Commit Graph

581 Commits

Author SHA1 Message Date
Gary Pendergast
8d2ee69f9d Users: Use email_exists() in send_confirmation_on_profile_email(), instead of a manual query.
This gives us caching, and removes the use of the `$wpdb` global.

Props spacedmonkey, pento.
Fixes #45748.


Built from https://develop.svn.wordpress.org/trunk@44465


git-svn-id: http://core.svn.wordpress.org/trunk@44296 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-08 06:07:51 +00:00
Sergey Biryukov
7ee752e40c Privacy: When clicking a confirmation link for a privacy request, return a WP_Error object if the link has expired.
Returning a string caused a success message to be displayed instead of the correct error message.

Props desrosj.
Fixes #44685.
Built from https://develop.svn.wordpress.org/trunk@43623


git-svn-id: http://core.svn.wordpress.org/trunk@43452 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-03 21:44:24 +00:00
Gary Pendergast
56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov
08af3900c3 Privacy: Ensure the user request email is sent in the requested user's locale (or the site's default locale if they are not a registered user) when the administrator creating the request uses a different locale.
Props desrosj, Chouby, iandunn, lbenicio, birgire, earnjam, swissspidy, garrett-eclipse.
Fixes #43985.
Built from https://develop.svn.wordpress.org/trunk@43568


git-svn-id: http://core.svn.wordpress.org/trunk@43397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-13 16:32:27 +00:00
Andrew Ozz
b1330814e2 Privacy: Add $request to $email_data to make it available to all filters.
Props desrosj.
Fixes #44379.
Built from https://develop.svn.wordpress.org/trunk@43477


git-svn-id: http://core.svn.wordpress.org/trunk@43304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:53:25 +00:00
Andrew Ozz
04b8839454 Privacy: Add filter for the subject of the erasure complete notification emails.
Props desrosj.
Fixes #44265.
Built from https://develop.svn.wordpress.org/trunk@43475


git-svn-id: http://core.svn.wordpress.org/trunk@43302 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-17 13:42:25 +00:00
Sergey Biryukov
357a663899 Privacy: Change @since entry for user_request_confirmed_email_subject filter added in [43373] to 4.9.8.
See #44382.
Built from https://develop.svn.wordpress.org/trunk@43451


git-svn-id: http://core.svn.wordpress.org/trunk@43278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-16 12:12:25 +00:00
Felix Arntz
057b221af7 Privacy: Use consistent values for the site name and URL used in notification emails.
The functions `send_confirmation_on_profile_email()`, `_wp_privacy_send_request_confirmation_notification()`, `_wp_privacy_send_erasure_fulfillment_notification()`, and `wp_send_user_request()` all include a title and URL indicating the current site. However, so far they have dealt with those values inconsistently, sometimes using the site values, other times using the network values if in a multisite. This changeset ensures that only the current site is taken into account in all cases and that special characters in the site name are consistently decoded.

Props subrataemfluence, desrosj.
Fixes #44396.

Built from https://develop.svn.wordpress.org/trunk@43388


git-svn-id: http://core.svn.wordpress.org/trunk@43216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-07-03 17:00:25 +00:00
Andrew Ozz
be6aa715fe Privacy: use wp_login_url() for the link in the user confirmation email.
Props desrosj, usmankhalid.
Fixes #44353.
Built from https://develop.svn.wordpress.org/trunk@43379


git-svn-id: http://core.svn.wordpress.org/trunk@43207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:43:47 +00:00
Andrew Ozz
3ce87b62f9 Privacy: add user request type to the admin notification email subject.
Props birgire, desrosj.
Fixes #44099.
Built from https://develop.svn.wordpress.org/trunk@43375


git-svn-id: http://core.svn.wordpress.org/trunk@43203 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:42:03 +00:00
Andrew Ozz
ac269e570e Privacy: filter the email subject in _wp_privacy_send_request_confirmation_notification().
Props garrett-eclipse, birgire, desrosj.
Fixes #44382.
Built from https://develop.svn.wordpress.org/trunk@43373


git-svn-id: http://core.svn.wordpress.org/trunk@43201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:41:13 +00:00
John Blackbourn
0aa2902436 Security: Harden the random aspect of the hash used for user profile and admin email address changes.
Props BjornW

Fixes #43771

Built from https://develop.svn.wordpress.org/trunk@43367


git-svn-id: http://core.svn.wordpress.org/trunk@43195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:38:43 +00:00
Sergey Biryukov
33c708feca Privacy: Remove unnecessary This email has been sent to ###EMAIL### from privacy emails.
The line was copied from the emails that get sent when an email address changes, without considering if it made sense in the new context.

Props iandunn, ianbelanger, desrosj.
Fixes #44030.
Built from https://develop.svn.wordpress.org/trunk@43353


git-svn-id: http://core.svn.wordpress.org/trunk@43181 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:32:48 +00:00
Sergey Biryukov
e0e564d84b Users: In wp_validate_user_request_key(), properly return the WP_Error object in case the confirmation email has expired.
Props itowhid06.
Fixes #44298.
Built from https://develop.svn.wordpress.org/trunk@43331


git-svn-id: http://core.svn.wordpress.org/trunk@43159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-06-28 02:23:27 +00:00
Andrew Ozz
3ee58b55b1 Privacy: improve inline documentation.
Props desrosj.
Fixes #44075.
Built from https://develop.svn.wordpress.org/trunk@43256


git-svn-id: http://core.svn.wordpress.org/trunk@43085 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-14 14:53:21 +00:00
iandunn
b26ab11343 Privacy: Expose erasure notification recipient to filter callbacks.
The previous `user_email` value was redundant, because it always matched `$request_data->email`. That value might be different from where the message is sent, though, if the `user_erasure_fulfillment_email_to` filter is used. If they are different, then callbacks for the `user_confirmed_action_email_content` filter may want to distinguish between the email address of the user making the request, and the email address that the confirmation notification is being sent to.

Props desrosj, iandunn.
See #43973.

Built from https://develop.svn.wordpress.org/trunk@43236


git-svn-id: http://core.svn.wordpress.org/trunk@43065 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 21:20:22 +00:00
Sergey Biryukov
ae2b929294 Privacy: Update request confirmation notice text for clarity.
Props desrosj, melchoyce, garrett-eclipse.
Fixes #43970.
Built from https://develop.svn.wordpress.org/trunk@43232


git-svn-id: http://core.svn.wordpress.org/trunk@43061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:53:21 +00:00
Sergey Biryukov
bed52dda40 Privacy: Send an email notification to the user once their personal data erasure request is fulfilled.
Props desrosj, allendav, garrett-eclipse.
Fixes #43973.
Built from https://develop.svn.wordpress.org/trunk@43230


git-svn-id: http://core.svn.wordpress.org/trunk@43059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 20:43:22 +00:00
Andrew Ozz
7d9265e5c5 Privacy: cleanup of the "Export Personal Data" and "Erase Personal Data" screens.
Props desrosj, xkon.
See #43929.
Built from https://develop.svn.wordpress.org/trunk@43212


git-svn-id: http://core.svn.wordpress.org/trunk@43041 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 10:01:21 +00:00
iandunn
06fd54dab6 Privacy: Notify admin via email when a request is confirmed.
Previously the admin didn't have any way to know if a pending request was ready to be processed, aside from manually checking the Export/Erase pages. Sending them an email is a much more convenient option.

