Commit Graph

224 Commits

Author SHA1 Message Date
Boone Gorges
8b4a5d1ec0 Introduce metadata for taxonomy terms.
Adds a new table to the database schema (`wp_termmeta`), and a set of
`*_term_meta()` API functions. `get_terms()` and `wp_get_object_terms()`
now also support 'meta_query' parameters, with syntax identical to other
uses of `WP_Meta_Query`.

When fetching terms via `get_terms()` or `wp_get_object_terms()`, metadata for
matched terms is preloaded into the cache by default. Disable this behavior
by setting the new `$update_term_meta_cache` paramater to `false`.

To maximize performance, within `WP_Query` loops, the termmeta cache is *not*
primed by default. Instead, we use a lazy-loading technique: metadata for all
terms belonging to posts in the loop is loaded into the cache the first time
that `get_term_meta()` is called within the loop.

Props boonebgorges, sirzooro.
See #10142.
Built from https://develop.svn.wordpress.org/trunk@34529


git-svn-id: http://core.svn.wordpress.org/trunk@34493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-25 03:59:27 +00:00
Boone Gorges
32887d3dfb Lazy-load comment meta on single post pages.
[34268] introduced cache priming for commentmeta, enabled by default. To
ensure performance on single post pages - where commentmeta is most likely
to cause performance issues - we disable up-front cache-priming. Instead, we
prime commentmeta caches for all comments in the loop the first time
`get_comment_meta()` is called on the page.

Props bradt, dd32, wonderboymusic, boonebgorges.
Fixes #16894.
Built from https://develop.svn.wordpress.org/trunk@34270


git-svn-id: http://core.svn.wordpress.org/trunk@34234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-17 20:01:24 +00:00
Boone Gorges
48b7547a52 Improve consistency of comment notification callback signatures.
Both `wp_new_comment_notify_moderator()` and `wp_new_comment_notify_postauthor()`
now accept a single argument: `$comment_ID`.

Props SergeyBiryukov.
Fixes #33587.
Built from https://develop.svn.wordpress.org/trunk@34252


git-svn-id: http://core.svn.wordpress.org/trunk@34216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 22:26:24 +00:00
Boone Gorges
85c00bd943 Move new user notification emails to add_action() callbacks.
When a new user is created in various places throughout the interface,
notifications are sent to the site admin and the new user. Previously, these
notifications were fired through direct calls to `wp_new_user_notification()`,
making it difficult to stop or modify the messages.

This changeset introduces a number of new action hooks in place of direct calls
to `wp_new_user_notification()`, and hooks the new wrapper function
`wp_send_new_user_notifications()` to these hooks.

Props dshanske, thomaswm, boonebgorges.
Fixes #33587.
Built from https://develop.svn.wordpress.org/trunk@34251


git-svn-id: http://core.svn.wordpress.org/trunk@34215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-16 22:19:24 +00:00
John Blackbourn
a78e850e9c Add the site icon meta tags to wp-login.php.
See #33597
Props iworks

Built from https://develop.svn.wordpress.org/trunk@34124


git-svn-id: http://core.svn.wordpress.org/trunk@34092 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 18:02:24 +00:00
Boone Gorges
b62bcef1b1 Send password-change email notifications via hook.
`wp_password_change_notification()` is now called at the 'after_password_reset'
action, rather than being invoked directly from the `reset_password()` function.

In order to make it possible to call `wp_password_change_notification()` as a
`do_action()` callback, the function signature has to be changed so that the
`$user` parameter is expected to be a value rather than a reference. Since
PHP 5.0, objects are passed by reference, so `&$user` was unnecessary anyway.

Props dshanske, thomaswm.
See #33587.
Built from https://develop.svn.wordpress.org/trunk@34107


git-svn-id: http://core.svn.wordpress.org/trunk@34075 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 02:45:25 +00:00
Boone Gorges
c614849786 Send comment notification emails via a hooked function.
Previously, `wp_notify_postauthor()` and `wp_notify_moderator()` were called
directly from `wp_new_comment()`, making it difficult to modify or suppress
default notification emails.

Props dshanske, thomaswm.
See #33587.
Built from https://develop.svn.wordpress.org/trunk@34106


git-svn-id: http://core.svn.wordpress.org/trunk@34074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-14 02:17:26 +00:00
Boone Gorges
151d27369d Term splitting routine should be run in a separate process, triggered via wp-cron.
[32814] introduced a routine to split shared terms, which was run during the
regular WP database upgrade. This turned out to be problematic because plugins
are not loaded during the db upgrade (due to `WP_INSTALLING`), with the result
that plugins were not able to hook into the 'split_shared_term' action during
the bulk split. We work around this limitation by moving the term splitting
routine to a separate process, triggered by a wp-cron hook.

