Commit Graph

390 Commits

Author SHA1 Message Date
TimothyBlynJacobs
6a8a83ea09 App Passwords: Extract Basic Auth check into a reusable filterable function.
In [49752] a check was added to prevent creating new Application Passwords if Basic Auth credentials were detected to prevent conflicts. This check takes place in WP-Admin, though a conflict would only arise if Basic Auth was used on the website's front-end.

This commit extracts the Basic Auth check into a reusable function, `wp_is_site_protected_by_basic_auth()`, which can be adjusted using a filter of the same name. This way, a site that uses Basic Auth to protect WP-Admin can still use the Application Passwords feature.

In the future, instead of requiring the use of a filter, WordPress could make a loopback request and check for a `WWW-Authenticate` header to make this detection more robust out of the box.

Props SeBsZ, archon810, aaroncampbell, ocean90, SergeyBiryukov, TimothyBlynJacobs.
Fixes #52066.

Built from https://develop.svn.wordpress.org/trunk@50006


git-svn-id: http://core.svn.wordpress.org/trunk@49707 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-24 02:57:59 +00:00
TimothyBlynJacobs
aac98aae97 App Passwords: Prevent conflicts when Basic Auth is already used by the site.
Application Passwords uses Basic Authentication to transfer authentication details. If the site is already using Basic Auth, for instance to implement a private staging environment, then the REST API will treat this as an authentication attempt and would end up generating an error for any REST API request.

Now, Application Password authentication will only be attempted if Application Passwords is in use by a site. This is flagged by setting an option whenever an Application Password is created. An upgrade routine is added to set this option if any App Passwords already exist.

Lastly, creating an Application Password will be prevented if the site appears to already be using Basic Authentication.

Props chexwarrior, georgestephanis, adamsilverstein, helen, Clorith, marybaum, TimothyBlynJacobs.
Fixes #51939.


Built from https://develop.svn.wordpress.org/trunk@49752


git-svn-id: http://core.svn.wordpress.org/trunk@49475 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-04 21:44:07 +00:00
TimothyBlynJacobs
5ee48d6915 App Passwords: MOAR accessibility improvements.
Corrects the "Application Name" field's aria-describedby attribute and makes the description visible.

Props alexstine, SergeyBiryukov.
Fixes #51580.

Built from https://develop.svn.wordpress.org/trunk@49573


git-svn-id: http://core.svn.wordpress.org/trunk@49311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-12 18:14:08 +00:00
Sergey Biryukov
3a1265e188 I18N: Add trailing punctuation to some translator comments.
Follow-up to [49549].

See #51580.
Built from https://develop.svn.wordpress.org/trunk@49562


git-svn-id: http://core.svn.wordpress.org/trunk@49300 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-11 10:41:07 +00:00
TimothyBlynJacobs
74969e7fbe App Passwords: Further accessibility improvements.
- Add a label to the readonly password input.
- Handle focus loss after revoking app passwords.
- Handle focus loss after dismissing notices.
- Mark app name as `aria-required`.
- Use `aria-label` for detailed revoke button text instead of `title`.
- Use `-1` for `tabindex` instead of `0`.

Props alexstine, afercia, sabernhardt, audrasjb, joedolson, TimothyBlynJacobs.
Fixes #51580.

Built from https://develop.svn.wordpress.org/trunk@49549


git-svn-id: http://core.svn.wordpress.org/trunk@49287 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-09 18:05:08 +00:00
Sergey Biryukov
a2d42351c5 Text Changes: Unify various "Back to..." vs. "Return to..." vs. "Go to..." strings.
Standardize on "Go to..." as a more appropriate option for most cases.

Props garrett-eclipse, kharisblank, audrasjb, ramiy, valentinbora.
Fixes #47235.
Built from https://develop.svn.wordpress.org/trunk@49539


git-svn-id: http://core.svn.wordpress.org/trunk@49277 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-11-09 10:53:10 +00:00
Adam Silverstein
25918dd10b Users: Password generation - restore "Cancel" aria label after r49248.
Restore the "Cancel" button aria label to "Cancel password change" after it was inadvertently changed in r49248.