Props garrett-eclipse, desrosj, iandunn.
See #43967.

Built from https://develop.svn.wordpress.org/trunk@43211


git-svn-id: http://core.svn.wordpress.org/trunk@43040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-10 05:00:20 +00:00
Andrew Ozz
89a11a8c42 Privacy: remove leftover comment after [43197].
See #43968.
Built from https://develop.svn.wordpress.org/trunk@43199


git-svn-id: http://core.svn.wordpress.org/trunk@43028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 17:57:20 +00:00
Andrew Ozz
f665d16945 Privacy: add request type and filter to the subject of request confirmation emails for GDPR.
Props desrosj, azaozz.
See #43968.
Built from https://develop.svn.wordpress.org/trunk@43197


git-svn-id: http://core.svn.wordpress.org/trunk@43026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 17:51:21 +00:00
Sergey Biryukov
db66ae1123 Docs: Remove unused ###USERNAME### placeholder reference from user_request_action_email_content filter documentation.
Props desrosj.
Fixes #44016.
Built from https://develop.svn.wordpress.org/trunk@43189


git-svn-id: http://core.svn.wordpress.org/trunk@43018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-09 14:38:21 +00:00
Sergey Biryukov
8bc4e6d94f Privacy: Use the terms "erase"/"erasure" instead of "remove"/"removal" for personal data.
Props allendav.
Fixes #43920.
Built from https://develop.svn.wordpress.org/trunk@43175


git-svn-id: http://core.svn.wordpress.org/trunk@43004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-07 16:45:22 +00:00
iandunn
3d4c461e50 Privacy: Store plugin callbacks in associative array for flexibility.
The personal data export and erasure tools allow plugins to register their own callbacks, in order to add additional data to the export and erasure processes. Previously, these were registered without specifying a constant identifier in the array of callbacks. Using mutable integers makes it difficult for plugins to modify the callbacks of other plugins, though.

Using associative array keys instead provides a covenient and reliable way to identify and interact with another plugin's callbacks.

Props desrosj, allendav, ocean90.
Fixes #43931.

Built from https://develop.svn.wordpress.org/trunk@43154


git-svn-id: http://core.svn.wordpress.org/trunk@42983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-03 19:28:21 +00:00
Andrew Ozz
3a43a64c20 Privacy: fix inconsistencies in new strings.
Props audrasjb.
Fixes #43925.
Built from https://develop.svn.wordpress.org/trunk@43118


git-svn-id: http://core.svn.wordpress.org/trunk@42947 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-02 18:42:21 +00:00
Andrew Ozz
f4e6b7a29c Privacy: add user information to the personal data export file.
Props TZ-Media, desrosj.
See #43547.

Built from https://develop.svn.wordpress.org/trunk@43055


git-svn-id: http://core.svn.wordpress.org/trunk@42884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-01 13:59:21 +00:00
Andrew Ozz
bfc9c2f469 Fix docs and white space.
Props desrosj.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@43014


git-svn-id: http://core.svn.wordpress.org/trunk@42843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-28 12:04:21 +00:00
Andrew Ozz
b044b4053e Privacy: add means to export personal data by username or email address. Generate a zipped export file containing all data. First run.
Props allendav.
See #43546.
Built from https://develop.svn.wordpress.org/trunk@43012


git-svn-id: http://core.svn.wordpress.org/trunk@42841 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 19:54:21 +00:00
Andrew Ozz
e9eb7518c0 Privacy: update and enhance the method to confirm user requests by email. Introduce WP_User_Request to hold all request vars similarly to WP_Post.
Props mikejolley.
See #43443.

Built from https://develop.svn.wordpress.org/trunk@43011


git-svn-id: http://core.svn.wordpress.org/trunk@42840 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 17:31:22 +00:00
Andrew Ozz
f1703c0e70 Privacy: update the method to confirm user requests by email. Use a single CPT to store the requests and to allow logging/audit trail.
Props mikejolley.
See #43443.

Built from https://develop.svn.wordpress.org/trunk@43008


git-svn-id: http://core.svn.wordpress.org/trunk@42837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-27 10:12:22 +00:00
Andrew Ozz
108578a8ec Privacy: add new wp-admin screens for exporting and removing of personal data.
Props @melchoyce, @mikejolley, @allendav, @xkon.
See #43481.
Built from https://develop.svn.wordpress.org/trunk@42967


git-svn-id: http://core.svn.wordpress.org/trunk@42796 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-10 18:02:30 +00:00
Andrew Ozz
d3f054b5a9 Privacy: fixes and updates for the method to confirm user requests by email.
- Improve function and variable names.
- Allow extra data to be passed with the request.
- Make the option/user meta names more consistent.
- Adds an inline comment explaining use of hash.

Props mikejolley.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@42964


git-svn-id: http://core.svn.wordpress.org/trunk@42793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-06 19:10:30 +00:00
Sergey Biryukov
4848a09b35 I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders.
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.

Fixes #43523.
Built from https://develop.svn.wordpress.org/trunk@42827


git-svn-id: http://core.svn.wordpress.org/trunk@42657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-11 16:44:34 +00:00
Andrew Ozz
791b11bc3f Add a method to confirm user requests by email. First run.
Props mikejolley.
See #43443.
Built from https://develop.svn.wordpress.org/trunk@42791


git-svn-id: http://core.svn.wordpress.org/trunk@42621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-06 23:47:30 +00:00
Sergey Biryukov
7b7ca428f3 Docs: Clarify that wp_update_user() accepts an array as $userdata argument.
Props nextendweb.
Fixes #43051.
Built from https://develop.svn.wordpress.org/trunk@42774


git-svn-id: http://core.svn.wordpress.org/trunk@42604 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-04 18:12:31 +00:00
Sergey Biryukov
0e802a627d General: Introduce WP_Error::has_errors() method and use it where appropriate.
Props robdxw, DrewAPicture, SergeyBiryukov.
Fixes #42742.
Built from https://develop.svn.wordpress.org/trunk@42761


git-svn-id: http://core.svn.wordpress.org/trunk@42591 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-27 02:31:31 +00:00
Drew Jaynes
6e665d1f15 Docs: Link to the "Conditional Tags" article in the Theme Developer Handbook from the descriptions for a variety of core conditional tag functions.
These notations largely serve to direct consumers (of both the source and the parsed code reference) to extended information on individual and related conditional tags throughout WordPress. The changeset also standardizes corresponding DocBlock summaries to use third-person singular verbs.