Props boonebgorges, Chouby, peterwilsoncc, pento, dd32.
Fixes #30261.
Built from https://develop.svn.wordpress.org/trunk@33615


git-svn-id: http://core.svn.wordpress.org/trunk@33582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-14 03:59:26 +00:00
Boone Gorges
2c9e81349c When splitting a shared 'nav_menu' term, ensure that nav items and theme locations are retained.
Props boonebgorges, dd32.
Fixes #33187.
Built from https://develop.svn.wordpress.org/trunk@33611


git-svn-id: http://core.svn.wordpress.org/trunk@33578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-12 14:07:26 +00:00
Mark Jaquith
309516a6c1 Move media hooks out of admin-filters.php as sometimes editors are used on the front end.
fixes #33257
props wonderboymusic
Built from https://develop.svn.wordpress.org/trunk@33590


git-svn-id: http://core.svn.wordpress.org/trunk@33557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-06 20:40:26 +00:00
Dominik Schilling
8679a93f16 Themes: Remove legacy theme preview.
The pre-3.4 theme previewer doesn't work when using a static front page.
We kept the old theme preview for no-JS and some browsers that were less capable. But since browsers are doing a better job today we don't need to continue fixing/shipping this legacy code. Bye!

fixes #33178.
Built from https://develop.svn.wordpress.org/trunk@33492


git-svn-id: http://core.svn.wordpress.org/trunk@33459 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 18:36:26 +00:00
Andrew Ozz
4bd5e2db01 TinyMCE:
- Go back to encoding the editor content only when TinyMCE is used.
- Add check and encode `</textarea>` if present.
See #32425.
Built from https://develop.svn.wordpress.org/trunk@33187


git-svn-id: http://core.svn.wordpress.org/trunk@33159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 03:19:24 +00:00
Mark Jaquith
cf38b016e8 Revert [33038] because of objections raised on #22889 and #31590
Built from https://develop.svn.wordpress.org/trunk@33042


git-svn-id: http://core.svn.wordpress.org/trunk@33013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-02 00:47:24 +00:00
Mark Jaquith
9d11efe23c Say goodbye to ?replytocom=123 links and their URL pollution.
* Comment reply links continue to use JS as before.
* ?replytocom=123 links are deprecated.

props joostdevalk
fixes #22889
Built from https://develop.svn.wordpress.org/trunk@33038


git-svn-id: http://core.svn.wordpress.org/trunk@33009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 21:42:25 +00:00
Konstantin Obenland
c56a8ae0f7 Introducing Site Icon, favicon management for WordPress.
This v1 marries Jetpack's Site Icon module with the Media Modal, reusing code
from the Custom Header admin. For now, the core-provided icons will be limited
to a favicon, an iOS app icon, and a Windows tile icon, leaving `.ico` support
and additional icons to plugins to add.

Props obenland, tyxla, flixos90, jancbeck, markjaquith, scruffian.
See #16434.


Built from https://develop.svn.wordpress.org/trunk@32994


git-svn-id: http://core.svn.wordpress.org/trunk@32965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-29 12:58:25 +00:00
Andrew Ozz
e4758f42e5 Update the TinyMCE initialization:
- Replace `wp_htmledit_pre()` and `wp_richedit_pre()` with `format_for_editor()`.
- Replace the `'htmledit_pre'` and `'richedit_pre'` filters with `'format_for_editor'`.
- Do not run the post content through `wpautop()` in PHP when the visual editor is default. Run the textarea content through the JS wpautop on initializing TinyMCE.
- Simplify both editors initialization.
- Improve setting of `wpActiveEditor` in Quicktags.
- Improve editor.js, use `tinymce.$` when possible.
See #32425.
Built from https://develop.svn.wordpress.org/trunk@32899


git-svn-id: http://core.svn.wordpress.org/trunk@32870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 22:01:28 +00:00
Andrew Ozz
b9a4fefb08 Update convert_chars():
- Stop trying to remove `<title>` and `<category>` meta tags. They have not been used for many many years.
- Replacement of `<br>` with `<br />` and `<hr>` with `<hr />` is not needed for HTML 5.0. Also, these tags are formatted like that by the visual editor.
- Replace invalid HTML entities that might be pasted in the Text editor on save instead of on display.
Fixes #32335.
Built from https://develop.svn.wordpress.org/trunk@32896


