Commit Graph

677 Commits

Author SHA1 Message Date
dmsnell
8269c3fcd6 Users: Avoid ambiguous password reset URLs for usernames ending in a period.
When WordPress sends out a password-reset or new-user email, it generates
a link for someone to follow in order to take them to the reset page. If
the user login name ends in a period, however, that generated URL will
end in a period and many email clients will confuse it with a
sentence-ending period instead of being part of the query arguments.

In this patch, the generated URL's query argument are rearranged so that
the link will never end in a period. Alternative ideas were explored to
create a new function to escape URL-ending periods, but this patch resolves
the reported problem without raising any further architectural questions.

Developed in https://github.com/WordPress/wordpress-develop/pull/6834
Discussed in https://core.trac.wordpress.org/ticket/42957

Props audrasjb, costdev, daveagp, dmsnell, hellofromTonya, markparnell, mukesh27, nhrrob, obrienlabs, paulcline.
Fixes #42957.

Built from https://develop.svn.wordpress.org/trunk@58674


git-svn-id: http://core.svn.wordpress.org/trunk@58076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-07-04 22:01:22 +00:00
Sergey Biryukov
a47ccea2da Docs: Add missing full stop in some DocBlocks in wp-includes/user.php.
Follow-up to [40980], [43211], [43373], [47279], [51129].

Props praful2111, nareshbheda.
Fixes #61491.
Built from https://develop.svn.wordpress.org/trunk@58589


git-svn-id: http://core.svn.wordpress.org/trunk@58036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-27 23:17:17 +00:00
Sergey Biryukov
11d6ed3dc8 Login and Registration: Declare globals at the top of wp_signon() for consistency.
Follow-up to [10437], [32637], [58333].

See #58901.
Built from https://develop.svn.wordpress.org/trunk@58341


git-svn-id: http://core.svn.wordpress.org/trunk@57797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-05 12:23:10 +00:00
audrasjb
5d6ac060ba Login and Registration: Flush user_activation_key after successfully login.
This changeset ensures the `user_activation_key` is flushed after successful login, so reset password links can not be used anymore after the user successfully log into their dashboard.

Props nsinelnikov, rajinsharwar, Rahmohn, oglekler, hellofromTonya.
Fixes #58901.
See #32429



Built from https://develop.svn.wordpress.org/trunk@58333


git-svn-id: http://core.svn.wordpress.org/trunk@57789 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-06-04 14:44:16 +00:00
Sergey Biryukov
de4d4199cb Coding Standards: Use strict comparison in wp-includes/user.php.
Follow-up to [2895], [3481], [5627], [https://mu.trac.wordpress.org/changeset/1581 mu:1581], [https://mu.trac.wordpress.org/changeset/1612 mu:1612], [12603], [18504], [33771], [41653], [41654], [45708], [51399].

Props dhruvang21, aristath, poena, afercia, SergeyBiryukov.
Fixes #61315. See #60700.
Built from https://develop.svn.wordpress.org/trunk@58261


git-svn-id: http://core.svn.wordpress.org/trunk@57724 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-30 21:19:18 +00:00
Sergey Biryukov
e59e190855 Docs: Add a note that the who parameter in WP_User_Query is deprecated.
Any usage of `'who' => 'authors'` should be updated to use capability queries instead.

Includes documenting the capability query parameters in `wp_dropdown_users()`.

Follow-up to [51943].

Props kkmuffme, swissspidy, SergeyBiryukov.
See #61243.
Built from https://develop.svn.wordpress.org/trunk@58172


git-svn-id: http://core.svn.wordpress.org/trunk@57635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-19 19:53:19 +00:00
John Blackbourn
1bbbb4bd75 Docs: Correct some docblock indentation.
See #60699

Built from https://develop.svn.wordpress.org/trunk@58071


git-svn-id: http://core.svn.wordpress.org/trunk@57536 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-05-01 23:44:12 +00:00
Pascal Birchler
60b72e87d7 Login and Registration: Slash email address when updating an existing user.
Addresses an issue with password reset keys when the email address contains special characters such as apostrophes.

