Commit Graph

571 Commits

Author SHA1 Message Date
Gary Pendergast
4803fc405e Coding Standards: Fix the Squiz.PHP.DisallowMultipleAssignments violations in wp-includes.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45590


git-svn-id: http://core.svn.wordpress.org/trunk@45401 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-02 23:42:58 +00:00
Sergey Biryukov
573daa129c Users: Pass $length, $special_chars, and $extra_special_chars parameters to the random_password filter in wp_generate_password().
Props roytanck.
Fixes #47092.
Built from https://develop.svn.wordpress.org/trunk@45568


git-svn-id: http://core.svn.wordpress.org/trunk@45379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-27 00:48:53 +00:00
John Blackbourn
bab5ed2df5 Docs: Correct and improve the docs for a few nonce-related functions.
See #47110

Built from https://develop.svn.wordpress.org/trunk@45565


git-svn-id: http://core.svn.wordpress.org/trunk@45376 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-25 17:07:52 +00:00
Sergey Biryukov
aa59cb8359 Docs: Correct parameter name for wp_new_user_notification_email_admin filter.
Props needle.
Fixes #47476.
Built from https://develop.svn.wordpress.org/trunk@45489


git-svn-id: http://core.svn.wordpress.org/trunk@45300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-04 12:48:55 +00:00
John Blackbourn
75a8adb0eb Docs: Remove incorrect information about usage of the "from" filters in wp_mail(), tidy up formatting.
See #47110

Built from https://develop.svn.wordpress.org/trunk@45388


git-svn-id: http://core.svn.wordpress.org/trunk@45199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-23 22:42:52 +00:00
Sergey Biryukov
b36a31ae14 Docs: Fix typo in wp_mail() description.
Props seedsca.
Fixes #47208.
Built from https://develop.svn.wordpress.org/trunk@45302


git-svn-id: http://core.svn.wordpress.org/trunk@45111 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-10 09:53:54 +00:00
John Blackbourn
d4d1267847 I18N: Improvements to and additions of translator comments for various email subject strings.
Props ramiy

Fixes #46920

Built from https://develop.svn.wordpress.org/trunk@45204


git-svn-id: http://core.svn.wordpress.org/trunk@45013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-15 22:39:50 +00:00
desrosj
79f8d9786d Text Changes: Use simpler language for login detail email subjects.
Props: peterwilsoncc, desrosj.
Fixes #37940.
Built from https://develop.svn.wordpress.org/trunk@45173


git-svn-id: http://core.svn.wordpress.org/trunk@44982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-12 18:16:52 +00:00
Gary Pendergast
9a80e2095b Text Changes: Tweak the wording of email notification subjects.
This change brings more coherence between the subject lines of the various emails WordPress will send.

Props ramiy, pento.
Fixes #37940.

Built from https://develop.svn.wordpress.org/trunk@45137


git-svn-id: http://core.svn.wordpress.org/trunk@44946 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-08 06:17:51 +00:00
Sergey Biryukov
931f8046d3 Docs: Improve wording in a comment in wp_set_current_user().
Props nielsdeblaauw.
Fixes #45032.
Built from https://develop.svn.wordpress.org/trunk@44826


git-svn-id: http://core.svn.wordpress.org/trunk@44658 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-11 10:57:55 +00:00
Gary Pendergast
655d44ffe8 Users: Add extra checking to wp_new_user_notification().
Prevent a notification from being sent when an unrecognised value is passed in the `$notify` parameter.

Props cthreelabs, 360zen.
Fixes #44293.


Built from https://develop.svn.wordpress.org/trunk@44611


git-svn-id: http://core.svn.wordpress.org/trunk@44442 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-16 04:27:50 +00:00
desrosj
8f3ee6d243 Docs: Update since tag for X-Redirect-By header additions.
See [42408-42409], [42633], [42647].

Fixes #42313.
Built from https://develop.svn.wordpress.org/trunk@44386


git-svn-id: http://core.svn.wordpress.org/trunk@44216 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-03 18:11:52 +00:00
Gary Pendergast
bfc53e6a52 i18n: Improve consistency of translator comments.
Props ramonopoly.
Fixes #44998.


Built from https://develop.svn.wordpress.org/trunk@43668


git-svn-id: http://core.svn.wordpress.org/trunk@43497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-10-02 19:51:24 +00:00
John Blackbourn
8992656b13 Docs: Correct and improve some docblocks.
See #42505

Built from https://develop.svn.wordpress.org/trunk@43642


git-svn-id: http://core.svn.wordpress.org/trunk@43471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-09-14 13:35:25 +00:00
Gary Pendergast
56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Sergey Biryukov
0ff5536bac Posts, Post Types: Use COOKIEPATH when clearing post password cookie, as that's the path it's created with.
See #44089.
Built from https://develop.svn.wordpress.org/trunk@43318


git-svn-id: http://core.svn.wordpress.org/trunk@43147 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-27 01:33:22 +00:00
Sergey Biryukov
a724d77a4e Posts, Post Types: Clear post password cookie when logging out.
Props skoldin, subrataemfluence, ianbelanger, johnbillion.
Fixes #44089.
Built from https://develop.svn.wordpress.org/trunk@43317


git-svn-id: http://core.svn.wordpress.org/trunk@43146 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-05-26 12:43:23 +00:00
Dominik Schilling
5c291d49de Pinking shears.
See #41057.
Built from https://develop.svn.wordpress.org/trunk@42843


git-svn-id: http://core.svn.wordpress.org/trunk@42673 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-18 14:23:33 +00:00
Sergey Biryukov
4848a09b35 I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders.
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.