git-svn-id: http://core.svn.wordpress.org/trunk@32867 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 00:59:26 +00:00
Andrew Ozz
82fcdec660 Editor: do not reuse the preview tab when the user has navigated away.
See #32588.
Built from https://develop.svn.wordpress.org/trunk@32809


git-svn-id: http://core.svn.wordpress.org/trunk@32780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 23:13:26 +00:00
Andrew Nacin
6df83c542b Revert change to default-filters.php in [32632]. see #32516.
Built from https://develop.svn.wordpress.org/trunk@32633


git-svn-id: http://core.svn.wordpress.org/trunk@32603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 05:52:25 +00:00
Andrew Nacin
65c382d550 Fix return error in get_theme_mods() from [32629].
Split a line with both an assignment and a conditional, not to mention an interpolated variable. Lots going on, easy mistake to make.

props BrianLayman.
fixes #32516.

Built from https://develop.svn.wordpress.org/trunk@32632


git-svn-id: http://core.svn.wordpress.org/trunk@32602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 05:51:25 +00:00
Drew Jaynes
4c37f68b79 Fix inline documentation syntax in wp_xmlrpc_server.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@32591


git-svn-id: http://core.svn.wordpress.org/trunk@32561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-25 06:25:25 +00:00
Andrew Nacin
7f1b31f80f Clean up wp_staticize_emoji() and friends.
* DOMDocument was removed in [31752] but not the check.
 * wp_staticize_emoji() has never accepted a second arg; remove it from calls.
 * Remove wp_staticize_emoji_for_feeds(), no need for it.
 * Remove _ and @ignore from wp_staticize_emoji_for_email(), no need for it.

see #31242.

Built from https://develop.svn.wordpress.org/trunk@32161


git-svn-id: http://core.svn.wordpress.org/trunk@32136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 04:15:26 +00:00
Gary Pendergast
2c45fd7ed7 Emoji: Revert [31877], and print the emoji shim and styles during admin_print_scripts and admin_print_styles, instead. This is a few milliseconds slower, but easier to reuse in Press This, and any other code that uses admin scripts and styles, without using admin-header.php.
See #31701.


Built from https://develop.svn.wordpress.org/trunk@31879


git-svn-id: http://core.svn.wordpress.org/trunk@31858 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-25 01:43:28 +00:00
Gary Pendergast
b53b12ff8c Emoji: Instead of loading the emoji JS files automatically, we now include a small JS shim in the header, to test if the user's browser needs Twemoji. It then loads the emoji JS files only if they're needed.
Props pento, azaozz.

Fixes #31701.


Built from https://develop.svn.wordpress.org/trunk@31875


git-svn-id: http://core.svn.wordpress.org/trunk@31854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-24 23:33:32 +00:00
Gary Pendergast
a97462e755 Emoji: Rename the email and feed filter functions to be _ prefixed, and @ignore-d in the PHPDocs.
See #31242


Built from https://develop.svn.wordpress.org/trunk@31791


git-svn-id: http://core.svn.wordpress.org/trunk@31773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-16 10:46:26 +00:00
Andrew Ozz
a7fd4a3774 Emoji:
- Add the styling for the replacement images to the admin CSS.
- Revert to using `.emoji` as replacement image class.
- When pasting in the editor, convert emoji images to our format so we can replace them with chars on saving.
- Some more clean up of both the plugin and wp-emoji.js.
See #31242.
Built from https://develop.svn.wordpress.org/trunk@31786


git-svn-id: http://core.svn.wordpress.org/trunk@31766 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-15 23:16:29 +00:00
Gary Pendergast
46e2a65cf1 Add emoji support, with Twemoji fallback.
Replace exisiting smilies with equivalent emoji, or with shiny new smiley images where no emoji existed.

Props batmoo, joen and mkaz for the original plugin upon which this is based.

Props pento, iseulde, kraftbj and peterwilsoncc for making the internet's dreams come true.

See #31242


Built from https://develop.svn.wordpress.org/trunk@31733


git-svn-id: http://core.svn.wordpress.org/trunk@31714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-11 22:49:28 +00:00
Helen Hou-Sandí
c16129d3cf Enable more flexibility for non-URL GUIDs.
props stevenkword.
fixes #31080.