Props emirpprime, rajinsharwar, fnpen, hellofromTonya, oglekler, nicolefurlan.
Fixes #52529.
Built from https://develop.svn.wordpress.org/trunk@57711


git-svn-id: http://core.svn.wordpress.org/trunk@57212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-02-26 10:43:06 +00:00
Felix Arntz
e19c18cba9 Bootstrap/Load: Introduce functions to check whether WordPress is serving a REST API request.
This changeset introduces two functions:
* `wp_is_serving_rest_request()` returns a boolean for whether WordPress is serving an actual REST API request.
* `wp_is_rest_endpoint()` returns a boolean for whether a WordPress REST API endpoint is currently being used. While this is always the case if `wp_is_serving_rest_request()` returns `true`, the function additionally covers the scenario of internal REST API requests, i.e. where WordPress calls a REST API endpoint within the same request.

Both functions should only be used after the `parse_request` action.

All relevant manual checks have been adjusted to use one of the new functions, depending on the use-case. They were all using the same constant check so far, while in fact some of them were intending to check for an actual REST API request while others were intending to check for REST endpoint usage.

A new filter `wp_is_rest_endpoint` can be used to alter the return value of the `wp_is_rest_endpoint()` function.

Props lots.0.logs, TimothyBlynJacobs, flixos90, joehoyle, peterwilsoncc, swissspidy, SergeyBiryukov, pento, mikejolley, iandunn, hellofromTonya, Cybr, petitphp.
Fixes #42061.

Built from https://develop.svn.wordpress.org/trunk@57312


git-svn-id: http://core.svn.wordpress.org/trunk@56818 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2024-01-19 17:40:09 +00:00
Sergey Biryukov
356dd51612 Docs: Document the $wp_hasher global in wp_generate_user_request_key().
Includes adding a description for the global in a few other functions.

Follow-up to [42791], [42964], [43008].

Props viralsampat.
See #60021.
Built from https://develop.svn.wordpress.org/trunk@57226


git-svn-id: http://core.svn.wordpress.org/trunk@56732 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-12-24 13:05:21 +00:00
joedolson
d2cc86d508 Administration: Use wp_admin_notice() in /wp-includes/.
Add usages of `wp_admin_notice()` and `wp_get_admin_notice()` on `.notice-[type]` in the root level of `/wp-includes/`. Ongoing task to implement new function across core.

Props costdev, joedolson.
See #57791.
Built from https://develop.svn.wordpress.org/trunk@56572


git-svn-id: http://core.svn.wordpress.org/trunk@56084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-14 01:25:16 +00:00
Sergey Biryukov
e5490118af Coding Standards: Include one space after function keyword for closures.
Note: This is enforced by WPCS 3.0.0.

Reference: [https://github.com/WordPress/WordPress-Coding-Standards/pull/2328 WPCS: PR #2328 Core: properly check formatting of function declaration statements].

Props jrf.
See #59161, #58831.
Built from https://develop.svn.wordpress.org/trunk@56559


git-svn-id: http://core.svn.wordpress.org/trunk@56071 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-12 15:23:18 +00:00
Sergey Biryukov
b80ce60f70 Coding Standards: Use pre-increment/decrement for stand-alone statements.
Note: This is enforced by WPCS 3.0.0:

1. There should be no space between an increment/decrement operator and the variable it applies to.
2. Pre-increment/decrement should be favoured over post-increment/decrement for stand-alone statements. “Pre” will in/decrement and then return, “post” will return and then in/decrement. Using the “pre” version is slightly more performant and can prevent future bugs when code gets moved around.

References:
* [https://developer.wordpress.org/coding-standards/wordpress-coding-standards/php/#increment-decrement-operators WordPress PHP Coding Standards: Increment/decrement operators]
* [https://github.com/WordPress/WordPress-Coding-Standards/pull/2130 WPCS: PR #2130 Core: add sniffs to check formatting of increment/decrement operators]

Props jrf.
See #59161, #58831.
Built from https://develop.svn.wordpress.org/trunk@56549


git-svn-id: http://core.svn.wordpress.org/trunk@56061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-09 09:28:26 +00:00
John Blackbourn
46fda1912c Privacy: Improve docblocks for hooks and functions related to personal data export and erasure.
See #58833

Built from https://develop.svn.wordpress.org/trunk@56482


git-svn-id: http://core.svn.wordpress.org/trunk@55994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-28 21:53:21 +00:00
John Blackbourn
9bb4defc3e Users: Call add_user_meta() instead of update_user_meta() when adding metadata to a new user.
This improves the performance of inserting users as it removes one unnecessary `SELECT` query for every row of metadata inserted.