Fixes #43523.
Built from https://develop.svn.wordpress.org/trunk@42827


git-svn-id: http://core.svn.wordpress.org/trunk@42657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-11 16:44:34 +00:00
Drew Jaynes
6e665d1f15 Docs: Link to the "Conditional Tags" article in the Theme Developer Handbook from the descriptions for a variety of core conditional tag functions.
These notations largely serve to direct consumers (of both the source and the parsed code reference) to extended information on individual and related conditional tags throughout WordPress. The changeset also standardizes corresponding DocBlock summaries to use third-person singular verbs.

Notations been added for the following functions:

* comments_open()
* email exists()
* has_excerpt()
* has_post_thumbnail()
* has_tag()
* in_category()
* in_the_loop()
* is_404()
* is_active_sidebar()
* is_active_widget()
* is_admin()
* is_admin_bar_showing()
* is_archive()
* is_attachment()
* is_author()
* is_blog_installed()
* is_category()
* is_comments_popup()
* is_date()
* is_day()
* is_dynamic_sidebar()
* is_feed()
* is_front_page()
* is_home()
* is_local_attachment()
* is_main_query
* is_month()
* is_multi_author
* is_new_day()
* is_page()
* is_page_template()
* is_paged()
* is_plugin_active()
* is_plugin_active_for_network()
* is_plugin_inactive()
* is_plugin_page()
* is_post_type_archive()
* is_preview()
* is_rtl()
* is_search()
* is_single()
* is_singular()
* is_sticky()
* is_tag()
* is_tax()
* is_taxonomy_hierarchical()
* is_time()
* is_trackback()
* is_user_logged_in()
* is_year()
* pings_open()
* post_type_exists()
* taxonomy_exists()
* term_exists()
* username exists()
* wp_attachment_is_image()
* wp_script_is()

Props janalwin.
Fixes #43254.

Built from https://develop.svn.wordpress.org/trunk@42710


git-svn-id: http://core.svn.wordpress.org/trunk@42538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-13 16:54:31 +00:00
John Blackbourn
a1eb261cd1 Canonical: Add $x_redirect_by parameter to wp_safe_redirect().
See [42633] and [42408].

Fixes #42313.

Built from https://develop.svn.wordpress.org/trunk@42647


git-svn-id: http://core.svn.wordpress.org/trunk@42476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-04 16:05:32 +00:00
Sergey Biryukov
673ff22b2b Canonical: Add $x_redirect_by parameter to wp_redirect() that allows applications doing the redirect to identify themselves.
This complements the `x_redirect_by` filter added in [42408].

Props NathanAtmoz, johnbillion.
Fixes #42313.
Built from https://develop.svn.wordpress.org/trunk@42633


git-svn-id: http://core.svn.wordpress.org/trunk@42462 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-01 15:06:35 +00:00
Sergey Biryukov
df07690883 Canonical: After [42408], remove sprintf() call for consistency with Location header.
See #42313.
Built from https://develop.svn.wordpress.org/trunk@42409


git-svn-id: http://core.svn.wordpress.org/trunk@42238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-18 01:11:47 +00:00
Sergey Biryukov
0bc86bc220 Canonical: Introduce x_redirect_by filter that allows applications to identify themselves via X-Redirect-By header when they're doing a redirect.
Props joostdevalk.
Fixes #42313.
Built from https://develop.svn.wordpress.org/trunk@42408


git-svn-id: http://core.svn.wordpress.org/trunk@42237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-18 01:04:52 +00:00
Sergey Biryukov
823ec0859a Docs: Correct @staticvar entry for wp_rand().
Props chetan200891, birgire.
Fixes #42796.
Built from https://develop.svn.wordpress.org/trunk@42377


git-svn-id: http://core.svn.wordpress.org/trunk@42206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-07 13:53:47 +00:00
Drew Jaynes
f4faaa53c7 Docs: Improve the usefulness of docs for wp_generate_password() by noting the use of wp_rand() vs rand() or mt_rand().
Props webdevmattcrom.
Fixes #42782.

Built from https://develop.svn.wordpress.org/trunk@42373


git-svn-id: http://core.svn.wordpress.org/trunk@42202 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-04 22:40:47 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
John Blackbourn
bb5621a084 General: Pass on the return value from wp_redirect() for wp_safe_redirect().
This brings the behaviour of the two functions in line with each other.