Built from https://develop.svn.wordpress.org/trunk@31726


git-svn-id: http://core.svn.wordpress.org/trunk@31707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-11 20:00:26 +00:00
Sergey Biryukov
bff59aa8cb Revert the part of [31168] that [31701] was trying to fix.
`default-filters.php` is loaded before the `$current_site` global is set, so `is_main_site()` cannot be used there.

fixes #30947.
Built from https://develop.svn.wordpress.org/trunk@31708


git-svn-id: http://core.svn.wordpress.org/trunk@31689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-10 23:20:26 +00:00
Sergey Biryukov
74dfb2680b Don't run update checks for AJAX requests after [31168].
fixes #30947.
Built from https://develop.svn.wordpress.org/trunk@31701


git-svn-id: http://core.svn.wordpress.org/trunk@31682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-10 19:30:27 +00:00
Andrew Ozz
848cd46e9a PressThis TinyMCE: set 'directionality' and add the LTR button when in RTL. Fixes #31474.
Built from https://develop.svn.wordpress.org/trunk@31580


git-svn-id: http://core.svn.wordpress.org/trunk@31561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-27 20:21:24 +00:00
Boone Gorges
44ac816aed Split shared taxonomy terms on term update.
When updating an existing taxonomy term that shares its `term_id` with
another term, we generate a new row in `wp_terms` and associate the updated
term_taxonomy_id with the new term. This separates the terms, such that
updating the name of one term does not change the name of any others.

In cases where a plugin or theme stores term IDs in the database, term splitting
can cause backward compatibility issues. The current changeset introduces
two utilities to aid developers with the transition. The `'split_shared_term'`
action fires when the split takes place, and should be used to catch changes in
term_id. In cases where `'split_shared_term'` cannot be used, the
`wp_get_split_term()` function gives developers access to data about terms
that have previously been split. Documentation for these functions, with
examples, can be found in the Plugin Developer Handbook. WordPress itself
stores term IDs in this way in two places; `_wp_check_split_default_terms()`
and `_wp_check_split_terms_in_menus()` are hooked to `'split_shared_term'` to
perform the necessary cleanup.

See [30241] for a previous attempt at the split. It was reverted in [30585]
for 4.1.0.

Props boonebgorges, mboynes.
See #5809.
Built from https://develop.svn.wordpress.org/trunk@31418


git-svn-id: http://core.svn.wordpress.org/trunk@31399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-11 19:42:25 +00:00
Scott Taylor
fc843ce4d0 There are some random add_action() and add_filter() calls littered around some files in wp-includes/. These should be moved to wp-includes/default-filters.php with the rest of the registered hooks. It seems like this was the best practice for awhile and then we randomly stopped. This file loads way before any of the includes, so the hooks will be registered for any request that loads WordPress, even SHORTINIT - a lot of the hooks registered won't run anyways (that's already the case).
See #30947.

Built from https://develop.svn.wordpress.org/trunk@31168


git-svn-id: http://core.svn.wordpress.org/trunk@31149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-12 16:40:23 +00:00
Boone Gorges
213ecc8a07 Revert shared taxonomy term splitting for 4.1.
This is a revert of [30494], [30492], [30347], and [30334]. The latter
changeset was a revert of [30336], which was a revert of [30241].

Watch for Term Splitting, Version III in version 4.2, coming soon to a
WordPress trunk near you.

See #30335, #5809.
Built from https://develop.svn.wordpress.org/trunk@30585


git-svn-id: http://core.svn.wordpress.org/trunk@30575 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-27 00:05:22 +00:00
John Blackbourn
2aabde8f74 Remove whitespace accidentally introduced in r30498
See #30335

Built from https://develop.svn.wordpress.org/trunk@30499


git-svn-id: http://core.svn.wordpress.org/trunk@30488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-21 04:01:22 +00:00
John Blackbourn
196e069c5b split_shared_term is an action, not a filter.
See #30335

Built from https://develop.svn.wordpress.org/trunk@30498


git-svn-id: http://core.svn.wordpress.org/trunk@30487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-21 03:51:21 +00:00
Boone Gorges
57e358da63 Improve cleanup of cached term_ids after shared terms are split.
* If the split term ID is stored as 'default_category', 'default_link_category', or 'default_email_category', update it to the new ID.
* If the split term ID is associated with a nav menu item, update that piece of postmeta to the new ID.

Props mboynes.
See #30335.
Built from https://develop.svn.wordpress.org/trunk@30494


git-svn-id: http://core.svn.wordpress.org/trunk@30483 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-21 03:17:22 +00:00
Scott Taylor
be08f576df Improve some post_status-related documentation.
Props ericlewis.
See #30230.

Built from https://develop.svn.wordpress.org/trunk@30155


git-svn-id: http://core.svn.wordpress.org/trunk@30155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-01 20:20:23 +00:00
John Blackbourn
0f64edb657 Introduce a new means of outputting a <title> tag in the theme head. Requires a theme to add support by calling add_theme_support( 'title-tag' ). This is the first step in adding a more robust means of generating and outputting the title tag.
See #18548.
Props obenland, chrisbliss18, joostdevalk.