Notations been added for the following functions:

* comments_open()
* email exists()
* has_excerpt()
* has_post_thumbnail()
* has_tag()
* in_category()
* in_the_loop()
* is_404()
* is_active_sidebar()
* is_active_widget()
* is_admin()
* is_admin_bar_showing()
* is_archive()
* is_attachment()
* is_author()
* is_blog_installed()
* is_category()
* is_comments_popup()
* is_date()
* is_day()
* is_dynamic_sidebar()
* is_feed()
* is_front_page()
* is_home()
* is_local_attachment()
* is_main_query
* is_month()
* is_multi_author
* is_new_day()
* is_page()
* is_page_template()
* is_paged()
* is_plugin_active()
* is_plugin_active_for_network()
* is_plugin_inactive()
* is_plugin_page()
* is_post_type_archive()
* is_preview()
* is_rtl()
* is_search()
* is_single()
* is_singular()
* is_sticky()
* is_tag()
* is_tax()
* is_taxonomy_hierarchical()
* is_time()
* is_trackback()
* is_user_logged_in()
* is_year()
* pings_open()
* post_type_exists()
* taxonomy_exists()
* term_exists()
* username exists()
* wp_attachment_is_image()
* wp_script_is()

Props janalwin.
Fixes #43254.

Built from https://develop.svn.wordpress.org/trunk@42710


git-svn-id: http://core.svn.wordpress.org/trunk@42538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-13 16:54:31 +00:00
John Blackbourn
91464bce65 Docs: Add missing code formatting to various @since entries.
See #42505

Built from https://develop.svn.wordpress.org/trunk@42678


git-svn-id: http://core.svn.wordpress.org/trunk@42506 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-09 16:55:31 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
John Blackbourn
2ad86e1e82 Docs: Correct some @since MU notation that was broken in [41200].
Every function introduced by MU was introduced in 3.0.0 as this was when MU was merged.

See #41509

Built from https://develop.svn.wordpress.org/trunk@41714


git-svn-id: http://core.svn.wordpress.org/trunk@41548 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-03 17:44:48 +00:00
John Blackbourn
4a16295dc5 Docs: Standardise the format used for documenting parameters passed by reference.
See #35974, #41017

Built from https://develop.svn.wordpress.org/trunk@41688


git-svn-id: http://core.svn.wordpress.org/trunk@41522 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:14:46 +00:00
Felix Arntz
eedca8f3da Multisite: Fix wp_get_users_with_no_role() possibly including users with a role on a different site.
Prior to this change, when passing another site than the current one to `wp_get_users_with_no_role()` through its `$site_id` parameter, the function still used the roles available on the current site, which would cause users with other roles that possibly exist on the other site to show up as users without a role. Switching the site before retrieving the available rules fixes the issue.

Fixes #42015.

Built from https://develop.svn.wordpress.org/trunk@41654


git-svn-id: http://core.svn.wordpress.org/trunk@41488 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 04:10:45 +00:00
Felix Arntz
5edfea22b9 Multisite: Fix count_users() possibly querying incorrect roles when passed a different site ID.
The `time` strategy in `count_users()` queries users by role. However, the roles queried for were not affected by passing another site than the current one through the `$site_id` parameter, causing users having roles that were not queried for to appear as users without a role. This changeset fixes the issue by switching the site before retrieving the roles to query for.

Fixes #42014.

Built from https://develop.svn.wordpress.org/trunk@41653


git-svn-id: http://core.svn.wordpress.org/trunk@41487 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-30 03:54:45 +00:00
Sergey Biryukov
5046ef73c3 Docs: Correct description for insert_user_meta filter.
Props milana_cap, desrosj.
Fixes #41951.
Built from https://develop.svn.wordpress.org/trunk@41564


git-svn-id: http://core.svn.wordpress.org/trunk@41397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-22 13:14:45 +00:00
Weston Ruter
90bedf8f9d Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion.
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.

Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes #12423, #39892.

Built from https://develop.svn.wordpress.org/trunk@41376


git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-13 06:08:47 +00:00
John Blackbourn
28eda6f4bc General: Improve terminology used when referring to installations of WordPress and its extensions.
"Install" is not a noun, and while it might be acceptable to use the verb as a noun, it is not correct. Using the correct
noun, "installation", increases clarity, especially for non-native English speakers.

This change fixes the usage in user-facing text and in developer documentation.

Fixes #41620

Built from https://develop.svn.wordpress.org/trunk@41289


git-svn-id: http://core.svn.wordpress.org/trunk@41129 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-22 11:52:48 +00:00
Drew Jaynes
d2b78649a2 Docs: Document user object parameters for a variety of functions in wp-includes/user.php as WP_User type instead of the more generic object type.
Props sebastianpisula.
Fixes #40945.

Built from https://develop.svn.wordpress.org/trunk@41272


git-svn-id: http://core.svn.wordpress.org/trunk@41112 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-19 20:19:44 +00:00
John Blackbourn
c184d766e9 Docs: Correct and improve the documentation for the send_confirmation_on_profile_email() function and the new_user_email_content filter.
See #41017

Built from https://develop.svn.wordpress.org/trunk@41209


git-svn-id: http://core.svn.wordpress.org/trunk@41049 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-02 20:43:44 +00:00
Drew Jaynes
0401cee8b3 Docs: Reduce confusion in @since MU notationss by indicating the WP version (3.0.0) the code was merged into core while retaining the original context.
Props sathyapulse.
Fixes #41509.

Built from https://develop.svn.wordpress.org/trunk@41200


git-svn-id: http://core.svn.wordpress.org/trunk@41040 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-01 20:44:43 +00:00
Drew Jaynes
7f5e00ba29 Docs: Remove an unrelated description about post meta from the DocBlock for add_user_meta().
Clean up syntax.

See #41017.

Built from https://develop.svn.wordpress.org/trunk@41186


git-svn-id: http://core.svn.wordpress.org/trunk@41026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-30 14:32:45 +00:00
John Blackbourn
fb515a8a63 Users: Further fixes to entitiy decoding in the user email address change confirmation email, and the corresponding tests.
See #16470, #40015

Built from https://develop.svn.wordpress.org/trunk@41171


git-svn-id: http://core.svn.wordpress.org/trunk@41011 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 14:59:43 +00:00
John Blackbourn
ff20054573 Users: Add the new email address to the email address change notification email.
Fixes #39112

Built from https://develop.svn.wordpress.org/trunk@41166


git-svn-id: http://core.svn.wordpress.org/trunk@41006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:57:43 +00:00
John Blackbourn
30d5450508 Users: Re-add entity decoding to the site name before it's used in the email address change confirmation email.
This was accidentally removed in [41163].

See #40015, #16470

Built from https://develop.svn.wordpress.org/trunk@41165


git-svn-id: http://core.svn.wordpress.org/trunk@41005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:55:43 +00:00
John Blackbourn
62fe4be994 Users: Require a confirmation link in an email to be clicked when a user attempts to change their email address.
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their account.

Props rodrigosprimo, tharsheblows, johnbillion

Fixes #16470

Built from https://develop.svn.wordpress.org/trunk@41163


git-svn-id: http://core.svn.wordpress.org/trunk@41003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:10:42 +00:00
John Blackbourn
6b22dbe59a Login and Registration: Introduce a username_exists filter, which allows for control over registration of usernames.
Props shamim51

Fixes #39320

Built from https://develop.svn.wordpress.org/trunk@41158


git-svn-id: http://core.svn.wordpress.org/trunk@40998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-26 16:25:40 +00:00
John Blackbourn
b4c2f16d01 Users: Ensure that users with no role on a site are taken into consideration when listing users on Multisite.
This ensures that users who are a member of a site but have no role are correctly listed on the Users screen and can be filtered from the 'None' role filter.