Props Drivingralle

Fixes 42108

Built from https://develop.svn.wordpress.org/trunk@42206


git-svn-id: http://core.svn.wordpress.org/trunk@42035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-20 20:24:48 +00:00
John Blackbourn
3be5d4b4f0 Docs: Improve inline docs for the wp_redirect() and wp_safe_redirect() functions.
See #42505, #42108

Built from https://develop.svn.wordpress.org/trunk@42143


git-svn-id: http://core.svn.wordpress.org/trunk@41974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-10 13:44:47 +00:00
Sergey Biryukov
806b2a5af1 Comments: Change IP references in moderation option labels and email notifications to IP address for clarity.
Props mako09, gk.loveweb, bradparbs.
Fixes #40382.
Built from https://develop.svn.wordpress.org/trunk@41704


git-svn-id: http://core.svn.wordpress.org/trunk@41538 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-03 13:09:47 +00:00
John Blackbourn
9fdbe6538e Docs: Remove & prefixes from parameter documentation to avoid doc parsing errors.
Props sudar for the original patch.

See #35974

Built from https://develop.svn.wordpress.org/trunk@41686


git-svn-id: http://core.svn.wordpress.org/trunk@41520 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-02 22:03:33 +00:00
John Blackbourn
f2a0b5267d Login and Registration: Pass the user session token to the set_auth_cookie and set_logged_in_cookie filters.
This also adds some missing `@since` parameters for other uses of the token so that developers know when the token was first made available to various filters.

Fixes #41849

Built from https://develop.svn.wordpress.org/trunk@41365


git-svn-id: http://core.svn.wordpress.org/trunk@41198 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-10 21:09:45 +00:00
John Blackbourn
dee0e3a67b Users: Switch to using array style filters for the newly introduced filters in wp_password_change_notification() and wp_new_user_notification().
This introduces three new filters, replacing those that were introduced in [41153]:

* `wp_password_change_notification_email`
* `wp_new_user_notification_email_admin`
* `wp_new_user_notification_email`

Props pbearne

Fixes #38068

Built from https://develop.svn.wordpress.org/trunk@41213


git-svn-id: http://core.svn.wordpress.org/trunk@41053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 13:21:46 +00:00
Sergey Biryukov
7d2b400876 Users: Use esc_url() instead of esc_attr() to escape the value of the srcset attribute in get_avatar().
Props joemcgill, henry.wright.
Fixes #41215.
Built from https://develop.svn.wordpress.org/trunk@41156


git-svn-id: http://core.svn.wordpress.org/trunk@40996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-26 13:22:44 +00:00
John Blackbourn
b6ca2d77a8 Users: Introduce filters for the contents of email notifications for new user registrations and password resets.
Introduces:

* `wp_password_change_notification_subject`
* `wp_password_change_notification_message`
* `wp_password_change_notification_headers`
* `wp_new_user_notification_admin_subject`
* `wp_new_user_notification_admin_message`
* `wp_new_user_notification_admin_headers`
* `wp_new_user_notification_subject`
* `wp_new_user_notification_message`
* `wp_new_user_notification_headers`

Props pbearne, dipesh.kakadiya

Fixes #38068

Built from https://develop.svn.wordpress.org/trunk@41153


git-svn-id: http://core.svn.wordpress.org/trunk@40993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-26 00:54:43 +00:00
John Blackbourn
9c7c11f268 Users: Clear the user settings cookies when clearing auth cookies.
This prevents lingering cookies when logging out and when switching between user accounts.

Props soulseekah, shanee
Fixes #32567

Built from https://develop.svn.wordpress.org/trunk@40580


git-svn-id: http://core.svn.wordpress.org/trunk@40450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-07 16:54:42 +00:00
Pascal Birchler
72c19648bc Load: Only load PasswordHash class when needed.
This reverts [38371] which loaded `class-phpass.php` early in `wp-settings.php` and in turn caused backward compatibility problems.

Props DavidAnderson, ketuchetan.
Fixes #39445.

Built from https://develop.svn.wordpress.org/trunk@40387


git-svn-id: http://core.svn.wordpress.org/trunk@40294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-06 18:01:42 +00:00
Sergey Biryukov
41666b5e0c Mail: Use correct capitalization for PHPMailer methods in wp_mail().
Props Soean, reidbusi.
Fixes #39702.
Built from https://develop.svn.wordpress.org/trunk@40363


git-svn-id: http://core.svn.wordpress.org/trunk@40270 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-04-01 14:34:43 +00:00
John Blackbourn
96b2923e62 Docs: Remove the duplicate hook documentation for the newly introduced send_auth_cookies filter.
See #39367

Built from https://develop.svn.wordpress.org/trunk@40264


git-svn-id: http://core.svn.wordpress.org/trunk@40184 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-10 15:03:42 +00:00
John Blackbourn
265a0f4d98 Build/Test tools: Don't override the wp_set_auth_cookie() and wp_clear_auth_cookie() functions.
Overriding pluggable functions in the test suite is asking for trouble in the future. In addition, it means the test suite can't be guaranteed to behave the same as core.

This instead introduces a `send_auth_cookies` filter which can be hooked in during the test suite to prevent these functions from attempting to send cookie headers to the client.