Props SergeyBiryukov.
Fixes #42852.


Built from https://develop.svn.wordpress.org/trunk@49392


git-svn-id: http://core.svn.wordpress.org/trunk@49151 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 18:43:06 +00:00
TimothyBlynJacobs
f6d39d1c51 App Passwords: Improve accessibility.
- Make form inputs stacked instead of inline.
- Provide a visible label for the app name.
- Add screen reader text to dismiss button.
- Make "Revoke" button label more descriptive.
- Use aria-disabled instead of disabled to avoid focus loss.
- Display password in a readonly input to assist copy and paste.
- Remove large sections of italic text.
- Use `.form-wrap` and `.form-field` to give consistent form styling.
- Improve labeling and placeholder text.

Props alexstine, georgestephanis, afercia, TimothyBlynJacobs.
Fixes #51580.

Built from https://develop.svn.wordpress.org/trunk@49294


git-svn-id: http://core.svn.wordpress.org/trunk@49056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-24 03:34:06 +00:00
Sergey Biryukov
298cd04a63 Coding Standards: Update some alignment in wp-admin/authorize-application.php for consistency.
Save blogs count to a variable for reusing.

Follow-up to [49270].

See #51489.
Built from https://develop.svn.wordpress.org/trunk@49282


git-svn-id: http://core.svn.wordpress.org/trunk@49042 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-23 01:19:06 +00:00
TimothyBlynJacobs
85c49351af App Passwords: Explain that apps can access to all sites in a network.
Props georgestephanis, spacedmonkey, johnjamesjacoby, SergeyBiryukov, marybaum.
Fixes #51489.

Built from https://develop.svn.wordpress.org/trunk@49270


git-svn-id: http://core.svn.wordpress.org/trunk@49032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-22 02:36:11 +00:00
Adam Silverstein
b789b4ae11 Coding Standards: Fix WPCS issues in [49248].
See #42852.

Built from https://develop.svn.wordpress.org/trunk@49251


git-svn-id: http://core.svn.wordpress.org/trunk@49013 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 19:07:10 +00:00
Adam Silverstein
daa977c495 Users: improve password generation feature.
On the user edit screen improve handling and clarify language: rename the "Generate Password" and "Show password" buttons to "Set New Password". Clicking it always generates a password. Also: improve inline code comments and descriptions.

Props afercia, bookdude13, michaelarestad, pento.
Fixes #42852.


Built from https://develop.svn.wordpress.org/trunk@49248


git-svn-id: http://core.svn.wordpress.org/trunk@49010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 18:27:13 +00:00
TimothyBlynJacobs
d5ebe12f11 REST API: Introduce Application Passwords for API authentication.
In WordPress 4.4 the REST API was first introduced. A few releases later in WordPress 4.7, the Content API endpoints were added, paving the way for Gutenberg and countless in-site experiences. In the intervening years, numerous plugins have built on top of the REST API. Many developers shared a common frustration, the lack of external authentication to the REST API.

This commit introduces Application Passwords to allow users to connect to external applications to their WordPress website. Users can generate individual passwords for each application, allowing for easy revocation and activity monitoring. An authorization flow is introduced to make the connection flow simple for users and application developers.

Application Passwords uses Basic Authentication, and by default is only available over an SSL connection.

Props georgestephanis, kasparsd, timothyblynjacobs, afercia, akkspro, andraganescu, arippberger, aristath, austyfrosty, ayesh, batmoo, bradyvercher, brianhenryie, helen, ipstenu, jeffmatson, jeffpaul, joostdevalk, joshlevinson, kadamwhite, kjbenk, koke, michael-arestad, Otto42, pekz0r, salzano, spacedmonkey, valendesigns.
Fixes #42790.