Props swissspidy, spacedmonkey, johnbillion

Fixes #59212

Built from https://develop.svn.wordpress.org/trunk@56478


git-svn-id: http://core.svn.wordpress.org/trunk@55990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-27 12:23:23 +00:00
Sergey Biryukov
c9c4cf7b02 Users: Remove unused wpdb global in check_password_reset_key().
Follow-up to [45716].

Props upadalavipul.
See #59185.
Built from https://develop.svn.wordpress.org/trunk@56477


git-svn-id: http://core.svn.wordpress.org/trunk@55989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-27 04:49:23 +00:00
Sergey Biryukov
34dd52dea7 Coding Standards: Use instanceof keyword instead of the is_a() function.
This is a micro-optimization that removes a few unnecessary function calls.

Follow-up to [31188], [34369], [38986], [41159], [43211], [43230], [44606], [45757].

Props ayeshrajans, jrf, rajinsharwar, costdev, mukesh27, SergeyBiryukov.
Fixes #58943.
Built from https://develop.svn.wordpress.org/trunk@56352


git-svn-id: http://core.svn.wordpress.org/trunk@55864 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-08-03 12:10:28 +00:00
audrasjb
b89f155a10 Docs: Replace multiple single line comments with multi-line comments.
This changeset updates various comments as per WordPress PHP Inline Documentation Standards.
See https://developer.wordpress.org/coding-standards/inline-documentation-standards/php/#5-inline-comments.

Follow-up to [56174], [56175], [56176], [56177], [56178], [56179], [56180], [56191], [56192], [56193].

Props costdev, audrasjb.
See #58459.



Built from https://develop.svn.wordpress.org/trunk@56194


git-svn-id: http://core.svn.wordpress.org/trunk@55706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-10 23:11:22 +00:00
audrasjb
29791cad8c Coding Standards: Add missing newline at the end of wp-admin/user.php.
Follow-up to [56150].

See #58194.



Built from https://develop.svn.wordpress.org/trunk@56151


git-svn-id: http://core.svn.wordpress.org/trunk@55663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-06 12:54:22 +00:00
audrasjb
e952b31145 Users: Remove password reset links when the feature is not allowed for a specific user.
This also introduces `wp_is_password_reset_allowed_for_user()` which returns `false` when password reset is not allowed for a specific user. This can be 
filtered by developers using the existing `allow_password_reset` hook.

Props ocean90, cshark, robinwpdeveloper, tahmina1du, kraftbj.
Fixes #58194.



Built from https://develop.svn.wordpress.org/trunk@56150


git-svn-id: http://core.svn.wordpress.org/trunk@55662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-07-06 12:47:23 +00:00
audrasjb
955720d678 Users: Introduce the wp_update_user action.
This changeset introduces the `wp_update_user` action hook, which fires after the user has been updated and emails have been sent.

Props tanner-m, desrosj, lphoumpakka, oglekler, audrasjb, azzaoz.
Fixes #57843.



Built from https://develop.svn.wordpress.org/trunk@56071


git-svn-id: http://core.svn.wordpress.org/trunk@55583 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-27 16:27:29 +00:00
Sergey Biryukov
84e9601e5a Code Modernization: Replace usage of substr() with str_starts_with() and str_ends_with().
`str_starts_with()` and `str_ends_with()` were introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins or ends with the given substring (needle).

WordPress core includes a polyfill for these functions on PHP < 8.0 as of WordPress 5.9.

This commit uses `str_starts_with()` and `str_ends_with()` in core files where appropriate:
* `$needle === substr( $string, 0, $length )`, where `$length` is the length of `$needle`, is replaced with `str_starts_with( $haystack, $needle )`.
* `$needle === substr( $string, $offset )`, where `$offset` is negative and the absolute value of `$offset` is the length of `$needle`, is replaced with `str_ends_with( $haystack, $needle )`.

This aims to make the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987], [55988].

Props Soean, spacedmonkey, Clorith, ocean90, azaozz, sabernhardt, SergeyBiryukov.
Fixes #58220.
Built from https://develop.svn.wordpress.org/trunk@55990


git-svn-id: http://core.svn.wordpress.org/trunk@55502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:57:24 +00:00
Sergey Biryukov
1ce5dc7444 Code Modernization: Replace usage of strpos() with str_contains().
`str_contains()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) contains the given substring (needle).