Fixes #39367

Built from https://develop.svn.wordpress.org/trunk@40263


git-svn-id: http://core.svn.wordpress.org/trunk@40183 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-10 14:33:46 +00:00
John Blackbourn
4dffd5b82e Build/Test tools: Revert [40239] due to unrelated changes.
See #39486

Built from https://develop.svn.wordpress.org/trunk@40240


git-svn-id: http://core.svn.wordpress.org/trunk@40170 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-08 00:05:42 +00:00
John Blackbourn
28055b9ff5 Build/Test tools: In Travis, skip some tests when not on trunk.
This skips time sensitive tests (copyright year and PHP/MySQL version requirements) when tests are run on branches on Travis.

Props netweb, jorbin
Fixes #39486

Built from https://develop.svn.wordpress.org/trunk@40239


git-svn-id: http://core.svn.wordpress.org/trunk@40169 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-08 00:01:46 +00:00
Aaron Campbell
288cd46939 Strip control characters before validating redirect.
Built from https://develop.svn.wordpress.org/trunk@40183


git-svn-id: http://core.svn.wordpress.org/trunk@40122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-06 13:38:41 +00:00
Dion Hulse
577a192ebd Mail: In PHPMailer 5.2.7 the case of the Send() method changed to send(), update our call for consistency with the library.
Props michalzuber.
Fixes #39469.

Built from https://develop.svn.wordpress.org/trunk@39691


git-svn-id: http://core.svn.wordpress.org/trunk@39631 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-05 08:10:42 +00:00
Dion Hulse
1a40f6b7ae Mail: Ensure that any phpmailerException exceptions generated by setFrom() are caught to avoid PHP Fatal errors.
This change avoids a PHP fatal error that can be encountered when the specified (or generated) source email is an invalid address, such as `wordpress@_`, it makes no effort to set a valid source, only avoid the fatal error.

See #25239 for correcting the email address.
Fixes #39360.

Built from https://develop.svn.wordpress.org/trunk@39655


git-svn-id: http://core.svn.wordpress.org/trunk@39595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-30 06:44:40 +00:00
John Blackbourn
80a839de13 Docs: Misc corrections and additions to inline documentation.
See #39130
Props keesiemeijer

Built from https://develop.svn.wordpress.org/trunk@39639


git-svn-id: http://core.svn.wordpress.org/trunk@39579 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 09:28:40 +00:00
John Blackbourn
c2d709e9d6 I18n: Introduce more translator comments for strings that contain placeholders but don't have an accompanying translator comment.
See #38882

Built from https://develop.svn.wordpress.org/trunk@39326


git-svn-id: http://core.svn.wordpress.org/trunk@39266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 02:46:30 +00:00
John Blackbourn
4cf5550d8d I18n: Begin introducing translator comments for strings which include placeholders but no accompanying translator comment.
Adds context to one string used in two different contexts for the new user and new site signup email notification.

More to come.

See #38882

Built from https://develop.svn.wordpress.org/trunk@39323


git-svn-id: http://core.svn.wordpress.org/trunk@39263 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 01:22:32 +00:00
Helen Hou-Sandí
dab566d973 Mail: Set a better error code when triggering wp_mail_failed.
This error code is now... wait for it... `wp_mail_failed`. Previously, this would have been the originating PHPMailer error code, which could be `0`, which would then fail (pass?) the `empty()` check in the `WP_Error` constructor, thereby rendering the error object fairly useless. The PHPMailer error code is now located within the `WP_Error` data.

props Kau-Boy, stephenharris.
fixes #35598.

Built from https://develop.svn.wordpress.org/trunk@39086


git-svn-id: http://core.svn.wordpress.org/trunk@39028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 04:27:34 +00:00
Drew Jaynes
5f4497f0af Docs: Fix multiple trivial typos throughout a variety of core files.
Props ottok.
Fixes #38489.

Built from https://develop.svn.wordpress.org/trunk@39051


git-svn-id: http://core.svn.wordpress.org/trunk@38993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:28:32 +00:00
Dominik Schilling
7819e2b4ba I18N: Introduce a locale-switching function.
With the introduction of user-specific languages in [38705] it's necessary to be able to switch translations on the fly. For example emails should be sent in the language of the recipient and not the one of the current user.

This introduces a new `WP_Locale_Switcher` class which is used for switching locales and translations. It holds the stack of locales whenever `switch_to_locale( $locale )` is called. With `restore_previous_locale()` you can restore the previous locale. `restore_current_locale()` empties the stack and sets the locale back to the initial value.

`switch_to_locale()` is added to most of core's email functions, either with the value of `get_locale()` (site language) or `get_user_locale()` (user language with fallback to site language).

