Commit Graph

291 Commits

Author SHA1 Message Date
Sergey Biryukov
5f05d09dc2 Use a human-readable constant in wp_set_auth_cookie(). fixes #23372.
git-svn-id: http://core.svn.wordpress.org/trunk@23388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-06 03:44:43 +00:00
Mark Jaquith
2d6e677a03 Do not notify the post author about comments if they are no longer a member of the blog. props nickmomrick. fixes #23136
git-svn-id: http://core.svn.wordpress.org/trunk@23294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-08 04:03:16 +00:00
Mark Jaquith
3c0d96524c Move 'endif;' to its own line instead of having it room with a right curly brace. props dimadin. fixes #22586
git-svn-id: http://core.svn.wordpress.org/trunk@23228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-12-29 18:01:41 +00:00
Andrew Nacin
ad53112897 Pass 'blank' to Gravatar rather than sending blank.gif for Gravatar to proxy. props miqrogroove, fixes #22354.
git-svn-id: http://core.svn.wordpress.org/trunk@22566 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-14 05:29:56 +00:00
Andrew Nacin
557d9313a7 Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987.
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Andrew Nacin
52320dc5b3 It is 'Alternative Text', not 'Alternate Text'. props alecrust, RyanJKoehler. fixes #21176.
git-svn-id: http://core.svn.wordpress.org/trunk@21917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-19 16:55:43 +00:00
Andrew Nacin
8886eef8d9 Add nonce_user_logged_out filters to wp_create_nonce() and wp_verify_nonce() for when there is no user ID. Provides plugins the ability to tie a nonce to some other characteristic of the session. props sc0ttkclark, fixes #21111.
git-svn-id: http://core.svn.wordpress.org/trunk@21837 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-13 17:17:47 +00:00
Peter Westwood
fb917e5d95 Make sure that we always generate random numbers correctly even if the PHP build is slightly broken and truncates large integers.
Fixes #19571 props mdawaffe.


git-svn-id: http://core.svn.wordpress.org/trunk@21685 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-31 09:45:50 +00:00
Ryan Boren
c55cf716da Use set_url_scheme(). Props johnbillion, MarcusPope. see #19037 #20759
git-svn-id: http://core.svn.wordpress.org/trunk@21664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-30 13:33:00 +00:00
Andrew Nacin
46eb6f0c26 Move the optimization done to get_user_by() in [21376] higher up the stack, into map_meta_cap() and is_super_admin().
This provides nearly the same benefits without possibly receiving a stale object from get_userdata(),
which could affect authentication, and introduce side effects for plugins.

see #21120.



git-svn-id: http://core.svn.wordpress.org/trunk@21563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-20 21:58:34 +00:00
nacin
7127ed1197 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: http://core.svn.wordpress.org/trunk@21413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-03 01:06:05 +00:00
nacin
174dad02bc Optimize get_user_by( 'id', $id ) to return wp_get_current_user() when the current user ID is requested.
Provides for a major performance improvement by preventing repeated instantiations of WP_User in the capabilities API.

see #21120.



git-svn-id: http://core.svn.wordpress.org/trunk@21376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-31 17:45:38 +00:00
nacin
725e0cc1df Remove $wp_secret_key_default.
With the duplicate key checks, this is isn't necessary. It could also cause problems when you
temporarily update to an English translation of a new version before going back to the locale.

see #19599.



git-svn-id: http://core.svn.wordpress.org/trunk@20691 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-02 19:29:39 +00:00
duck_
0915eb5d43 Add missing "?" to gravatar_default URL in get_avatar() to set size parameter correctly. Fixes #20512.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20563 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-22 11:45:31 +00:00
duck_
b0a975512a Don't override the $current_user global in get_currentuserinfo() on an XML-RPC request
if it's non-empty. Fixes capabilities checks for XML-RPC requests. See #20372.


git-svn-id: http://svn.automattic.com/wordpress/trunk@20424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 16:19:53 +00:00
ryan
a831898020 When fetching the user in get_currentuserinfo(), make sure it is a valid WP_User object. If it is stdClass, upgrade it to WP_User. If it is WP_Error, an int, or anything else, set the current user to ID 0.
In wp_set_current_user(), return the current user global only if it is a WP_User object. If it is not, fall through and go about setting it up properly.