Props tobi823, flixos90, scottlee

Fixes #36196

Built from https://develop.svn.wordpress.org/trunk@41138


git-svn-id: http://core.svn.wordpress.org/trunk@40978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-25 00:24:43 +00:00
Sergey Biryukov
8cfdf4dd3a Docs: Add a @global entry for $wpdb in is_user_member_of_blog().
Props ajayghaghretiya1.
Fixes #41308.
Built from https://develop.svn.wordpress.org/trunk@41039


git-svn-id: http://core.svn.wordpress.org/trunk@40889 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-13 13:54:41 +00:00
Boone Gorges
def98d511a Users: Allow data to be filtered before updating or creating a user.
Props DaveFX.
Fixes #40545.
Built from https://develop.svn.wordpress.org/trunk@40980


git-svn-id: http://core.svn.wordpress.org/trunk@40830 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-01 13:30:42 +00:00
Drew Jaynes
f6bf00d378 Docs: Add a note to the DocBlock for wp_signon() mentioning that it doesn't handle setting the current user.
Also outlines the conditions that must be met for is_user_logged_in() to work with it.

Part props SergeyBiryukov.
Fixes #28116.

Built from https://develop.svn.wordpress.org/trunk@40943


git-svn-id: http://core.svn.wordpress.org/trunk@40793 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-25 20:08:40 +00:00
John Blackbourn
eb4db0e19c Users: Ensure user counts remain accurate if users are added to or removed from the users table without corresponding usermeta entries being added or removed.
This has a slight performance impact on sites with a large number of users when the `time` strategy is used for counting users. Hopefully this impact will be negated by enhancements proposed in #38741.

Props psoluch, dots, boonebgorges, ptbello, tharsheblows

Fixes #29785

Built from https://develop.svn.wordpress.org/trunk@40560


git-svn-id: http://core.svn.wordpress.org/trunk@40429 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-30 13:03:41 +00:00
Pascal Birchler
72c19648bc Load: Only load PasswordHash class when needed.
This reverts [38371] which loaded `class-phpass.php` early in `wp-settings.php` and in turn caused backward compatibility problems.

Props DavidAnderson, ketuchetan.
Fixes #39445.

Built from https://develop.svn.wordpress.org/trunk@40387


git-svn-id: http://core.svn.wordpress.org/trunk@40294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-06 18:01:42 +00:00
John Blackbourn
4548b08236 General: Use interpolation instead of concatenation for all dynamic hook names.
This fixes the rendering of the hook names on developer.wordpress.org.

Props keesiemeijer
Fixes #39148

Built from https://develop.svn.wordpress.org/trunk@39600


git-svn-id: http://core.svn.wordpress.org/trunk@39540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-14 04:18:42 +00:00
John Blackbourn
5ffc6a7fe0 Users: Clarify the return value of get_current_user_id() for non-logged-in users.
Props ovenall
Fixes #39051

Built from https://develop.svn.wordpress.org/trunk@39486


git-svn-id: http://core.svn.wordpress.org/trunk@39426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-04 19:25:16 +00:00
John Blackbourn
c2d709e9d6 I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment.
See #38882

Built from https://develop.svn.wordpress.org/trunk@39326


git-svn-id: http://core.svn.wordpress.org/trunk@39266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 02:46:30 +00:00
Dominik Schilling
7819e2b4ba I18N: Introduce a locale-switching function.
With the introduction of user-specific languages in [38705] it's necessary to be able to switch translations on the fly. For example emails should be sent in the language of the recipient and not the one of the current user.

This introduces a new `WP_Locale_Switcher` class which is used for switching locales and translations. It holds the stack of locales whenever `switch_to_locale( $locale )` is called. With `restore_previous_locale()` you can restore the previous locale. `restore_current_locale()` empties the stack and sets the locale back to the initial value.

`switch_to_locale()` is added to most of core's email functions, either with the value of `get_locale()` (site language) or `get_user_locale()` (user language with fallback to site language).

Props yoavf, tfrommen, swissspidy, pbearne, ocean90.
See #29783.
Fixes #26511.
Built from https://develop.svn.wordpress.org/trunk@38961


git-svn-id: http://core.svn.wordpress.org/trunk@38904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 15:36:31 +00:00
Jeremy Felt
6a0ca394e8 Multisite: Replace get_blog_details() with get_site() in is_user_member_of_blog().
Props flixos90.
Fixes #38358.

Built from https://develop.svn.wordpress.org/trunk@38905


git-svn-id: http://core.svn.wordpress.org/trunk@38848 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-25 06:02:35 +00:00
John Blackbourn
dec7dd74ea Users: Use the role name instead of the role display name when fetching the list of users with no role. This avoids false positives when dealing with user roles that, for example, contain spaces in the display name.
Props procodewp, choongsavvii
Fixes #38234

Built from https://develop.svn.wordpress.org/trunk@38787


git-svn-id: http://core.svn.wordpress.org/trunk@38730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-14 12:05:30 +00:00
Pascal Birchler
4a88d55054 I18N: Introduce a user-specific language setting.
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.

The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.

Props ocean90, ipm-frommen, swissspidy.
Fixes #29783.
Built from https://develop.svn.wordpress.org/trunk@38705


git-svn-id: http://core.svn.wordpress.org/trunk@38648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-03 07:04:29 +00:00
Jeremy Felt
1e9f495a18 Multisite: Use get_sites() in get_blogs_of_user().
Previously, we looped through all of the site IDs found via user meta and ran `get_blog_details()` for each site. Now, we can pass all of the site IDs at once to `get_sites()` and receive full `WP_Site` objects.

To avoid possible issues with return type, sites are still processed into a standard object that also has a `userblog_id` property attached. Nothing is changed for non-multisite configurations.

Props flixos90.
Fixes #37061.

Built from https://develop.svn.wordpress.org/trunk@38682


git-svn-id: http://core.svn.wordpress.org/trunk@38625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 04:35:27 +00:00
Boone Gorges
13f243747f Allow 'role' parameters to be passed to wp_dropdown_users().
`wp_dropdown_users()` contains a whitelist of function params that are
passed through to `get_users()`. `role`, `role__in`, and `role__not_in`
have now been added to this whitelist.

Props sillybean.
Fixes #38135.
Built from https://develop.svn.wordpress.org/trunk@38651


git-svn-id: http://core.svn.wordpress.org/trunk@38594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-25 17:45:28 +00:00
Scott Taylor
e5225324a2 Multisite: use get_current_blog_id() where applicable, in lieu of plucking the $blog_id global from outer space.
See #37699.