Props yoavf, tfrommen, swissspidy, pbearne, ocean90.
See #29783.
Fixes #26511.
Built from https://develop.svn.wordpress.org/trunk@38961


git-svn-id: http://core.svn.wordpress.org/trunk@38904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 15:36:31 +00:00
Scott Taylor
a3ffebce30 Bootstrap: do not go gentle into that good night r38411, r38412, and parts of r38389.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38470


git-svn-id: http://core.svn.wordpress.org/trunk@38411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 16:31:29 +00:00
John Blackbourn
a1d61a95e1 Security: Return a 403 instead of a 200 HTTP status when check_ajax_referer() fails.
This is, unfortunately, untestable in the current test suite, even in the AJAX tests.

Fixes #36362

Built from https://develop.svn.wordpress.org/trunk@38421


git-svn-id: http://core.svn.wordpress.org/trunk@38362 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-28 17:31:30 +00:00
John Blackbourn
b85e322e35 Security: Trigger a _doing_it_wrong() when check_ajax_referer() is called without its first parameter. This brings it inline with check_admin_referer().
Fixes #36361

Built from https://develop.svn.wordpress.org/trunk@38420


git-svn-id: http://core.svn.wordpress.org/trunk@38361 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-28 17:15:28 +00:00
Scott Taylor
390ceba6c7 Bootstrap: after r38409 and r38410, revert r38402 which reverted r38399.
This fixes the paths in `wp-vendor/` that were including `src`. I want to drop this in so we can find out what else will break.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38411


git-svn-id: http://core.svn.wordpress.org/trunk@38352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 22:32:37 +00:00
Dion Hulse
0e31a46161 Bootstrap: Revert [38399] as it's broken /build/ and subsequently core.svn.wordpress.org.
The generated classmaps reference `/src/` files and operates in the assumption that the base directory is one level above `wp-settings.php`, which it isn't after our build processes are run.

See #36335

Built from https://develop.svn.wordpress.org/trunk@38402


git-svn-id: http://core.svn.wordpress.org/trunk@38343 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 14:37:32 +00:00
Scott Taylor
6a529648cf Bootstrap: Autoload classes using a Composer-generated PHP 5.2-compatible Autoloader.
* `wp-admin` and `wp-includes` are scanned for classes to autoload
* Several 3rd-party and Ryan McCue-shaped libraries are excluded when the classmap is generated, see `composer.json`: `autoload.exclude-from-classmap`
* `wp-vendor/autoload_52.php` is included at the top of `wp-settings.php` - no changes need to be made to unit tests to include the autoloader
* An avalanche of `require()` and `require_once()` calls that loaded class files have been removed from the codebase.

The following files have been added to `svn:ignore` - they are not 5.2-compatible and fail during pre-commit:
* src/wp-vendor/autoload.php
* src/wp-vendor/composer/autoload_real.php
* src/wp-vendor/composer/autoload_static.php
* src/wp-vendor/composer/ClassLoader.php

We favor these files instead:
* src/wp-vendor/autoload_52.php
* src/wp-vendor/composer/autoload_real_52.php
* src/wp-vendor/composer/ClassLoader52.php

When new PHP classes are added to the codebase, simply run `composer install` or `composer update` from the project root to update the autoloader.

The future is now.

See #36335.

Built from https://develop.svn.wordpress.org/trunk@38399


git-svn-id: http://core.svn.wordpress.org/trunk@38340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-27 09:15:29 +00:00
Scott Taylor
481123661c Load: load class-phpass.php (PasswordHash class) early in wp-settings.php, instead of require_once()'ing it in several places.
See #36335.

Built from https://develop.svn.wordpress.org/trunk@38371


git-svn-id: http://core.svn.wordpress.org/trunk@38312 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-26 17:40:35 +00:00
Drew Jaynes
f07f1b126e Docs: Add a missing parenthesis in an example in the DocBlock for wp_redirect().
Props shayanys.
See #37770.

Built from https://develop.svn.wordpress.org/trunk@38350


git-svn-id: http://core.svn.wordpress.org/trunk@38291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-25 07:36:31 +00:00
Scott Taylor
b7812bd416 AJAX: add a new function, wp_doing_ajax(), which can replace... (wait for it...) DOING_AJAX checks via the constant.
Props Mte90, sebastian.pisula, swissspidy.
Fixes #25669.

Built from https://develop.svn.wordpress.org/trunk@38334


git-svn-id: http://core.svn.wordpress.org/trunk@38275 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-23 14:33:30 +00:00
Boone Gorges
54fe38c7cc Mail: Don't set Sender field when setting From.
[38058] changed `wp_mail()` so that it used PHPMailer's `setFrom()`
method rather than setting the From and FromName headers directly. See
behavior of setting the `Sender` field. This causes `mail` to be
called with the `-f` flag, which causes outgoing email to fail on some
server environments.

Props Clorith, iandunn, DrewAPicture.
Fixes #37736.
Built from https://develop.svn.wordpress.org/trunk@38286


git-svn-id: http://core.svn.wordpress.org/trunk@38227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-20 02:17:38 +00:00
Boone Gorges
905f4ec0f8 Mail: Improve handling of UTF-8 address headers.
Previously, `wp_mail()` implemented Reply-To as a generic header, using
PHPMailer's `addCustomHeader()`. As such, the email address portion of
the header was being incorrectly encoded when the name portion
contained UTF-8 characters. Switching to PHPMailer's more specific
`addReplyTo()` method fixes the issue.

