Commit Graph

581 Commits

Author SHA1 Message Date
Sergey Biryukov
4104f92d7f Privacy: Use more consistent wording for strings related to personal data requests.
This replaces "user privacy" in various error messages with "personal data", for consistency with other existing strings.

Follow-up to [49090].

Props xkon, transl8or.
Fixes #51849.
Built from https://develop.svn.wordpress.org/trunk@49970


git-svn-id: http://core.svn.wordpress.org/trunk@49671 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-17 17:46:06 +00:00
Sergey Biryukov
7ced0efbf4 Docs: Use more consistent descriptions for void|false return values.
See #51800.
Built from https://develop.svn.wordpress.org/trunk@49935


git-svn-id: http://core.svn.wordpress.org/trunk@49634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-05 16:48:07 +00:00
Sergey Biryukov
37662df05e Docs: In various @return tags, list the expected type first, instead of false or WP_Error.
Follow-up to [46696], [47060], [49926], [49927].

See #51800.
Built from https://develop.svn.wordpress.org/trunk@49929


git-svn-id: http://core.svn.wordpress.org/trunk@49628 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-04 17:18:04 +00:00
John Blackbourn
dfe1f9b322 Docs: Promote many bool types to true or false where only that value is used.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49927


git-svn-id: http://core.svn.wordpress.org/trunk@49626 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 22:04:04 +00:00
John Blackbourn
53da9208dd Docs: Various docblock corrections particularly relating to boolean types.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49926


git-svn-id: http://core.svn.wordpress.org/trunk@49625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-03 21:57:09 +00:00
TimothyBlynJacobs
fa88bbfc79 App Passwords: Only attempt auth if the username and password are set.
Previously, only the username was checked which caused a PHP warning in some server setups, for instance Shibboleth SSO, where the server only populates the `PHP_AUTH_USER` field.

Props MadtownLems, johnbillion, richard.tape, engahmeds3ed.
Fixes #52003.

Built from https://develop.svn.wordpress.org/trunk@49919


git-svn-id: http://core.svn.wordpress.org/trunk@49618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-02 21:35:04 +00:00
John Blackbourn
42fcfa5b3d Docs: Various docblock corrections.
See #51800

Built from https://develop.svn.wordpress.org/trunk@49789


git-svn-id: http://core.svn.wordpress.org/trunk@49512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-10 23:53:07 +00:00
TimothyBlynJacobs
aac98aae97 App Passwords: Prevent conflicts when Basic Auth is already used by the site.
Application Passwords uses Basic Authentication to transfer authentication details. If the site is already using Basic Auth, for instance to implement a private staging environment, then the REST API will treat this as an authentication attempt and would end up generating an error for any REST API request.

Now, Application Password authentication will only be attempted if Application Passwords is in use by a site. This is flagged by setting an option whenever an Application Password is created. An upgrade routine is added to set this option if any App Passwords already exist.

Lastly, creating an Application Password will be prevented if the site appears to already be using Basic Authentication.

Props chexwarrior, georgestephanis, adamsilverstein, helen, Clorith, marybaum, TimothyBlynJacobs.
Fixes #51939.


Built from https://develop.svn.wordpress.org/trunk@49752


git-svn-id: http://core.svn.wordpress.org/trunk@49475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 21:44:07 +00:00
John Blackbourn
f4cda1b62f Docs: Upgrade more parameters in docblocks to used typed array notation.
See #51800, #41756

Built from https://develop.svn.wordpress.org/trunk@49693


git-svn-id: http://core.svn.wordpress.org/trunk@49416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-24 21:27:05 +00:00
John Blackbourn
35f6c356c1 Docs: Document parameters that accept an array of integers using typed array notation.
While many of these parameters also technically accept an array of numerical strings, they are all ultimately cast to an array of integers. Documenting them as such assists developers in understanding the expected types.

See #51800, #41756

Built from https://develop.svn.wordpress.org/trunk@49672


git-svn-id: http://core.svn.wordpress.org/trunk@49395 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-19 18:24:09 +00:00
Sergey Biryukov
f7d3a8b5c4 App Passwords: Add missing i18n for an error message.
Follow-up to [49617].

See #51513.
Built from https://develop.svn.wordpress.org/trunk@49627


git-svn-id: http://core.svn.wordpress.org/trunk@49365 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-17 10:21:08 +00:00
TimothyBlynJacobs
d9b35c8e98 App Passwords: Unify availability language.
Previously App Passwords used a mix of "enabled" and "available". We've now standardized on using "available".