Built from https://develop.svn.wordpress.org/trunk@38457


git-svn-id: http://core.svn.wordpress.org/trunk@38398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 04:55:54 +00:00
John Blackbourn
9070bb3ace Users: Correct the documentation for the wp_dropdown_users_args filter description and its parameters.
See #37770

Built from https://develop.svn.wordpress.org/trunk@38406


git-svn-id: http://core.svn.wordpress.org/trunk@38347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 16:54:31 +00:00
Scott Taylor
481123661c Load: load class-phpass.php (PasswordHash class) early in wp-settings.php, instead of require_once()'ing it in several places.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38371


git-svn-id: http://core.svn.wordpress.org/trunk@38312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 17:40:35 +00:00
Drew Jaynes
e6267dcf19 Docs: Fix formatting, tense, verb conjugation, and other syntax for wp-includes/* elements introduced or changed in 4.6.
Part 2/2.

Fixes #37318.

Built from https://develop.svn.wordpress.org/trunk@38125


git-svn-id: http://core.svn.wordpress.org/trunk@38066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-20 19:33:30 +00:00
Sergey Biryukov
139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for _doing_it_wrong(), _deprecated_function(), _deprecated_argument(), and _deprecated_file() throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Sergey Biryukov
7ddbbfec08 Users: wp_signon() expects an array as the $credentials argument, not a string.
If an empty string was passed, redeclare it as an empty array to avoid a warning and a fatal error in PHP 7.1.0 Alpha 1.

Props simonvik.
Fixes #37071.
Built from https://develop.svn.wordpress.org/trunk@37697


git-svn-id: http://core.svn.wordpress.org/trunk@37663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 15:34:29 +00:00
Drew Jaynes
9193013158 Docs: Apply inline @see tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

Fixes #36921.

Built from https://develop.svn.wordpress.org/trunk@37544


git-svn-id: http://core.svn.wordpress.org/trunk@37512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 19:02:28 +00:00
Drew Jaynes
043c4b1710 Docs: Standardize filter docs in wp-includes/user.php to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37503


git-svn-id: http://core.svn.wordpress.org/trunk@37471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:30:27 +00:00
Drew Jaynes
fe3b007fdd Docs: Remove inline @see tags from function, class, and method references in inline docs.
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.

Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@37342


git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-02 04:00:28 +00:00
Jeremy Felt
2e94a24e25 Multisite: Add the pre_get_blogs_of_user filter
This allows a plugin to short circuit `get_blogs_of_user()` in cases where the default behavior of the function is unnecessary or slow. (e.g. A user is a member of thousands of sites.)

Props jsternberg.
See #31746, Fixes #36707.

Built from https://develop.svn.wordpress.org/trunk@37326


git-svn-id: http://core.svn.wordpress.org/trunk@37292 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-29 15:53:28 +00:00
Jeremy Felt
6226af307b Users: Prevent spammy users from resetting their passwords in multisite
Props r-a-y, websupporter.
Fixes #24617.

Built from https://develop.svn.wordpress.org/trunk@37317


git-svn-id: http://core.svn.wordpress.org/trunk@37283 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-27 05:55:27 +00:00
Jeremy Felt
98d8ad680b Users: Provide a full user object when checking for a spammy multisite user
`is_user_spammy()` falls back to the current user if one is not provided. There is no current user during authentication, so the result is always `false`. Pass a user to fill the void.

Adds tests for `wp_authenticate_spam_check()`.

Props websupporter.
Fixes #36546.

Built from https://develop.svn.wordpress.org/trunk@37316


git-svn-id: http://core.svn.wordpress.org/trunk@37282 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-27 05:36:28 +00:00
Sergey Biryukov
31b896d1aa Docs: Reflect the new 'user' option for wp_new_user_notification()'s $notify parameter added in [37276] in wp_send_new_user_notifications() docs as well.
Props ocean90.
Fixes #36009.
Built from https://develop.svn.wordpress.org/trunk@37278


git-svn-id: http://core.svn.wordpress.org/trunk@37244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-21 12:01:27 +00:00
Drew Jaynes
ba4ce19ad4 Docs: Clarify the use of the get_currentuserinfo() for backward compatibility purposes in the DocBlock description for _wp_get_current_user(), introduced in [36651].
See #19615. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37008


git-svn-id: http://core.svn.wordpress.org/trunk@36975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:21:26 +00:00
Drew Jaynes
f27e87e26a Docs: Use a third-person singular verb in the DocBlock summary for wp_authenticate_email_password(), introduced in [36617].
See #9568. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37007


git-svn-id: http://core.svn.wordpress.org/trunk@36974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:18:27 +00:00
Dominik Schilling
e5ea82d81a Spelling: Standardize on "front end"/"back end" (noun) and "front-end"/"back-end" (adjective).
Props obrienlabs, thewanderingbrit.
Fixes #34887.
Built from https://develop.svn.wordpress.org/trunk@36709


git-svn-id: http://core.svn.wordpress.org/trunk@36676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 12:53:27 +00:00
Drew Jaynes
f5ea3e5dac Docs: Make a few syntactical improvements to the DocBlock for _wp_get_current_user(), introduced in [36651].
Includes a cross reference from the DocBlock for `wp_get_current_user()`, which itself is pluggable, but the new internal function is not.

See #19615. See #32246.

Built from https://develop.svn.wordpress.org/trunk@36705


git-svn-id: http://core.svn.wordpress.org/trunk@36672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 05:07:26 +00:00
Pascal Birchler
9612c26db3 Users: Introduce _wp_get_current_user() for improved backward compatibility.
This new helper function is used by the pluggable functions `wp_get_current_user()` and `get_currentuserinfo()`, which was previously being called by the former before [36311]. Without it, infinite loops could be caused when plugins implement these functions, as they are now called the other way around.

Fixes #19615.
Built from https://develop.svn.wordpress.org/trunk@36651


git-svn-id: http://core.svn.wordpress.org/trunk@36618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 22:26:28 +00:00
Dominik Schilling
7ebe2c1e7a Authentication: Allow users to log in using their email address.
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.

Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568.
Built from https://develop.svn.wordpress.org/trunk@36617


git-svn-id: http://core.svn.wordpress.org/trunk@36584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-22 23:15:27 +00:00
Drew Jaynes
12bdf5a6da Docs: Improove the DocBlock summary for wp_signon().
See #32246.

Built from https://develop.svn.wordpress.org/trunk@36501


git-svn-id: http://core.svn.wordpress.org/trunk@36468 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-07 08:11:25 +00:00
Boone Gorges
20c07afbd5 When updating a user, invalidate its 'userslugs' cache.
`user_nicename` can be changed via `wp_update_user()`, so we invalidate just
to be safe.