WordPress core includes a polyfill for `str_contains()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `false !== strpos( ... )` with `str_contains()` in core files, making the code more readable and consistent, as well as better aligned with modern development practices.

Follow-up to [52039], [52040], [52326], [55703], [55710], [55987].

Props Soean, spacedmonkey, costdev, dingo_d, azaozz, mikeschroder, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #58206.
Built from https://develop.svn.wordpress.org/trunk@55988


git-svn-id: http://core.svn.wordpress.org/trunk@55500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-06-22 14:36:26 +00:00
Sergey Biryukov
956be813b6 Coding Standards: Improve formatting of some SQL queries for better readability.
This corrects the placement of double quotes around the query and makes sure the alignment is consistent.

Props umeshmcakadi, mukesh27, krupalpanchal, dhrumilk, SergeyBiryukov.
Fixes #58372.
Built from https://develop.svn.wordpress.org/trunk@55857


git-svn-id: http://core.svn.wordpress.org/trunk@55369 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-25 12:55:19 +00:00
spacedmonkey
3ac5fd72d0 Networks and Sites: Lazy load site meta.
In [36566] a framework to lazily load metadata was introduced. This supported term and comment meta by default. In this commit, extends support for site ( blog ) meta. Site meta is not heavily used by core and is used by developers to extend multisite. In this change, `_prime_site_caches` and `WP_Site_Query` now call the new function `wp_lazyload_site_meta`. The function `wp_lazyload_site_meta` accepts an array of ids and adds them to the queue of metadata to be lazily loaded. The function `get_blogs_of_user` was updated to now lazily load site meta. 

Follow on from [55671].

Props spacedmonkey, johnjamesjacoby, peterwilsoncc, mukesh27.
Fixes #58185.
Built from https://develop.svn.wordpress.org/trunk@55747


git-svn-id: http://core.svn.wordpress.org/trunk@55259 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-11 11:15:24 +00:00
Sergey Biryukov
2ec23a82ed Code Modernization: Replace usage of strpos() with str_starts_with().
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).

WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.

This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.

While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.

Follow-up to [52039], [52040], [52326].

Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes #58012.
Built from https://develop.svn.wordpress.org/trunk@55703


git-svn-id: http://core.svn.wordpress.org/trunk@55215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 15:45:22 +00:00
spacedmonkey
c1facaa4ce Cache API: Add helper function wp_cache_set_last_changed.
Add a helper function called `wp_cache_set_last_changed` to set the last changed value for cache groups. This function has a new action called `wp_cache_set_last_changed`, allowing for developers to cache invalidate when last changed value is changed. 

Props tillkruess, spacedmonkey, peterwilsoncc, mukesh27, johnjamesjacoby. 
Fixes #57905.
Built from https://develop.svn.wordpress.org/trunk@55702


git-svn-id: http://core.svn.wordpress.org/trunk@55214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-05-02 11:26:24 +00:00
spacedmonkey
2a82f1527d Users: Cache database queries within WP_User_Query class.
Cache the results of database queries within `WP_User_Query` class. Only cache queries that are requesting 3 or less fields so that caches are not storing full user objects. Cache results are stored in a new global cache group named `users-queries`. Add a new parameter to `WP_User_Query` called `cache_results` to allow developers to opt out of a receiving cached results. `cache_results` parameter defaults to true. Also add a new helper function called `wp_cache_set_users_last_changed`, similar to `wp_cache_set_posts_last_changed` that incroments last changed value in cache group `users`.  Ensure that `wp_cache_set_users_last_changed` is called whenever user / user meta is modified for proper cache invalidation. 

Props johnjamesjacoby, spacedmonkey, westi, dd32, strategio, srikanthmeenakshi, OllieJones, khoipro, rjasdfiii, flixos90, mukesh27, peterwilsoncc. 
Fixes #40613.
Built from https://develop.svn.wordpress.org/trunk@55657


git-svn-id: http://core.svn.wordpress.org/trunk@55169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-18 11:50:27 +00:00
audrasjb
1764cee3d1 Login and Registration: Revert [55358] and [55360].
This reverts the changes implemented in [55358] and [55360].

Changeset [55358] was committed to prevent login name collision when one user registers with the email address `user@example.com` and a second user tries to register with the username `user@example.com`. However, it also introduced a potential backward compatibility issues for plugins that use `wp_update_user()`. When updating an existing user, it throws an `existing_user_email_as_login` error if the email address is also used for the user login, due to the code introduced in [55358].