Built from https://develop.svn.wordpress.org/trunk@49109


git-svn-id: http://core.svn.wordpress.org/trunk@48871 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-08 22:14:06 +00:00
Sergey Biryukov
7932193708 Coding Standards: Use strict comparison where static strings are involved.
This reduces the number of `WordPress.PHP.StrictComparisons.LooseComparison` issues in half, from 1897 to 890.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47808


git-svn-id: http://core.svn.wordpress.org/trunk@47584 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-16 18:42:12 +00:00
Sergey Biryukov
71dea21c5f Users: Change "Your Profile" and "My Profile" links in admin menu and toolbar to just "Profile" for consistency.
Props donmhico, bcworkz, seanchayes, mikeschroder, garrett-eclipse, akhileshsabharwal, ScottSmith, nacin, jenmylo, afercia, swissspidy, felix-edelmann, helen, melchoyce, karmatosed.
Fixes #26769.
Built from https://develop.svn.wordpress.org/trunk@47600


git-svn-id: http://core.svn.wordpress.org/trunk@47375 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-20 08:39:06 +00:00
Sergey Biryukov
38676936ba Coding Standards: Use strict type check for in_array() and array_search() where strings are involved.
This reduces the number of `WordPress.PHP.StrictInArray.MissingTrueStrict` issues from 486 to 50.

Includes minor code layout fixes for better readability.

See #49542.
Built from https://develop.svn.wordpress.org/trunk@47550


git-svn-id: http://core.svn.wordpress.org/trunk@47325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-04-05 03:02:11 +00:00
Sergey Biryukov
47ed56f38f Code Modernization: Replace dirname( __FILE__ ) calls with __DIR__ magic constant.
This avoids the performance overhead of the function call every time `dirname( __FILE__ )` was used instead of `__DIR__`.

This commit also includes:

* Removing unnecessary parentheses from `include`/`require` statements. These are language constructs, not function calls.
* Replacing `include` statements for several files with `require_once`, for consistency:
 * `wp-admin/admin-header.php`
 * `wp-admin/admin-footer.php`
 * `wp-includes/version.php`

Props ayeshrajans, desrosj, valentinbora, jrf, joostdevalk, netweb.
Fixes #48082.
Built from https://develop.svn.wordpress.org/trunk@47198


git-svn-id: http://core.svn.wordpress.org/trunk@46998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-06 06:33:11 +00:00
Sergey Biryukov
4f67024da6 Administration: Add punctuation to "If you change this, we will send you an email" message on General Settings, Network Settings, and Profile screens.
Props kinjaldalwadi, donmhico.
Fixes #49235.
Built from https://develop.svn.wordpress.org/trunk@47143


git-svn-id: http://core.svn.wordpress.org/trunk@46943 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-31 00:28:04 +00:00
Sergey Biryukov
001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov
63fefb540a Users: Use correct variable when displaying the Additional Capabilities list in user profile.
Addresses a regression in [45926].

Props wpgurudev, aravindajith, anantajitjg, davidbaumwald.
Fixes #48725.
Built from https://develop.svn.wordpress.org/trunk@46782


git-svn-id: http://core.svn.wordpress.org/trunk@46582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-25 14:01:03 +00:00
Sergey Biryukov
e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov
16b8d91baa I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 17:13:59 +00:00
Sergey Biryukov
98642b4821 Users: Use case-insensitive email address comparison when checking whether "Grant this user super admin privileges" checkbox should be displayed on Edit User screen.
Props trepmal.
Fixes #47119.
Built from https://develop.svn.wordpress.org/trunk@45698


git-svn-id: http://core.svn.wordpress.org/trunk@45509 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-28 17:42:55 +00:00
Sergey Biryukov
8e85299a00 General: First pass at replacing Codex URLs with a corresponding HelpHub or DevHub article.
Props ianbelanger, tobifjellner, SergeyBiryukov.
See #47771.
Built from https://develop.svn.wordpress.org/trunk@45674


git-svn-id: http://core.svn.wordpress.org/trunk@45485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-25 22:45:57 +00:00
Gary Pendergast
cf3fa9f7c8 Coding Standards: Fix the Squiz.PHP.DisallowMultipleAssignments violations in wp-admin.
See #47632.