Props thebrandonallen.
Fixes #35750.
Built from https://develop.svn.wordpress.org/trunk@36482


git-svn-id: http://core.svn.wordpress.org/trunk@36449 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-05 19:03:26 +00:00
Pascal Birchler
b9fd40a8cb Users: Decode special characters in password and email change notification emails.
Fixes #35283.
Built from https://develop.svn.wordpress.org/trunk@36306


git-svn-id: http://core.svn.wordpress.org/trunk@36273 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 07:29:27 +00:00
Eric Lewis
c52af7470b Login is not a verb, change "login" to "log in".
See #35387

Built from https://develop.svn.wordpress.org/trunk@36246


git-svn-id: http://core.svn.wordpress.org/trunk@36213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 21:08:26 +00:00
Eric Lewis
2f41867519 Users: Fix incorrect docs for user authentication and login functions.
Fixes #35387

Built from https://develop.svn.wordpress.org/trunk@36245


git-svn-id: http://core.svn.wordpress.org/trunk@36212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 20:52:27 +00:00
Sergey Biryukov
8009f97f79 Docs: Correct @return type for count_user_posts().
Props nofearinc.
Fixes #35222.
Built from https://develop.svn.wordpress.org/trunk@36085


git-svn-id: http://core.svn.wordpress.org/trunk@36050 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-25 20:18:27 +00:00
Gary Pendergast
f9bba421b5 User: Don't continue checking a password reset key, if the hash is empty.
An empty reset key hash will never be valid, so we can skip seeing if it can be used to validate the given key, and return a failure early.

This fixes a warning in the unit tests under HHVM.

See #33926.



Built from https://develop.svn.wordpress.org/trunk@36084


git-svn-id: http://core.svn.wordpress.org/trunk@36049 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-24 02:49:26 +00:00
Drew Jaynes
28412d2ef2 Docs: Add missing parameter and return descriptions to the DocBlock for _wp_get_user_contactmethods().
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35986


git-svn-id: http://core.svn.wordpress.org/trunk@35951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-17 16:41:27 +00:00
John Blackbourn
26dfc6159f Correct a parameter name for the allow_password_reset filter so its entry on developer.wordpress.org displays correctly.
See #32246

Built from https://develop.svn.wordpress.org/trunk@35969


git-svn-id: http://core.svn.wordpress.org/trunk@35934 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-16 19:20:26 +00:00
Gary Pendergast
31f51e2cbb The the Docs: Fix the the dittography
Sometimes, it's easy to to type the the same word twice, especially if if it's a simple word. We probably shouldn't do do do (do do do doo) it, though.

(I've excluded external libs from this change.)

Fixes #34885.


Built from https://develop.svn.wordpress.org/trunk@35793


git-svn-id: http://core.svn.wordpress.org/trunk@35757 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-06 21:23:25 +00:00
Boone Gorges
714be37ea5 Show user_login in Dashboard user dropdowns.
User dropdowns in wp-admin have traditionally shown the users' display names.
However, this causes ambiguity when users share display names. To correct this,
we now show the unique user_login in parentheses after the display name.

The new `display_name_with_login` value for the `show` parameter of
`wp_dropdown_users()` enables this functionality. The default value of `show`
has not been changed, for backward compatibility, but all instances of
`wp_dropdown_users()` in core wp-admin have been switched.

This changeset also reduces some duplicated logic when assembling a user list
when `include_selected` is true.

Props krogsgard, boonebgorges.
Fixes #31251.
Built from https://develop.svn.wordpress.org/trunk@35790


git-svn-id: http://core.svn.wordpress.org/trunk@35754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-06 20:57:26 +00:00
Boone Gorges
43d1ab4720 Use 'invalid_username' error code when tripping 'illegal_user_logins'.
This gives us better compatibility with existing errors thrown by
`sanitize_user()`, especially in Multisite, where user_login has more
restrictions on allowed characters.

Props markjaquith.
Fixes #27317.
Built from https://develop.svn.wordpress.org/trunk@35772


git-svn-id: http://core.svn.wordpress.org/trunk@35736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 23:25:26 +00:00
Dominik Schilling
7250749032 Reset Password: Add a missing new operator for WP_Error in get_password_reset_key().
Missed in [34923].

Fixes #34180.

Built from https://develop.svn.wordpress.org/trunk@35764


git-svn-id: http://core.svn.wordpress.org/trunk@35728 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 15:31:26 +00:00
Dominik Schilling
9fb5c540bb Users: Allow to create users without sending an email to the new user.
This adds a checkbox to `wp-admin/user-new.php` to prevent sending an email with the username and a password reset link to the new user. Restores the behavior of pre-4.3.

Fixes #33504.
Props tharsheblows, SergeyBiryukov, DrewAPicture, ocean90.
Built from https://develop.svn.wordpress.org/trunk@35742


git-svn-id: http://core.svn.wordpress.org/trunk@35706 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-25 22:38:29 +00:00
Sergey Biryukov
bc1e479fd0 After [35718], update the location of some files in This filter is documented in docs.
Partially reverts [33954].

Fixes #33413.
Built from https://develop.svn.wordpress.org/trunk@35725


git-svn-id: http://core.svn.wordpress.org/trunk@35689 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-22 03:51:28 +00:00
Andrew Nacin
1579e45d41 Simplify the include graph after work to split out classes.
see #33413. More details there.

Built from https://develop.svn.wordpress.org/trunk@35718


git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
Drew Jaynes
51b778fb03 Docs: The User API is singular.
See #33701.

Built from https://develop.svn.wordpress.org/trunk@34397


git-svn-id: http://core.svn.wordpress.org/trunk@34361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-22 13:03:24 +00:00
Drew Jaynes
5cf6c74499 Docs: Clarify the file header summary for wp-includes/user.php, the top-level file for the core Users API.
Also adds inline DocBlocks for the `require_once()` calls that now bring in core users functionality and the `WP_User_Query` class, as of [33749].

See #33413. See #33701.

Built from https://develop.svn.wordpress.org/trunk@33897


git-svn-id: http://core.svn.wordpress.org/trunk@33866 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-04 01:33:24 +00:00
Scott Taylor
484331e492 Users: move WP_User_Query into its own file. user.php loads the new files, so this is 100% BC if someone is loading user.php directly (a lot of plugins do). New files created using svn cp.
Creates: 
`class-wp-user-query.php` 
`user-functions.php` 

`user.php` contains only top-level code. Class file only contains the class. Functions file only contains functions.

See #33413.

Built from https://develop.svn.wordpress.org/trunk@33749


git-svn-id: http://core.svn.wordpress.org/trunk@33717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-26 04:20:21 +00:00
Drew Jaynes
dbdc8bf149 Docs: Clarify the return description for wp_create_user() to illustrate that a WP_Error object will be returned on failure.
Props jmayhak
Fixes #33321.

Built from https://develop.svn.wordpress.org/trunk@33725


git-svn-id: http://core.svn.wordpress.org/trunk@33693 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-24 22:23:24 +00:00
Drew Jaynes
5e32a0c646 Docs: Better clarify that the $post_type parameter for the get_usernumposts filter and count_user_posts() can accept either a single post type or array of post types.
Props tyxla
See #33481. Fixes #33520.

Built from https://develop.svn.wordpress.org/trunk@33716


git-svn-id: http://core.svn.wordpress.org/trunk@33683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-23 17:46:24 +00:00
Boone Gorges
6ab7493b27 Pass the $public_only value to 'get_usernumposts' filter.
[32523] introduced the `$public_only` parameter to `count_user_posts()`. That
changeset was supposed to pass `$public_only` to the 'get_usernumposts' filter
at the end of the function, but only the documentation was modified, not the
filter itself.