This changeset removes the new scenario added in [55358] and [55360], restoring the `wp_insert_user()` function back to its previous state.

Props polevaultweb, audrasjb, costdev, peterwilsoncc, hellofromTonya, SergeyBiryukov, azaozz.
See #57967, #57394.

Built from https://develop.svn.wordpress.org/trunk@55584


git-svn-id: http://core.svn.wordpress.org/trunk@55096 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-03-23 13:54:23 +00:00
audrasjb
34229a4286 Help/About: Avoid extra redirections on HelpHub Links.
This changeset replaces various HelpHub links that have changed to avoid extra 301 redirections.

Props sabernhardt, audrasjb.
See #57726.

Built from https://develop.svn.wordpress.org/trunk@55414


git-svn-id: http://core.svn.wordpress.org/trunk@54947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-23 11:06:19 +00:00
audrasjb
418a21fdbc Help/About: Use the new /documentation/ URLs for HelpHub links in WordPress Admin.
As `https://wordpress.org/support/` was redirected to `https://wordpress.org/documentation/`, this changeset replaces various `/support/article/*` links with `/documentation/article/*` to avoid an extra redirect.

This also updates links to Support Forums by replacing `https://wordpress.org/support/` URLs with `https://wordpress.org/support/forums/`.

Props SergeyBiryukov, audrasjb, dhrupo, hasanmisbah, sakibmd, sabernhardt.
See #57726.

Built from https://develop.svn.wordpress.org/trunk@55412


git-svn-id: http://core.svn.wordpress.org/trunk@54945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-23 10:38:21 +00:00
audrasjb
57d8df8ab1 Users: Fix confirmation link for multisite users with no role.
This fixes a regression introduced in [41163], where the link in change confirmation emails for users with no roles in a multisite install was incorrect, causing them to be unable to change their email address. This changeset replaces `admin_url()` with `self_admin_url()` to restore the previous fix.

Follow-up to [38876], [40632], [41165], [41163].

Props roytanck, SergeyBiryukov, johnbillion, afrin29.
Fixes #57164.

Built from https://develop.svn.wordpress.org/trunk@55396


git-svn-id: http://core.svn.wordpress.org/trunk@54929 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-21 15:55:19 +00:00
Sergey Biryukov
db71029a47 Users: Correct the error code in wp_insert_user() when login matches an existing email.
Move the test next to the other tests for `user_login`.

Follow-up to [55358].

See #57394.
Built from https://develop.svn.wordpress.org/trunk@55360


git-svn-id: http://core.svn.wordpress.org/trunk@54893 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-17 10:15:22 +00:00
Adam Silverstein
1b873c8a19 Login and Registration: prevent registering with username that matches previous user email.
When registering a new user, check that no existing user has an email matching the username.

Prevents a login name collision when one user registers with the email address user@test.com and a second user tries to register with the username user@test.com.

Props buutqn, dunhakdis, roytanck, ajayver.
Fixes #57394.


Built from https://develop.svn.wordpress.org/trunk@55358


git-svn-id: http://core.svn.wordpress.org/trunk@54891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-17 08:10:22 +00:00
Sergey Biryukov
bc0c01b1ac Login and Registration: Set correct default values in wp_signon().
The `$credentials['user_login']` and `$credentials['user_password']` parameters are passed by reference to the `wp_authenticate` action, and are at that point [https://www.php.net/manual/en/language.references.pass.php#124383 created as null] if they don't exist in the array.

This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices:
 * One from `preg_replace()` in `wp_strip_all_tags()` via `sanitize_user()` in `wp_authenticate()`:
{{{
Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
 * One from `trim()` in `wp_authenticate()` itself:
{{{
Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated
}}}

Includes documenting the `$credentials` parameter using hash notation.

Follow-up to [6643], [37697].

Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov.
Fixes #56850.
Built from https://develop.svn.wordpress.org/trunk@55301


git-svn-id: http://core.svn.wordpress.org/trunk@54834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-02-09 01:31:22 +00:00
Pascal Birchler
5edb22187d I18N: Introduce switch_to_user_locale().
This new function makes it easier to switch to a specific user’s locale by reducing duplicate code and storing the user’s ID as additional context for plugins to consume. Existing usage of `switch_to_locale()` in core has been replaced with `switch_to_user_locale()` where appropriate.