Formatting cleanups for both functions.

see #20372


git-svn-id: http://svn.automattic.com/wordpress/trunk@20410 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-09 22:01:07 +00:00
nacin
2410e392b9 wp_set_current_user(0) for XMLRPC_REQUEST in get_currentuserinfo(). Ensures that wp_get_current_user() always returns a WP_User object. see #20372.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20402 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-08 01:06:44 +00:00
ryan
de41bc288b Introduce WP_User::exists(). see #20372
git-svn-id: http://svn.automattic.com/wordpress/trunk@20378 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-06 19:18:45 +00:00
nacin
20f416f286 Internally cache return values of wp_salt(). Always run the filter. Big performance gains on a pageload that generates hundreds of nonces. see #19599.
git-svn-id: http://svn.automattic.com/wordpress/trunk@20135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-03-07 03:41:56 +00:00
ryan
6aedd9d0f0 Split the main WP_Query posts query into two queries to avoid temp tables. Leverage cache to avoid second query in persistent cache environments. Props scribu, cheald, prettyboymp. see #18536
git-svn-id: http://svn.automattic.com/wordpress/trunk@19918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-14 15:09:35 +00:00
nacin
acd0f7c375 Re-purpose wp_die() for ajax responses.
* Allows unit testing of core ajax actions.
 * wp_die() now has separate filters to choose a handler depending on the context (ajax, XML-RPC, else).
 * wp_die) in ajax context does not need to be called with a string. Conversion takes place before die().
props kurtpayne, see #15327.



git-svn-id: http://svn.automattic.com/wordpress/trunk@19801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-31 22:12:58 +00:00
nacin
017f5e4aeb Provide a DB fallback for keys in wp_salt(). Fall back when any secret is used more than once. Change how we detect a localized 'put your unique phrase here' -- eliminate $wp_default_secret_key and introduce $wp_secret_key_default to be added during the localized build process, not by translators. fixes #19599.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19771 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-27 18:52:20 +00:00
duck_
81a7ad2c81 split was deprecated in PHP 5.3.0, so use explode instead. Props garyc40. Fixes #16325.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-09 21:20:51 +00:00
ryan
81283c0561 Update wp_salt() phpdoc. fixes #18696
git-svn-id: http://svn.automattic.com/wordpress/trunk@19725 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-09 20:52:08 +00:00
ryan
83b131f8e3 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
git-svn-id: http://svn.automattic.com/wordpress/trunk@19687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:50:54 +00:00
nacin
d56fe066da s/is/if/. props ocean90.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-20 22:06:34 +00:00
nacin
2454f5b0d9 Gravatar emails should be trimmed before being lowered and hashed. props evansolomon. fixes #19614.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-20 22:00:44 +00:00
ryan
07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
duck_
424cd58652 Correct @param text ordering to put "Optional." in description, see r19019 and #18958. Also remove empty docblock tag.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19030 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-20 15:53:57 +00:00
westi
5eef6313ef Improve the parsing of email addresses in wp_mail to re-support RFC2822 nameless "<address@tld.com>" style. Fixes #18463 props kitchin and SergeyBiryukov.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18717 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-19 14:30:50 +00:00
duck_
2f51b9be0d Fix typos in documentation (wp-includes/[i-z]). See #18560.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-05 19:08:15 +00:00
ryan
0f06334e11 Introduce metadata_exists(), WP_User::get_data_by(), WP_User::get(), WP_User::has_prop(). Don't fill user objects with meta. Eliminate data duplication in cache and memory. Props scribu. see #15458
git-svn-id: http://svn.automattic.com/wordpress/trunk@18597 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-24 19:32:59 +00:00
dd32
6fa755e68e Harden up is_user_logged_in() against empty $current_user instances to prevent PHP Notices on XML-RPC requests. Fixes #18458
git-svn-id: http://svn.automattic.com/wordpress/trunk@18558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-17 08:51:36 +00:00
ryan
ec4ccf2900 Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
git-svn-id: http://svn.automattic.com/wordpress/trunk@18513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:57:31 +00:00
ryan
6c81d023bb Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
git-svn-id: http://svn.automattic.com/wordpress/trunk@18504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-04 03:09:27 +00:00
markjaquith
f030e87cdc Throw _doing_it_wrong() when nonce action not passed to check_admin_referer(). props duck_. see #16449
git-svn-id: http://svn.automattic.com/wordpress/trunk@18195 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-08 16:56:26 +00:00
westi
5e908c7190 Update wp_mail to correctly call the Address adding functions on PHPMailer for To, CC, BCC in a way which preserves our support for full RFC2822 address specifications.
Older versions of PHPMailer were not too careful about validating what we passed in to them as a plain email address - the new version expects we pass in the Name and Email address seperately.
Fixes #17305 based on a patch from dllh.