This changeset also fixes an incorrect variable name in the docblock for
the same filter.

Props swisspidy, tmatsuur.
Fixes #33481 for trunk.
Built from https://develop.svn.wordpress.org/trunk@33710


git-svn-id: http://core.svn.wordpress.org/trunk@33677 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-22 18:59:26 +00:00
Scott Taylor
c192d90fa1 In wp_insert_user(), add a filter: insert_user_meta, to filter a user's meta values and keys before the user is created or updated.
Props tharsheblows, chriscct7, DrewAPicture.
Fixes #31549.

Built from https://develop.svn.wordpress.org/trunk@33708


git-svn-id: http://core.svn.wordpress.org/trunk@33675 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-22 17:12:25 +00:00
Drew Jaynes
0e4285c451 Docs: Fix a typo in the DocBlock description for _get_additional_user_keys(), introduced in [33687].
Props dimadin
See #29120.

Built from https://develop.svn.wordpress.org/trunk@33690


git-svn-id: http://core.svn.wordpress.org/trunk@33657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-21 16:01:28 +00:00
Drew Jaynes
6d405d34da Docs: Clarify the DocBlock summary and add a description and return description for _get_additional_user_keys().
As noted in the description, returned keys being set is dependent on the existence of those keys in user meta at the point where `_get_additional_user_keys()` is called in `wp_update_user()`.

Fixes #29120.

Built from https://develop.svn.wordpress.org/trunk@33687


git-svn-id: http://core.svn.wordpress.org/trunk@33654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-21 05:33:25 +00:00
Konstantin Obenland
e6bc6242ad Passwords: Restore second parameter for wp_new_user_notification().
After [33023] users would always be notified, this restores previous behavior.

Props markjaquith, ocean90.
Fixes #33358.


Built from https://develop.svn.wordpress.org/trunk@33620


git-svn-id: http://core.svn.wordpress.org/trunk@33587 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-17 14:25:27 +00:00
Mark Jaquith
97280576c0 Change send_pass_change_email to send_password_change_email (better name).
see #32430
Built from https://develop.svn.wordpress.org/trunk@33486


git-svn-id: http://core.svn.wordpress.org/trunk@33453 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-29 14:52:26 +00:00
Drew Jaynes
a929b8efe5 Fix the same typo again in the hook doc summary for the send_pass_change_email filter.
I speak English, I do.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@33248


git-svn-id: http://core.svn.wordpress.org/trunk@33220 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:27:24 +00:00
Drew Jaynes
9de2f22655 Fix a typo in the hook docs summary for the send_pass_change_email filter.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@33247


git-svn-id: http://core.svn.wordpress.org/trunk@33219 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:25:24 +00:00
Drew Jaynes
8ef2cd1537 Fix the inline documentation syntax in the hook docs for the email_change_email filter, introduced in 4.3.
Also update the filter summary to reflect that the file is for an "email" change, not a "password" change.

See [32820]. See #32891.

Built from https://develop.svn.wordpress.org/trunk@33245


git-svn-id: http://core.svn.wordpress.org/trunk@33217 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:15:24 +00:00
Drew Jaynes
86f21b4d90 Fix the inline documentation syntax in the hook docs for the password_change_email filter, introduced in 4.3.
See [32820]. See #32891.

Built from https://develop.svn.wordpress.org/trunk@33244


git-svn-id: http://core.svn.wordpress.org/trunk@33216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:11:24 +00:00
Drew Jaynes
284b726bfb Fix the inline documentation syntax in the hook docs for the send_email_change_email filter, added in 4.3.
See [32820]. See #32891.

Built from https://develop.svn.wordpress.org/trunk@33243


git-svn-id: http://core.svn.wordpress.org/trunk@33215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:08:24 +00:00
Drew Jaynes
96ed7056cd Fix the inline documentation syntax in the hook docs for the send_pass_change_email filter, added in 4.3.
See [32820]. See #32891.

Built from https://develop.svn.wordpress.org/trunk@33242


git-svn-id: http://core.svn.wordpress.org/trunk@33214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:05:25 +00:00
Drew Jaynes
668bdf60fb Wrap a long changelog entry description in the DocBlock for count_user_posts().
Also clarify the description for the new `$public_only` parameter, added in [32523].

See #32891.

Built from https://develop.svn.wordpress.org/trunk@33241


git-svn-id: http://core.svn.wordpress.org/trunk@33213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:03:24 +00:00
Scott Taylor
6c90a44828 After [32980], update the docs to reflect that display_name is now included when searching for users in some scenarios.
Fixes #27304.

Built from https://develop.svn.wordpress.org/trunk@33116


git-svn-id: http://core.svn.wordpress.org/trunk@33087 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-07 19:39:25 +00:00
Scott Taylor
6b034b67f5 In wp_insert_user(), comparing an email address against the user's old email address should not be case-sensitive.
Adds unit tests.

Props tyxla.
Fixes #32158.

Built from https://develop.svn.wordpress.org/trunk@33115


git-svn-id: http://core.svn.wordpress.org/trunk@33086 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-07 19:29:24 +00:00
Mark Jaquith
423a1a7ca4 New password change/set UI.
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords

see #32589

props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023


git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Dion Hulse
c261ad2c57 Expire password reset links after 24 hours (by default). This causes existing password reset links to become invalid.
Props markjaquith, voldemortensen, johnbillion, MikeHansenMe, dd32
See #32429

Built from https://develop.svn.wordpress.org/trunk@33019


git-svn-id: http://core.svn.wordpress.org/trunk@32990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 06:33:26 +00:00
Scott Taylor
5b9b3cedea When searching for users using the search arg in get_users()/WP_User_Query, also search the user's email, url, and display name.
Adds unit tests.

Props mordauk, wonderboymusic.
Fixes #27304.

Built from https://develop.svn.wordpress.org/trunk@32980


git-svn-id: http://core.svn.wordpress.org/trunk@32951 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-28 00:36:24 +00:00
Scott Taylor
d6c644d8df After [32884], update the default value for comment_shortcuts.
Props dlh, rachelbaker, DrewAPicture.
Fixes #31588.

Built from https://develop.svn.wordpress.org/trunk@32904


git-svn-id: http://core.svn.wordpress.org/trunk@32875 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-22 20:44:26 +00:00
Dominik Schilling
4423739c65 Use 3-digit x.x.x style for 4.3.0 @since versions.
see #32335, #32430.
Built from https://develop.svn.wordpress.org/trunk@32897


git-svn-id: http://core.svn.wordpress.org/trunk@32868 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-21 11:41:26 +00:00
Drew Jaynes
1077b83a20 Update the DocBlock for wp_insert_post() to exclude now-defunct contact method arguments and clarify others.
Also clarifies information on available hooks and adds a changelog entry for when the contact method arguments were removed.

Props dlh, rachelbaker.
See #31588.