Additionally, we now use a 501 status code when indicating that App Passwords is not available.

Props SergeyBiryukov, ocean90, TimothyBlynJacobs.
Fixes #51513.

Built from https://develop.svn.wordpress.org/trunk@49617


git-svn-id: http://core.svn.wordpress.org/trunk@49355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-16 22:42:04 +00:00
Helen Hou-Sandí
340c834fa3 Privacy: More precise checking of user request action names.
Props garrett-eclipse.
Fixes #46536.

Built from https://develop.svn.wordpress.org/trunk@49475


git-svn-id: http://core.svn.wordpress.org/trunk@49234 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-02 18:42:04 +00:00
Sergey Biryukov
1ce2f12eaf Docs: Correct description for wp_pre_insert_user_data filter.
Props audrasjb.
Fixes #51637.
Built from https://develop.svn.wordpress.org/trunk@49314


git-svn-id: http://core.svn.wordpress.org/trunk@49076 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-26 22:53:06 +00:00
John Blackbourn
727922c8eb Docs: Further corrections and promotions for docblocks relating to object types.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49197


git-svn-id: http://core.svn.wordpress.org/trunk@48959 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-18 20:53:08 +00:00
John Blackbourn
c16ae60deb Docs: Fix and upgrade various object docblock notations.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49183


git-svn-id: http://core.svn.wordpress.org/trunk@48945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-17 16:05:09 +00:00
Sergey Biryukov
22c86907c4 Docs: Improve description of the $email parameter in email_exists().
Follow-up to [49148].

Props garrett-eclipse.
See #51379.
Built from https://develop.svn.wordpress.org/trunk@49153


git-svn-id: http://core.svn.wordpress.org/trunk@48915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-15 00:16:08 +00:00
Sergey Biryukov
118b9aea4d Users: Introduce email_exists filter, to complement username_exists.
Props garrett-eclipse, apermo, mukesh27, Mista-Flo, sebastian.pisula, mikelopez.
Fixes #51379. See #35509.
Built from https://develop.svn.wordpress.org/trunk@49148


git-svn-id: http://core.svn.wordpress.org/trunk@48910 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-14 19:04:08 +00:00
Dominik Schilling
4dfe5ecfe1 Users: Enable Application Passwords for local development environments, even if HTTPS is not available.
This will make testing the new feature easier since the local development environment is only accessible via HTTP by default.
Also update docs to link to the relevant filters.

See #42790.
Fixes #51503.
Built from https://develop.svn.wordpress.org/trunk@49139


git-svn-id: http://core.svn.wordpress.org/trunk@48901 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-13 20:10:04 +00:00
TimothyBlynJacobs
d5ebe12f11 REST API: Introduce Application Passwords for API authentication.
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.

This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.

Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.

Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes #42790.

Built from https://develop.svn.wordpress.org/trunk@49109


git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 22:14:06 +00:00
Sergey Biryukov
1651342d2b Privacy: Improve clarity of privacy error strings.
Primarily this adds "user privacy" to the strings for privacy requests, so they are more easily distinguished from other system actions within logs.

Props garrett-eclipse, carike, birgire.
Fixes #51351.
Built from https://develop.svn.wordpress.org/trunk@49090


git-svn-id: http://core.svn.wordpress.org/trunk@48852 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-04 03:23:09 +00:00
Sergey Biryukov
d4a319c453 Users: Check if the user ID passed as selected to wp_dropdown_users() corresponds to an existing user.
This avoids a few PHP notices if the `include_selected` parameter was specified and a non-existing user ID was passed.

Props campusboy1987.
Fixes #51370.
Built from https://develop.svn.wordpress.org/trunk@49036


git-svn-id: http://core.svn.wordpress.org/trunk@48798 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-23 00:27:07 +00:00
John Blackbourn
aef504acfd Docs: Correct the indentation for some array type docs.
See #50768