Also, this change ensures `WP_Locale_Switcher` properly filters `determine_locale` so that anyyone using the `determine_locale()` function will get the correct locale information when switching is in effect.

Props costdev.
Fixes #57123.
See #26511.
Built from https://develop.svn.wordpress.org/trunk@55161


git-svn-id: http://core.svn.wordpress.org/trunk@54694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-01-30 10:27:16 +00:00
Sergey Biryukov
35e349ee16 Code Modernization: Rename parameters that use reserved keywords in wp-includes/user.php.
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.

This commit renames the `$global` parameter to `$is_global` in:
* `update_user_option()`
* `delete_user_option()`

Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927], [54929], [54930], [54931], [54932], [54933], [54938], [54943], [54944], [54945], [54946], [54947], [54948], [54950], [54951], [54952], [54956], [54959], [54960], [54961], [54962], [54964], [54965], [54969], [54970], [54971], [54972], [54996], [55000], [55011], [55013], [55014].

Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
Built from https://develop.svn.wordpress.org/trunk@55015


git-svn-id: http://core.svn.wordpress.org/trunk@54548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-24 14:33:14 +00:00
audrasjb
01102b3d6e Docs: Improve various globals documentation, as per documentation standards.
Props upadalavipul.
See #57069, #56792.

Built from https://develop.svn.wordpress.org/trunk@54953


git-svn-id: http://core.svn.wordpress.org/trunk@54505 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-09 11:54:13 +00:00
spacedmonkey
aec68c417e Users: Clear the user_meta cache when clean_user_cache function is called.
Unlike other clean cache functions like `clean_post_cache`, `clean_user_cache` did not also clear user meta caches. This is inconsistent and can result in some strange side effects. Update the `clean_user_cache` function to also clear user meta caches when called. 

Props dd32, spacedmonkey, peterwilsoncc.
Fixes #54316.
Built from https://develop.svn.wordpress.org/trunk@54940


git-svn-id: http://core.svn.wordpress.org/trunk@54492 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-06 13:54:15 +00:00
Sergey Biryukov
3ba44120d0 Coding Standards: Always use parentheses when instantiating an object.
Note: This will be enforced by WPCS 3.0.0.

Props jrf.
See #56791.
Built from https://develop.svn.wordpress.org/trunk@54891


git-svn-id: http://core.svn.wordpress.org/trunk@54443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-29 15:51:14 +00:00
audrasjb
97d2dac330 Docs: Typo correction in wp_dropdown_users() docblock.
Props aleksganev.
See #56792.

Built from https://develop.svn.wordpress.org/trunk@54738


git-svn-id: http://core.svn.wordpress.org/trunk@54290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-11-01 10:42:17 +00:00
Sergey Biryukov
13cca70167 Users: Fetch user by login in retrieve_password() if not found by email.
This ensures that sending a password reset link works as expected if the user's login and email were initially the same, but the email address was subsequently updated and no longer matches the login, which is still set to the old address.

Follow-up to [6643], [18513], [19056], [37474], [50129], [50140].

Props donmhico, pbearne, azouamauriac, boblindner, daxelrod, audrasjb, SergeyBiryukov.
Fixes #53634.
Built from https://develop.svn.wordpress.org/trunk@54477


git-svn-id: http://core.svn.wordpress.org/trunk@54036 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-11 13:45:13 +00:00
Peter Wilson
b879d04354 Users: Revert use of shared objects for current user.
Reverts [50790].

Props oztaser, ravipatel, dd32, costdev, SergeyBiryukov, tykoted, cu121, xknown.
Fixes #54984.


Built from https://develop.svn.wordpress.org/trunk@54397


git-svn-id: http://core.svn.wordpress.org/trunk@53956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-10-06 04:38:14 +00:00
Sergey Biryukov
abf66fa018 Users: Correctly pass the context property for persisted preferences.
The user meta `context` property in `wp_register_persisted_preferences_meta()` was incorrectly configured. It should be part of the `schema` array, not the `show_in_rest` array.

Follow-up to [54182].

Props talldanwp, dd32.
Fixes #56665. See #56467.
Built from https://develop.svn.wordpress.org/trunk@54329


git-svn-id: http://core.svn.wordpress.org/trunk@53888 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-27 15:23:10 +00:00
Sergey Biryukov
7049f79f97 Users: Make wp_list_authors() and wp_list_users() filterable.
This commit adds three filters to customize the `wp_list_authors()` and `wp_list_users()` output:

* `wp_list_authors_args`: Filters the query arguments for the list of all authors of the site.
* `pre_wp_list_authors_post_counts_query`: Filters whether to short-circuit performing the query for author post counts. This may be useful to account for custom post types or post statuses. 
* `wp_list_users_args`: Filters the query arguments for the list of all users of the site.

