056cd
Fix the inline documentation syntax in the hook docs for the send_pass_change_email
filter, added in 4.3.
...
See [32820]. See #32891 .
Built from https://develop.svn.wordpress.org/trunk@33242
git-svn-id: http://core.svn.wordpress.org/trunk@33214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:05:25 +00:00
Drew Jaynes
668bdf60fb
Wrap a long changelog entry description in the DocBlock for count_user_posts()
.
...
Also clarify the description for the new `$public_only` parameter, added in [32523].
See #32891 .
Built from https://develop.svn.wordpress.org/trunk@33241
git-svn-id: http://core.svn.wordpress.org/trunk@33213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:03:24 +00:00
Scott Taylor
6c90a44828
After [32980], update the docs to reflect that display_name
is now included when searching for users in some scenarios.
...
Fixes #27304 .
Built from https://develop.svn.wordpress.org/trunk@33116
git-svn-id: http://core.svn.wordpress.org/trunk@33087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-07 19:39:25 +00:00
Scott Taylor
6b034b67f5
In wp_insert_user()
, comparing an email address against the user's old email address should not be case-sensitive.
...
Adds unit tests.
Props tyxla.
Fixes #32158 .
Built from https://develop.svn.wordpress.org/trunk@33115
git-svn-id: http://core.svn.wordpress.org/trunk@33086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-07 19:29:24 +00:00
Mark Jaquith
423a1a7ca4
New password change/set UI.
...
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords
see #32589
props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023
git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Dion Hulse
c261ad2c57
Expire password reset links after 24 hours (by default). This causes existing password reset links to become invalid.
...
Props markjaquith, voldemortensen, johnbillion, MikeHansenMe, dd32
See #32429
Built from https://develop.svn.wordpress.org/trunk@33019
git-svn-id: http://core.svn.wordpress.org/trunk@32990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 06:33:26 +00:00
Scott Taylor
5b9b3cedea
When searching for users using the search
arg in get_users()
/WP_User_Query
, also search the user's email, url, and display name.
...
Adds unit tests.
Props mordauk, wonderboymusic.
Fixes #27304 .
Built from https://develop.svn.wordpress.org/trunk@32980
git-svn-id: http://core.svn.wordpress.org/trunk@32951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-28 00:36:24 +00:00
Scott Taylor
d6c644d8df
After [32884], update the default value for comment_shortcuts
.
...
Props dlh, rachelbaker, DrewAPicture.
Fixes #31588 .
Built from https://develop.svn.wordpress.org/trunk@32904
git-svn-id: http://core.svn.wordpress.org/trunk@32875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-22 20:44:26 +00:00
Dominik Schilling
4423739c65
Use 3-digit x.x.x style for 4.3.0
@since versions.
...
see #32335 , #32430 .
Built from https://develop.svn.wordpress.org/trunk@32897
git-svn-id: http://core.svn.wordpress.org/trunk@32868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 11:41:26 +00:00
Drew Jaynes
1077b83a20
Update the DocBlock for wp_insert_post()
to exclude now-defunct contact method arguments and clarify others.
...
Also clarifies information on available hooks and adds a changelog entry for when the contact method arguments were removed.
Props dlh, rachelbaker.
See #31588 .
Built from https://develop.svn.wordpress.org/trunk@32884
git-svn-id: http://core.svn.wordpress.org/trunk@32855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-20 02:53:27 +00:00
Scott Taylor
5e994cd6a1
Customizer et al, use elseif
in PHP, not else if
.
...
This was corrected via brute force in [31090].
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32874
git-svn-id: http://core.svn.wordpress.org/trunk@32845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-19 22:01:25 +00:00
Boone Gorges
2e5e0bdc78
When updating a user, only send email-change notification if email address is passed.
...
The notification, introduced in [32380], was firing incorrectly (and throwing
a PHP notice) when `wp_update_user()` was called without including 'user_email'
in the update data.
Props imath.
Fixes #32684 . See #32430 .
Built from https://develop.svn.wordpress.org/trunk@32838
git-svn-id: http://core.svn.wordpress.org/trunk@32809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-18 13:30:26 +00:00
Mark Jaquith
814865ea9e
Send emails when a user's email address or password is changed.
...
* In case of email change, email goes to the OLD address
* Prevents against issues where an account is compromised (say via cookie interception) and then the attacker silently takes over ownership via pw/email changes — now there will at least be a record that something is up
fixes #32430
props RMarks, MikeHansenMe, tharsheblows, obenland
Built from https://develop.svn.wordpress.org/trunk@32820
git-svn-id: http://core.svn.wordpress.org/trunk@32791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-17 19:31:27 +00:00
Boone Gorges
5dfd6a02a7
Avoid returning duplicate matches when using a meta query in WP_User_Query
.
...
A meta_query containing an `OR` relation can result in the same record matching
multiple clauses, leading to duplicate results. The previous prevention against
duplicates [18178] #17582 became unreliable in 4.1 when `WP_Meta_Query`
introduced support for nested clauses. The current changeset adds a new method
`WP_Meta_Query::has_or_relation()` for checking whether an `OR` relation
appears anywhere in the query, and uses the new method in `WP_User_Query` to
enforce distinct results as necessary.