For greater readability, the handling of all address-related headers
(To, CC, BCC, Reply-To) has been standardized.

Props szepe.viktor, iandunn, bpetty, stephenharris.
Fixes #21659.
Built from https://develop.svn.wordpress.org/trunk@38058


git-svn-id: http://core.svn.wordpress.org/trunk@37999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-13 18:04:28 +00:00
Drew Jaynes
6c7148943b Docs: Standardize capitalization of Ajax throughout core documentation per the core spelling guide.
Ajax, while considered an acronym for Asynchronous JavaScript and XML, is most commonly capitalized only in the first character.

Part props ocean90.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@38028


git-svn-id: http://core.svn.wordpress.org/trunk@37969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-10 00:51:30 +00:00
Sergey Biryukov
139387b7e5 Docs: Use 3-digit, x.x.x-style semantic versioning for _doing_it_wrong(), _deprecated_function(), _deprecated_argument(), and _deprecated_file() throughout core.
Props metodiew.
Fixes #36495.
Built from https://develop.svn.wordpress.org/trunk@37985


git-svn-id: http://core.svn.wordpress.org/trunk@37926 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-06 12:40:29 +00:00
Jeremy Felt
6f3f00ea97 Multisite: Change WP_Network id property to an integer.
For consistency and developer sanity.

Props flixos90.
Fixes #37050.

Built from https://develop.svn.wordpress.org/trunk@37870


git-svn-id: http://core.svn.wordpress.org/trunk@37811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-26 14:26:29 +00:00
Sergey Biryukov
bbd663415c Text Changes: Simplify two strings in wp_password_change_notification().
Add translator comments.

Props ramiy.
See #35736.
Built from https://develop.svn.wordpress.org/trunk@37704


git-svn-id: http://core.svn.wordpress.org/trunk@37670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 22:09:28 +00:00
Jeremy Felt
d75f77a410 Admin: Allow for the consistent filtering of auth_redirect_scheme
Fixes #37047.

Built from https://develop.svn.wordpress.org/trunk@37651


git-svn-id: http://core.svn.wordpress.org/trunk@37617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-07 20:49:30 +00:00
Drew Jaynes
9193013158 Docs: Apply inline @see tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

Fixes #36921.

Built from https://develop.svn.wordpress.org/trunk@37544


git-svn-id: http://core.svn.wordpress.org/trunk@37512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 19:02:28 +00:00
Drew Jaynes
6c534918d4 Docs: Standardize filter docs in wp-includes/pluggable.php to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37508


git-svn-id: http://core.svn.wordpress.org/trunk@37476 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:35:27 +00:00
Eric Lewis
02a4e761f2 Users: Correct inline docs for cookie expiration.
Props kjbenk.
Fixes #35568.

Built from https://develop.svn.wordpress.org/trunk@37315


git-svn-id: http://core.svn.wordpress.org/trunk@37281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-27 02:52:28 +00:00
Sergey Biryukov
c371296223 Users: In wp_new_user_notification(), sdd 'user' option for the $notify parameter, which allows for sending notification only to the user created.
Props akibjorklund.
Fixes #36009.
Built from https://develop.svn.wordpress.org/trunk@37276


git-svn-id: http://core.svn.wordpress.org/trunk@37242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-21 10:20:27 +00:00
Drew Jaynes
11ab384086 Docs: Improve 4.5 changelog entries introduced in [36992] for wp_authenticate(), and the authenticate and wp_login_failed hooks.
See #9568. See #35986.

Built from https://develop.svn.wordpress.org/trunk@37030


git-svn-id: http://core.svn.wordpress.org/trunk@36997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-17 08:06:27 +00:00
John Blackbourn
621085a360 Users: Add @since entries to wp_authenticate() and its filters now that the $username parameter can also be an email address.
See #9568, #35986

Built from https://develop.svn.wordpress.org/trunk@36992


git-svn-id: http://core.svn.wordpress.org/trunk@36959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-14 22:31:27 +00:00
Sergey Biryukov
ef7a559e2e Docs: Correct filter reference in pre_get_avatar filter description.
Props henry.wright.
Fixes #36031.
Built from https://develop.svn.wordpress.org/trunk@36800


git-svn-id: http://core.svn.wordpress.org/trunk@36767 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-02 03:41:28 +00:00
Dominik Schilling
e5ea82d81a Spelling: Standardize on "front end"/"back end" (noun) and "front-end"/"back-end" (adjective).
Props obrienlabs, thewanderingbrit.
Fixes #34887.
Built from https://develop.svn.wordpress.org/trunk@36709


git-svn-id: http://core.svn.wordpress.org/trunk@36676 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 12:53:27 +00:00
Drew Jaynes
f5ea3e5dac Docs: Make a few syntactical improvements to the DocBlock for _wp_get_current_user(), introduced in [36651].
Includes a cross reference from the DocBlock for `wp_get_current_user()`, which itself is pluggable, but the new internal function is not.