Built from https://develop.svn.wordpress.org/trunk@30074


git-svn-id: http://core.svn.wordpress.org/trunk@30074 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-28 21:12:22 +00:00
Scott Taylor
d2c99a5646 Add a default filter to title_save_pre: trim, because extra whitespace.
Props nikolov.tmw, avryl.
Fixes #19904.

Built from https://develop.svn.wordpress.org/trunk@29801


git-svn-id: http://core.svn.wordpress.org/trunk@29568 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-10-01 18:58:16 +00:00
Andrew Nacin
acba3131d7 Allow for custom authentication handlers for all requests.
Turn the logic used by wp_get_current_user() into a determine_current_user filter.

props rmccue.
fixes #26706.

Built from https://develop.svn.wordpress.org/trunk@27484


git-svn-id: http://core.svn.wordpress.org/trunk@27328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-03-09 15:23:15 +00:00
Andrew Ozz
eba12cfaf4 Remove unused arg from wp_auth_check(), see #27081.
Built from https://develop.svn.wordpress.org/trunk@27154


git-svn-id: http://core.svn.wordpress.org/trunk@27021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-09 22:34:11 +00:00
Andrew Nacin
60cc98b86d Run wp_auth_check on every heartbeat tick.
wp_heartbeat_received only runs when data is sent. We want to always pass this data back, though.

fixes #27081.

Built from https://develop.svn.wordpress.org/trunk@27153


git-svn-id: http://core.svn.wordpress.org/trunk@27020 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-02-09 22:28:12 +00:00
Dion Hulse
7f1047ece1 Remove the experimental RSS.JS feed, and move it to a plugin for feature development. Unprops pento. See #25639
Built from https://develop.svn.wordpress.org/trunk@26644


git-svn-id: http://core.svn.wordpress.org/trunk@26534 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-12-04 22:24:10 +00:00
Andrew Nacin
c8bbc31c39 Add an experimental rssjs feed based on the experimental rss.js spec.
This is simply a JSON representation of the RSS 2.0 feed, accessible at /feed/rssjs/ anywhere.

props pento.
see #25639.

Built from https://develop.svn.wordpress.org/trunk@26294


git-svn-id: http://core.svn.wordpress.org/trunk@26199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-11-20 22:58:09 +00:00
Scott Taylor
eeb3b15936 Pass the taxonomy around to relevant nav menu actions to avoid arbitrarily deleting all items with menu-item-type of taxonomy. Adds unit test for wp_get_associated_nav_menu_items().
Props garyc40, SergeyBiryukov.
Fixes #15264.


Built from https://develop.svn.wordpress.org/trunk@25163


git-svn-id: http://core.svn.wordpress.org/trunk@25142 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-29 16:45:10 +00:00
Andrew Nacin
d26e92d60f Remove unnecessary loops in default-filters.php.
props Jayjdk.
fixes #25011.

Built from https://develop.svn.wordpress.org/trunk@25134


git-svn-id: http://core.svn.wordpress.org/trunk@25114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-27 11:59:11 +00:00
Andrew Nacin
24a9673b1e Format WordPress in <title> tags produced by wp_title().
props evansolomon.
fixes #19211.


Built from https://develop.svn.wordpress.org/trunk@25093


git-svn-id: http://core.svn.wordpress.org/trunk@25077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-08-22 21:59:10 +00:00
Andrew Nacin
1ec392175c Additional checks when evaluating the safety of an HTTP request, to avoid false negatives.
* Check if the host is considered a safe redirect host.
 * Check if the host is another domain in a multisite installation.
 * Add a filter to control this.

This only occurs when the DNS resolution of a domain points elsewhere in an internal network, but only internally (and has its own public IP outside the network). This could be considered a bad configuration.

fixes #24646.



git-svn-id: http://core.svn.wordpress.org/trunk@24915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:44:57 +00:00
Andrew Nacin
5c20d1eca1 Remove "special" multisite spam check in the authentication API.
The spamming of a site no longer directly affects a user of said site.

Moves the spam check to the wp_authenticate filter. Networks in need
of enhanced spam-fighting should leverage this same technique.

Allow is_user_spammy() to accept a WP_User object.

props willnorris, brianhogg.
fixes #24771. see #19714.



git-svn-id: http://core.svn.wordpress.org/trunk@24848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-29 03:23:51 +00:00