Props maxxsnake.
Fixes #32592 .
Built from https://develop.svn.wordpress.org/trunk@32713
git-svn-id: http://core.svn.wordpress.org/trunk@32683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-09 17:42:28 +00:00
Sergey Biryukov
50369e1c98
Add @since
for check_password_reset_key()
, reset_password()
, and register_new_user()
.
...
see #20279 .
Built from https://develop.svn.wordpress.org/trunk@32696
git-svn-id: http://core.svn.wordpress.org/trunk@32666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-05 20:39:26 +00:00
Boone Gorges
2c9a2850b4
Add @since
entry for 'has_published_post' argument of WP_User_Query
.
...
Mega-props DrewAPicture.
Fixes #32250 .
Built from https://develop.svn.wordpress.org/trunk@32685
git-svn-id: http://core.svn.wordpress.org/trunk@32655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 18:21:26 +00:00
Boone Gorges
0471408596
Normalize whitespace in docblock for WP_User_Query::prepare_query()
.
...
Built from https://develop.svn.wordpress.org/trunk@32684
git-svn-id: http://core.svn.wordpress.org/trunk@32654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 13:35:26 +00:00
Boone Gorges
6db02371ec
Introduce 'has_published_posts'
parameter for WP_User_Query
.
...
This allows user query results to be limited to those users who have published
posts in at least one of the specified post types.
Props joehoyle, boonebgorges.
Fixes #32250 .
Built from https://develop.svn.wordpress.org/trunk@32683
git-svn-id: http://core.svn.wordpress.org/trunk@32653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 13:30:26 +00:00
Scott Taylor
d38fed6449
Add missing doc blocks to user.php
.
...
`username_exists()` should return `false` instead of `null`, just like `email_exists()` does, which is right under it.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32637
git-svn-id: http://core.svn.wordpress.org/trunk@32607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 15:51:25 +00:00
Jeremy Felt
a5c688e817
Use site objects rather than get_blog_status() in MS list tables.
...
Removes several repetitive calls to `get_blog_status()` that are not needed, as the data is already available as part of each site's object.
Fixes #32512 .
Built from https://develop.svn.wordpress.org/trunk@32630
git-svn-id: http://core.svn.wordpress.org/trunk@32600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 23:14:29 +00:00
Jeremy Felt
45ad4808d9
Provide all site flag data in objects returned by get_blogs_of_user()
...
Previously, `archived`, `spam`, and `deleted` properties were forced to `0` when returned by `get_blogs_of_user()`. This was originally introduced in [21794] as a way to prevent notices when properties were expected.
Instead, we can properly fill these properties with those retrieved from `get_blog_details()`.
Props realloc.
Fixes #32281 .
Built from https://develop.svn.wordpress.org/trunk@32626
git-svn-id: http://core.svn.wordpress.org/trunk@32596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 21:23:26 +00:00
Scott Taylor
1b52916239
Create a function, wp_roles()
, to DRY the inline instantiation of the $wp_roles
global.
...
Add missing doc blocks for `capabilities.php`.
See #32444 .
Built from https://develop.svn.wordpress.org/trunk@32541
git-svn-id: http://core.svn.wordpress.org/trunk@32511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-22 04:47:24 +00:00
Boone Gorges
9d54232e39
Streamline support for multiple post types in get_posts_by_author_sql()
.
...
* Don't accept a comma-separated list, only a single post type or an array of post types. This is easier to document.
* Add changelog entries to all calling functions.
Props DrewAPicture.
Fixes #32243 .
Built from https://develop.svn.wordpress.org/trunk@32524
git-svn-id: http://core.svn.wordpress.org/trunk@32494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-21 19:49:29 +00:00
Boone Gorges
67c935ad9c
Support multiple post types in count_user_posts()
and other functions that use get_posts_by_author_sql()
.
...
Props nikonratm.
Fixes #32243 .
Built from https://develop.svn.wordpress.org/trunk@32523
git-svn-id: http://core.svn.wordpress.org/trunk@32493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-21 18:43:27 +00:00
Boone Gorges
bbc5a2de2f
Ensure that 'who' param is respected when generating meta_query in WP_User_Query
.
...
Since [31669], the 'who' param had been parsed after meta_query was generated,
so that 'who' was effectively ignored.
Props imath.
Fixes #32019 .
Built from https://develop.svn.wordpress.org/trunk@32207
git-svn-id: http://core.svn.wordpress.org/trunk@32180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 15:16:27 +00:00
Dominik Schilling
64fc7294b6
Use HTTPS URLs for codex.wordpress.org.
...
see #27115 .
Built from https://develop.svn.wordpress.org/trunk@32116
git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
Drew Jaynes
ba1e7a7243
Correct grammar when referring to "a user" vs "an user" in several places.
...
Props ocean90.
Fixes #31894 .
Built from https://develop.svn.wordpress.org/trunk@32025
git-svn-id: http://core.svn.wordpress.org/trunk@32004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-05 14:44:27 +00:00