git-svn-id: http://svn.automattic.com/wordpress/trunk@18006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-23 11:14:05 +00:00
ryan
7f9f067e60 Use exceptions with phpmailer to avoid headers already sent errors. fixes #17228
git-svn-id: http://svn.automattic.com/wordpress/trunk@17753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-28 18:16:01 +00:00
ryan
c5b47b029c Remove setcookie() back compat. Props hakre. see#16920
git-svn-id: http://svn.automattic.com/wordpress/trunk@17612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-04-06 17:07:59 +00:00
markjaquith
b9487742e0 Improvement to check_admin_referer() when called without first argument (PLUGIN AUTHORS: STOP DOING THAT). props indie-ulf. fixes #16449 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@17385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-03 20:42:00 +00:00
ryan
8066547be3 Add some cookie filters to allow plugins more control over SSL cookie delivery. see #15330
git-svn-id: http://svn.automattic.com/wordpress/trunk@17227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-06 04:08:23 +00:00
dd32
9c4b151ba2 Restore pre-3.1 "Status:" header handling for IIS in wp_redirect. Revist in 3.2 to see if it's still required. Fixes #10187
git-svn-id: http://svn.automattic.com/wordpress/trunk@16907 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-14 10:15:31 +00:00
nacin
09e076b152 Remove unnecessary space. props demetris, JohnPBloch. fixes #12797.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16760 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-06 22:56:47 +00:00
nacin
de65e1f2f3 Fix arin whois link. props ozh. @todo consider its removal. see #15281.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-17 00:54:22 +00:00
nacin
81a8f2d3ce Use square brackets instead of braces for string access. props hakre, fixes #13900.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-13 09:53:55 +00:00
nacin
d974a35fb0 Don't notify the author when they posted or moderated the comment. fixes #12774.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-11 16:28:49 +00:00
ryan
0a0d648660 Send moderation emails to post author. see #6286
git-svn-id: http://svn.automattic.com/wordpress/trunk@16223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-06 15:20:50 +00:00
ryan
98c65bd2f7 Don't fire wp_notify_postauthor() when the author moderated the comment. Props mrmist. fixes #12774
git-svn-id: http://svn.automattic.com/wordpress/trunk@16208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-05 15:36:04 +00:00
ryan
9c31fd7c70 First pass of user admin. Network admin and screen cleanups. see #14696
git-svn-id: http://svn.automattic.com/wordpress/trunk@15746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-07 19:34:18 +00:00
dd32
9ce6d04ffb Retire IIS 3,4,5 Set-Cookie redirection workaround. See [2436] for original implementation. See #10187
git-svn-id: http://svn.automattic.com/wordpress/trunk@15682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-02 04:02:24 +00:00