See #19615. See #32246.

Built from https://develop.svn.wordpress.org/trunk@36705


git-svn-id: http://core.svn.wordpress.org/trunk@36672 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-25 05:07:26 +00:00
Sergey Biryukov
f170058209 Mail: Correct compact() usage in wp_mail().
Props Ankit K Gupta, maweder.
Fixes #35781 for trunk.
Built from https://develop.svn.wordpress.org/trunk@36688


git-svn-id: http://core.svn.wordpress.org/trunk@36655 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 17:38:27 +00:00
Pascal Birchler
9612c26db3 Users: Introduce _wp_get_current_user() for improved backward compatibility.
This new helper function is used by the pluggable functions `wp_get_current_user()` and `get_currentuserinfo()`, which was previously being called by the former before [36311]. Without it, infinite loops could be caused when plugins implement these functions, as they are now called the other way around.

Fixes #19615.
Built from https://develop.svn.wordpress.org/trunk@36651


git-svn-id: http://core.svn.wordpress.org/trunk@36618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 22:26:28 +00:00
Dominik Schilling
7ebe2c1e7a Authentication: Allow users to log in using their email address.
Introduces `wp_authenticate_email_password()` which is hooked into `authenticate` after `wp_authenticate_username_password()`.

Props Denis-de-Bernardy, ericlewis, vhomenko, MikeHansenMe, swissspidy, ocean90.
Fixes #9568.
Built from https://develop.svn.wordpress.org/trunk@36617


git-svn-id: http://core.svn.wordpress.org/trunk@36584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-22 23:15:27 +00:00
Rachel Baker
06225cc394 Comments: Refresh the Moderate Comment screen for a friendlier experience with email moderation actions.
Brings some love to this neglected screen:
* format `comment_content`, instead of escaping in one massive block of text
* only wrap the comment date in a link if the comment permalink exists
* include link to the Edit Comment screen at the bottom of the comment_content
* update the message styles to match other screens
* append `#wpbody-content` to the comment email message links for accessibility

Props johnbillion, rachelbaker, afercia, melchoyce, karmatosed.

Fixes #34133
Built from https://develop.svn.wordpress.org/trunk@36588


git-svn-id: http://core.svn.wordpress.org/trunk@36555 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-19 19:14:26 +00:00
Dominik Schilling
72c6f7f86f Suppress possible warnings in PHP < 5.3.3 by parse_url() in wp_validate_redirect().
PHP 5.3.3 removed the E_WARNING that was emitted when URL parsing failed.
Built from https://develop.svn.wordpress.org/trunk@36446


git-svn-id: http://core.svn.wordpress.org/trunk@36413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 16:34:27 +00:00
Aaron Jorbin
5c4031dd84 Revert [35792]
This causes a regression and causes redirects to potentially fail.

See #5114 #34028
props ocean90

Built from https://develop.svn.wordpress.org/trunk@36445


git-svn-id: http://core.svn.wordpress.org/trunk@36412 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 16:24:26 +00:00
Dominik Schilling
361ed7a3d6 Better validation of the URL used in HTTP redirects.
Built from https://develop.svn.wordpress.org/trunk@36444


git-svn-id: http://core.svn.wordpress.org/trunk@36411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-02 15:11:28 +00:00
Dominik Schilling
c5e3716c11 Docs: Fix @return type for wp_get_current_user() after [36313].
See #19615.
Built from https://develop.svn.wordpress.org/trunk@36314


git-svn-id: http://core.svn.wordpress.org/trunk@36281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 11:16:26 +00:00
Pascal Birchler
9cd880d356 Users: Always return $current_user in wp_get_current_user(), never a boolean.
Fixes unit tests affected by [36311].

See #19615.
Built from https://develop.svn.wordpress.org/trunk@36313


git-svn-id: http://core.svn.wordpress.org/trunk@36280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 10:47:25 +00:00
Pascal Birchler
283684b616 Users: Deprecate the get_currentuserinfo() pluggable function.
It encourages an ugly pattern like `global $userdata; get_currentuserinfo();` in plugins/themes. `wp_get_current_user()` should be used instead, e.g. `$current_user = wp_get_current_user();`.

Props scribu for initial patch.
Fixes #19615.
Built from https://develop.svn.wordpress.org/trunk@36311


git-svn-id: http://core.svn.wordpress.org/trunk@36278 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-15 10:16:27 +00:00
Eric Lewis
c52af7470b Login is not a verb, change "login" to "log in".
See #35387

Built from https://develop.svn.wordpress.org/trunk@36246


git-svn-id: http://core.svn.wordpress.org/trunk@36213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 21:08:26 +00:00
Eric Lewis
2f41867519 Users: Fix incorrect docs for user authentication and login functions.
Fixes #35387