Built from https://develop.svn.wordpress.org/trunk@49028


git-svn-id: http://core.svn.wordpress.org/trunk@48790 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-09-21 16:46:06 +00:00
Sergey Biryukov
1f85e7484f Docs: Consistently use third-person singular verbs for various filter descriptions, per the documentation standards.
See #50768.
Built from https://develop.svn.wordpress.org/trunk@48782


git-svn-id: http://core.svn.wordpress.org/trunk@48544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-08-11 00:34:08 +00:00
Sergey Biryukov
5f6d6a79e8 Docs: Document that various metadata functions return false for an invalid ID.
Props salcode.
See #40519.
Built from https://develop.svn.wordpress.org/trunk@48658


git-svn-id: http://core.svn.wordpress.org/trunk@48420 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-28 10:15:04 +00:00
John Blackbourn
9bc7d0a776 Docs: Another pass at some inline docs fixes mostly made by PHPCBF.
See #49572, #50744
Built from https://develop.svn.wordpress.org/trunk@48590


git-svn-id: http://core.svn.wordpress.org/trunk@48352 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 21:11:05 +00:00
John Blackbourn
7f898dd9c4 Docs: Use more appropriate variable names in the inline docs for action and filter parameters.
See #49572
Built from https://develop.svn.wordpress.org/trunk@48585


git-svn-id: http://core.svn.wordpress.org/trunk@48347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-23 19:06:03 +00:00
Sergey Biryukov
347e831768 Docs: Improve documentation for the $prev_value parameter and return result of various metadata update functions.
Props stevenlinx.
Fixes #50502. See #49572.
Built from https://develop.svn.wordpress.org/trunk@48214


git-svn-id: http://core.svn.wordpress.org/trunk@47983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-29 21:22:09 +00:00
Sergey Biryukov
40c389c95e Docs: Standardize on "Returning a value from the filter" vs. "Passing a value to the filter".
The filter is the callback function added with `add_filter()`, therefore the hook passes a value to the filter, and the filter returns a value to change its behaviour.

The documentation is referring to the latter.

Props johnbillion.
See #49572, #16557.
Built from https://develop.svn.wordpress.org/trunk@48185


git-svn-id: http://core.svn.wordpress.org/trunk@47954 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-26 18:49:09 +00:00
desrosj
4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
Andrea Fercia
ae447adaf4 I18N: Restore the "Error:" prefix for error messages.
Partially reverts [48059] as there's no full consensus on the removal of the text prefix. Further actions should be taken to improve consistency and accessibility of the admin notices. Keeps some improvements to the translatable strings from [48059].

Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48115


git-svn-id: http://core.svn.wordpress.org/trunk@47884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-21 14:00:09 +00:00
Sergey Biryukov
d586e4330d Docs: Miscellaneous DocBlock corrections for email filters in wp-includes/user.php.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48107


git-svn-id: http://core.svn.wordpress.org/trunk@47876 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 12:22:07 +00:00
John Blackbourn
1a77bb81d8 Docs: Remove unnecessary variables names from @return tags.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48100


git-svn-id: http://core.svn.wordpress.org/trunk@47869 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-19 22:55:12 +00:00
Sergey Biryukov
2c19aee6d5 Login and Registration: Introduce lostpassword_errors filter in retrieve_password() for errors encountered on a password reset request.
This complements the `registration_errors` filter in `register_new_user()`.

Props wpdo5ea, dilipbheda.
Fixes #49521.
Built from https://develop.svn.wordpress.org/trunk@48084


git-svn-id: http://core.svn.wordpress.org/trunk@47851 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-18 20:24:09 +00:00
Sergey Biryukov
de59ad23a4 Docs: Consistently include an empty line between @since tag and @see, @link, or @global, per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48067


git-svn-id: http://core.svn.wordpress.org/trunk@47834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 21:07:14 +00:00
Sergey Biryukov
8fdb0728be Text Changes: Replace "webmaster" with "site admin" in register_new_user().
Follow-up to [48049], accidentally reverted in [48059].

Props kebbet.
See #50394.
Built from https://develop.svn.wordpress.org/trunk@48066


git-svn-id: http://core.svn.wordpress.org/trunk@47833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 20:05:10 +00:00
Andrea Fercia
f83c504b88 I18N: Remove the "Error:" prefix from error messages.
For a number of years, most of the WordPress error messages have been prefixed with "Error:". However, these messages appear in a context where it's already clear an error occurred. Whether it's an error, a warning, or any other classification, that's not so relevant for users. The content of the message is the relevant part. The "Error:" prefix doesn't add great value while it does add unnecessary complexity for the message readability.

Also, revises some of these messages to improve clarity and removes HTML from translatable strings.

Props garrett-eclipse, ramiy, SergeyBiryukov, afercia, sabernhardt, quadthemes, audrasjb. 
See #47003, #43037, #42945, #15887.
Fixes #47656.