Follow-up to [979], [3848], [5135], [5727], [31653], [52064], [53486], [53501].

Props kevinB, wonderboymusic, DrewAPicture, Mte90, audrasjb, rafiahmedd, costdev, nacin, afercia, chetan200891, hellofromTonya, TimothyBlynJacobs, chaion07, SergeyBiryukov.
Fixes #17025.
Built from https://develop.svn.wordpress.org/trunk@54262


git-svn-id: http://core.svn.wordpress.org/trunk@53821 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-20 16:26:10 +00:00
hellofromTonya
8c85dde1c6 Editor: Persist preferences in user meta.
Adds a new feature to persist editor UI preferences between page loads and browsers.

* Adds a new preferences persistence API.
* Saves editor preferences in user meta instead of in browser's local storage.

Why?
Due to the transient nature of browser storage, this persistence is not as sticky as it is expected to be, including: switching browsers (unique storage between browsers), or using private browsing tabs (storage cleared between sessions), or the same user across a network of sites (storage unique by domain).

This is a backport from Gutenberg.[https://github.com/WordPress/gutenberg/pull/39795 See WordPress/gutenberg PR 39795].

Props talldanwp, youknowriad, noisysocks, mamaduka, costdev, ironprogrammer, hellofromTonya.
See #56467.
Built from https://develop.svn.wordpress.org/trunk@54182


git-svn-id: http://core.svn.wordpress.org/trunk@53741 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-09-15 16:45:40 +00:00
John Blackbourn
1d4e72c798 Docs: Correct and improve the documented types for various functions and hooks.
See #55646

Built from https://develop.svn.wordpress.org/trunk@53877


git-svn-id: http://core.svn.wordpress.org/trunk@53436 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-11 14:03:09 +00:00
Sergey Biryukov
df054f2dae Cache API: Validate cache key in WP_Object_Cache methods.
Some plugins may call the `wp_cache_*()` functions with an empty string, `false`, or `null` as cache key, usually as a result of not checking the return value of another function that's used as the key.

Previously, this was silently failing, leading to odd behavior at best and often breakage due to key collisions.

A valid cache key must be either an integer number or a non-empty string.

This commit introduces a quick type check on the given cache keys and adds a `_doing_it_wrong()` message that should help plugin developers to notice these issues quicker.

Includes:
* A check in `update_user_caches()` and `clean_user_cache()` to make sure user email is not empty before being cached or removed from cache, as it is technically possible to create a user with empty email via `wp_insert_user()`.
* Some minor cleanup in unit tests where the email was passed to `wp_insert_user()` incorrectly or was unintentionally reset.

Props tillkruess, malthert, dd32, spacedmonkey, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes #56198.
Built from https://develop.svn.wordpress.org/trunk@53818


git-svn-id: http://core.svn.wordpress.org/trunk@53377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-03 14:36:12 +00:00
Sergey Biryukov
3f74637dfe I18N: Use a translatable string for displaying a user's first name and last name.
That allows locales to switch the order of the first name and last name, should they prefer to do so.

The string was previously used in `wp_insert_user()` and is now reused in other places for consistency:

* `WP_MS_Users_List_Table::column_name()`​
* `WP_Users_List_Table::column_name()​`
* `wp_list_authors()`
* `wp_list_users()`

Note: This also removes the `wp_list_author_full_name` filter, introduced for the same purpose in `wp_list_authors()`, as redundant for now.

Follow-up to [53486].

See #17025.
Built from https://develop.svn.wordpress.org/trunk@53501


git-svn-id: http://core.svn.wordpress.org/trunk@53090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-14 14:43:12 +00:00
audrasjb
bbe60d66c3 Text Changes: Improve consistency of admin error notices.
This changeset replaces `<strong>Error</strong>:` with `<strong>Error:</strong>`, for better consistency.

Props transl8or, mihaidumitrascu, audrasjb.
Fixes #50785.

Built from https://develop.svn.wordpress.org/trunk@53458


git-svn-id: http://core.svn.wordpress.org/trunk@53047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-06-02 15:05:13 +00:00