Built from https://develop.svn.wordpress.org/trunk@36245


git-svn-id: http://core.svn.wordpress.org/trunk@36212 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 20:52:27 +00:00
Sergey Biryukov
b0b561517d Docs: Fix typo in a comment in wp_rand().
Props boluda.
Fixes #35228.
Built from https://develop.svn.wordpress.org/trunk@36102


git-svn-id: http://core.svn.wordpress.org/trunk@36067 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-26 11:07:28 +00:00
Drew Jaynes
7b19006ce1 Docs: Add missing parameter and return notations to the DocBlock for _wp_sanitize_utf8_in_redirect().
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35980


git-svn-id: http://core.svn.wordpress.org/trunk@35945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-16 23:15:27 +00:00
John Blackbourn
593cc9abbd Add missing @param docs to wp_safe_redirect() and wp_sanitize_redirect().
See #32246

Built from https://develop.svn.wordpress.org/trunk@35914


git-svn-id: http://core.svn.wordpress.org/trunk@35878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-14 02:43:25 +00:00
John Blackbourn
9f7165d522 Add missing @param doc to wp_hash().
See #32246

Built from https://develop.svn.wordpress.org/trunk@35913


git-svn-id: http://core.svn.wordpress.org/trunk@35877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-14 02:39:26 +00:00
John Blackbourn
48380c58a5 Add missing @param doc to wp_check_password() and update the check_password filter docs.
See #32246

Built from https://develop.svn.wordpress.org/trunk@35909


git-svn-id: http://core.svn.wordpress.org/trunk@35873 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-14 02:30:26 +00:00
Aaron Campbell
894526c78d Consider both home and site domains to be valid in wp_validate_redirect().
Props layotte.
Fixes #34028.

Built from https://develop.svn.wordpress.org/trunk@35792


git-svn-id: http://core.svn.wordpress.org/trunk@35756 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-06 21:17:24 +00:00
Dominik Schilling
0632e4ab84 Passwords: Support the pre-4.3 behavior of wp_new_user_notification().
Hello, it's me again. A pluggable function named `wp_new_user_notification()`. A few months ago, after [33023], I have lost my second parameter `$plaintext_pass`. But thanks to [33620] I got a new one.
Bad idea - It hasn't had the same behavior as my previous parameter.
To solve that the second parameter got deprecated and reintroduced as the third parameter in [34116]. I was happy again, for a short time.
You remember my lost friend `$plaintext_pass`? No? Well, if its value was empty no notification was sent to the user. This behavior was still lost. And that's what this change is about: Don't notify a user if a plugin uses `wp_new_user_notification( $user_id )`.

You're asking if I'm happy now? Dunno, but maybe you have learned something about pluggable functions, have you?

Props danielbachhuber.
Fixes #34377.
Built from https://develop.svn.wordpress.org/trunk@35735


git-svn-id: http://core.svn.wordpress.org/trunk@35699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-24 23:07:26 +00:00
Scott Taylor
34a9b6e428 Mail: in wp_notify_postauthor() and wp_notify_moderator(), ensure that special chars aren't HTML-encoded in the email message body.
Props solarissmoke, leemon.
Fixes #12584.

Built from https://develop.svn.wordpress.org/trunk@35415


git-svn-id: http://core.svn.wordpress.org/trunk@35379 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-28 18:03:24 +00:00
Dion Hulse
53afc72ab7 Update to Random_Compat 1.0.9.
This update includes fixes for Windows support & libSodium support, and removes the `Throwable` Polyfill due to PHP7 incompatibilities. 

Fixes #28633

Built from https://develop.svn.wordpress.org/trunk@35365


git-svn-id: http://core.svn.wordpress.org/trunk@35330 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-23 04:22:26 +00:00
Drew Jaynes
f954194a1c Comments: Introduce two new filters, notify_moderator and notify_post_author, both of which make it possible to selectively override site notification email settings for new comments.
The `notify_moderator` filter makes it possible to override the value for the `moderation_notify` option, which controls whether to send new comment emails to "site moderators", that is to say, the owner of the admin email for the site and the post author if they have the ability to modify the comment.

The `notify_post_author` filter likewise makes it possible to override the value for the `comments_notify` option, which controls whether to send new comment emails to the post author. If the post author is the comment author, default behavior is not to send the notification. Note: enabling or disabling notifications via this hook could also affect other recipients added via the 'comment_notification_recipients' filter in `wp_notify_postauthor()`, if hooked.

Passing a falsey value to either of the new filters will prevent notifications from being sent, regardless of their corresponding option values.

Adds tests.

Props coffee2code, adamsilverstein, DrewAPicture.
Fixes #761.

Built from https://develop.svn.wordpress.org/trunk@35339


git-svn-id: http://core.svn.wordpress.org/trunk@35305 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 18:35:31 +00:00
Drew Jaynes
217b661703 Docs: Add missing descriptions for the $wpdb global in DocBlocks all the places.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@35170


git-svn-id: http://core.svn.wordpress.org/trunk@35136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-14 23:44:25 +00:00
Sergey Biryukov
b40e362711 Fix typo in get_avatar() and get_avatar_data() docs.
Props johnjamesjacoby.
Fixes #34232.
Built from https://develop.svn.wordpress.org/trunk@34988


git-svn-id: http://core.svn.wordpress.org/trunk@34953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-09 15:52:24 +00:00