Built from https://develop.svn.wordpress.org/trunk@48059


git-svn-id: http://core.svn.wordpress.org/trunk@47826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-16 15:35:13 +00:00
Sergey Biryukov
6aa5788189 Text Changes: Replace "Webmaster" in output messages with more appropriate terms:
* "All at `###SITENAME###`" in `wp-admin/ms-delete-site.php`, for consistency with other Multisite emails.
* "Site admin" in `register_new_user()`, for clarity.

Props Presskopp, marybaum.
Fixes #50394.
Built from https://develop.svn.wordpress.org/trunk@48049


git-svn-id: http://core.svn.wordpress.org/trunk@47816 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-15 19:41:11 +00:00
Sergey Biryukov
7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
whyisjake
f7b4147bea User: Invalidate user_activation_key on password update.
Props: sstoqnov, sergeybiryukov.


Built from https://develop.svn.wordpress.org/trunk@47634


git-svn-id: http://core.svn.wordpress.org/trunk@47409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-29 15:25:07 +00:00
Sergey Biryukov
427405535f Docs: Synchronize parameter documentation for various metadata functions, update per the documentation standards.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47611


git-svn-id: http://core.svn.wordpress.org/trunk@47386 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 10:31:09 +00:00
Sergey Biryukov
9aa0fff80e Docs: Document the default value of $single and $prev_value parameters in various metadata functions.
Props denisco.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@47610


git-svn-id: http://core.svn.wordpress.org/trunk@47385 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-22 09:40:10 +00:00
Sergey Biryukov
38676936ba Coding Standards: Use strict type check for in_array() and array_search() where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
John Blackbourn
24567bf775 Privacy: Fix the URLs and legacy redirects for the personal data export and erasure screens.
Props Jurgen Oldenburg, garrett-eclipse

Fixes #49476
Built from https://develop.svn.wordpress.org/trunk@47412


git-svn-id: http://core.svn.wordpress.org/trunk@47199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-03-03 00:50:06 +00:00
Sergey Biryukov
1e81c20ff5 Docs: In wp_insert_user(), correct @type for rich_editing, syntax_highlighting, comment_shortcuts, and show_admin_bar_front arguments.
Follow-up to [47368].

See #49087.
Built from https://develop.svn.wordpress.org/trunk@47369


git-svn-id: http://core.svn.wordpress.org/trunk@47156 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 18:20:06 +00:00
Sergey Biryukov
2cd5292def Docs: In wp_insert_user(), clarify that rich_editing, syntax_highlighting, comment_shortcuts, and show_admin_bar_front arguments accept true or false as a string literal, not boolean.
Props garrett-eclipse, audrasjb, valentinbora, bilgilabs, SergeyBiryukov.
Fixes #49087.
Built from https://develop.svn.wordpress.org/trunk@47368


git-svn-id: http://core.svn.wordpress.org/trunk@47155 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-25 18:16:07 +00:00
Sergey Biryukov
652966a2a5 Privacy: Introduce filters for the headers of all the privacy-related e-mails:
* `wp_privacy_personal_data_email_headers`
* `user_request_confirmed_email_headers`
* `user_erasure_complete_email_headers`
* `user_request_action_email_headers`

Props xkon, garrett-eclipse, zaffarn, desrosj.
Fixes #44501.
Built from https://develop.svn.wordpress.org/trunk@47279


git-svn-id: http://core.svn.wordpress.org/trunk@47079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 21:43:07 +00:00
Sergey Biryukov
cbaf9bf9d1 Coding Standards: Use a strict in_array() check for reserved names of user data items in wp_user_personal_data_exporter().
Props azaozz.
Fixes #47509.
Built from https://develop.svn.wordpress.org/trunk@47277


git-svn-id: http://core.svn.wordpress.org/trunk@47077 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 20:55:07 +00:00
Sergey Biryukov
5a29f108e0 Privacy: Introduce wp_privacy_additional_user_data filter to make it easier to include additional user meta in a personal data export.
Props pbiron, xkon, garrett-eclipse, azaozz.
Fixes #47509.
Built from https://develop.svn.wordpress.org/trunk@47270


git-svn-id: http://core.svn.wordpress.org/trunk@47070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 18:59:05 +00:00
Sergey Biryukov
3342aafe5e Privacy: Rename wp_get_user_request_data() to wp_get_user_request() for clarity; deprecate the old function.
The function returns an instance of the `WP_User_Request` object itself, not its `$request_data` property.

Follow-up to [44606].

Props garrett-eclipse.
Fixes #46302.
Built from https://develop.svn.wordpress.org/trunk@47245


git-svn-id: http://core.svn.wordpress.org/trunk@47045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 19:57:05 +00:00