Built from https://develop.svn.wordpress.org/trunk@32884


git-svn-id: http://core.svn.wordpress.org/trunk@32855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-20 02:53:27 +00:00
Scott Taylor
5e994cd6a1 Customizer et al, use elseif in PHP, not else if.
This was corrected via brute force in [31090].

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32874


git-svn-id: http://core.svn.wordpress.org/trunk@32845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-19 22:01:25 +00:00
Boone Gorges
2e5e0bdc78 When updating a user, only send email-change notification if email address is passed.
The notification, introduced in [32380], was firing incorrectly (and throwing
a PHP notice) when `wp_update_user()` was called without including 'user_email'
in the update data.

Props imath.
Fixes #32684. See #32430.
Built from https://develop.svn.wordpress.org/trunk@32838


git-svn-id: http://core.svn.wordpress.org/trunk@32809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-18 13:30:26 +00:00
Mark Jaquith
814865ea9e Send emails when a user's email address or password is changed.
* In case of email change, email goes to the OLD address
* Prevents against issues where an account is compromised (say via cookie interception) and then the attacker silently takes over ownership via pw/email changes — now there will at least be a record that something is up

fixes #32430
props RMarks, MikeHansenMe, tharsheblows, obenland
Built from https://develop.svn.wordpress.org/trunk@32820


git-svn-id: http://core.svn.wordpress.org/trunk@32791 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-17 19:31:27 +00:00
Boone Gorges
5dfd6a02a7 Avoid returning duplicate matches when using a meta query in WP_User_Query.
A meta_query containing an `OR` relation can result in the same record matching
multiple clauses, leading to duplicate results. The previous prevention against
duplicates [18178] #17582 became unreliable in 4.1 when `WP_Meta_Query`
introduced support for nested clauses. The current changeset adds a new method
`WP_Meta_Query::has_or_relation()` for checking whether an `OR` relation
appears anywhere in the query, and uses the new method in `WP_User_Query` to
enforce distinct results as necessary.

Props maxxsnake.
Fixes #32592.
Built from https://develop.svn.wordpress.org/trunk@32713


git-svn-id: http://core.svn.wordpress.org/trunk@32683 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-09 17:42:28 +00:00
Sergey Biryukov
50369e1c98 Add @since for check_password_reset_key(), reset_password(), and register_new_user().
see #20279.
Built from https://develop.svn.wordpress.org/trunk@32696


git-svn-id: http://core.svn.wordpress.org/trunk@32666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-05 20:39:26 +00:00
Boone Gorges
2c9a2850b4 Add @since entry for 'has_published_post' argument of WP_User_Query.
Mega-props DrewAPicture.
Fixes #32250.
Built from https://develop.svn.wordpress.org/trunk@32685


git-svn-id: http://core.svn.wordpress.org/trunk@32655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 18:21:26 +00:00
Boone Gorges
0471408596 Normalize whitespace in docblock for WP_User_Query::prepare_query().
Built from https://develop.svn.wordpress.org/trunk@32684


git-svn-id: http://core.svn.wordpress.org/trunk@32654 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 13:35:26 +00:00
Boone Gorges
6db02371ec Introduce 'has_published_posts' parameter for WP_User_Query.
This allows user query results to be limited to those users who have published
posts in at least one of the specified post types.

Props joehoyle, boonebgorges.
Fixes #32250.
Built from https://develop.svn.wordpress.org/trunk@32683


git-svn-id: http://core.svn.wordpress.org/trunk@32653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-02 13:30:26 +00:00
Scott Taylor
d38fed6449 Add missing doc blocks to user.php.
`username_exists()` should return `false` instead of `null`, just like `email_exists()` does, which is right under it.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32637


git-svn-id: http://core.svn.wordpress.org/trunk@32607 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-28 15:51:25 +00:00
Jeremy Felt
a5c688e817 Use site objects rather than get_blog_status() in MS list tables.
Removes several repetitive calls to `get_blog_status()` that are not needed, as the data is already available as part of each site's object.

Fixes #32512.

Built from https://develop.svn.wordpress.org/trunk@32630


git-svn-id: http://core.svn.wordpress.org/trunk@32600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 23:14:29 +00:00
Jeremy Felt
45ad4808d9 Provide all site flag data in objects returned by get_blogs_of_user()
Previously, `archived`, `spam`, and `deleted` properties were forced to `0` when returned by `get_blogs_of_user()`. This was originally introduced in [21794] as a way to prevent notices when properties were expected.

Instead, we can properly fill these properties with those retrieved from `get_blog_details()`.

Props realloc.
Fixes #32281.

Built from https://develop.svn.wordpress.org/trunk@32626


git-svn-id: http://core.svn.wordpress.org/trunk@32596 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 21:23:26 +00:00
Scott Taylor
1b52916239 Create a function, wp_roles(), to DRY the inline instantiation of the $wp_roles global.
Add missing doc blocks for `capabilities.php`.

See #32444.

Built from https://develop.svn.wordpress.org/trunk@32541


git-svn-id: http://core.svn.wordpress.org/trunk@32511 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-22 04:47:24 +00:00
Boone Gorges
9d54232e39 Streamline support for multiple post types in get_posts_by_author_sql().
* Don't accept a comma-separated list, only a single post type or an array of post types. This is easier to document.
* Add changelog entries to all calling functions.

Props DrewAPicture.
Fixes #32243.
Built from https://develop.svn.wordpress.org/trunk@32524


git-svn-id: http://core.svn.wordpress.org/trunk@32494 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-21 19:49:29 +00:00
Boone Gorges
67c935ad9c Support multiple post types in count_user_posts() and other functions that use get_posts_by_author_sql().
Props nikonratm.
Fixes #32243.
Built from https://develop.svn.wordpress.org/trunk@32523


git-svn-id: http://core.svn.wordpress.org/trunk@32493 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-21 18:43:27 +00:00
Boone Gorges
bbc5a2de2f Ensure that 'who' param is respected when generating meta_query in WP_User_Query.
Since [31669], the 'who' param had been parsed after meta_query was generated,
so that 'who' was effectively ignored.

Props imath.
Fixes #32019.
Built from https://develop.svn.wordpress.org/trunk@32207


git-svn-id: http://core.svn.wordpress.org/trunk@32180 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-20 15:16:27 +00:00
Dominik Schilling
64fc7294b6 Use HTTPS URLs for codex.wordpress.org.
see #27115.
Built from https://develop.svn.wordpress.org/trunk@32116


git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
Drew Jaynes
ba1e7a7243 Correct grammar when referring to "a user" vs "an user" in several places.
Props ocean90.
Fixes #31894.

Built from https://develop.svn.wordpress.org/trunk@32025


git-svn-id: http://core.svn.wordpress.org/trunk@32004 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-05 14:44:27 +00:00
Boone Gorges
820b895cf6 WP_User_Query: When querying users with 'fields=all', ensure that caps and roles are filled for the current site.
See [15566] for a parallel fix for 'fields=all_with_meta'.

Fixes #31878.
Built from https://develop.svn.wordpress.org/trunk@32001


git-svn-id: http://core.svn.wordpress.org/trunk@31980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-03 14:14:57 +00:00