Built from https://develop.svn.wordpress.org/trunk@45583


git-svn-id: http://core.svn.wordpress.org/trunk@45394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-01 12:52:01 +00:00
Andrea Fercia
48d9d94881 Accessibility: Improve settings tables and forms after [45403].
- adds `role="presentation"` to the edit comment table 
- removes a few pointless `<fieldset>` elements
- adds a few missing `<label>` elements
- adds the CSS class `class="td-full"` to table rows spanning to multiple cells
- adds explicit `scope="row"` attribute to the table headers in `options-permalink.php`: this table is better communicated as data table 
- uses consistent label association in the "Privacy Settings" page
- in the installation page "Set up your database connection": associates descriptions to their inout fields using `aria-describedby`
- improves the link to gravatar.com in the `user-edit.php` page

See #46899.
Fixes #47390.

Built from https://develop.svn.wordpress.org/trunk@45416


git-svn-id: http://core.svn.wordpress.org/trunk@45227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-25 15:19:53 +00:00
Sergey Biryukov
b77cf42c0b Accessibility: Make sure layout tables across the admin are correctly linearized.
Adds `role="presentation"` to the `<table>` elements used for layout purposes.

Ideally, HTML tables should be used for tabular data. When tables are used for layout purposes, it's important to remove any native semantics so that assistive technologies can correctly announce the table content in a linearized fashion.

Props greatislander, afercia.
Fixes #46899.
Built from https://develop.svn.wordpress.org/trunk@45403


git-svn-id: http://core.svn.wordpress.org/trunk@45214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-24 21:56:54 +00:00
John Blackbourn
01917b9f74 I18N: Add a language icon next to language selectors.
This change means that users who can't read the site's current language can more easily identify controls that allow them to change either the site language or their own admin area language.

Props janak007, atlasmahesh, afercia, birgire, JoshuaWold

Fixes #43144

Built from https://develop.svn.wordpress.org/trunk@45402


git-svn-id: http://core.svn.wordpress.org/trunk@45213 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-24 20:43:52 +00:00
Gary Pendergast
4487551344 Help: Update support forum links.
There are a lot of places in Core that link to https://wordpress.org/support/ for the support forums, but that's now the URL for HelpHub. The new forums link is https://wordpress.org/support/forums/.

Props jitendrabanjara1991, dilipbheda, mukesh27, ianbelanger.
Fixes #46790.


Built from https://develop.svn.wordpress.org/trunk@45140


git-svn-id: http://core.svn.wordpress.org/trunk@44949 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-04-08 22:59:56 +00:00
Andrea Fercia
ca53eac85e Accessibility: Improve the password form buttons accessibility.
- makes the "Cancel" button always visible: this allows to generate a new password also on small screens
- moves focus back to the Generate Password button when closing the form
- changes the password reset show/hide button from a clickable `<span>` element to a real `<button>` element
- improves the CSS

Props janak007, afercia.
Fixes #42853.

Built from https://develop.svn.wordpress.org/trunk@44895


git-svn-id: http://core.svn.wordpress.org/trunk@44726 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-13 23:37:57 +00:00
Andrea Fercia
34b3b388fd Accessibility: Remove unnecessary fieldset and legend elements from the User Profile page.
Also fixes a CSS margin issue in the mobile view.

Props punit5658.
Fixes #46093.

Built from https://develop.svn.wordpress.org/trunk@44756


git-svn-id: http://core.svn.wordpress.org/trunk@44588 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-02-20 19:03:51 +00:00
Gary Pendergast
7a617078fa Coding Standards: Upgrade WPCS to 1.2.1.
This upgrade fixes quite a few false positives, as well as auto-fixing some indenting issues.

Fixes #45956.


Built from https://develop.svn.wordpress.org/trunk@44574


git-svn-id: http://core.svn.wordpress.org/trunk@44405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-12 06:41:52 +00:00
Gary Pendergast
6d5cd6842a Coding Standards: Document intentional case block fall-throughs.
Fixes `PSR2.ControlStructures.SwitchDeclaration.TerminatingComment` violations.

See #45934.


Built from https://develop.svn.wordpress.org/trunk@44565


git-svn-id: http://core.svn.wordpress.org/trunk@44396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-11 06:26:50 +00:00
Gary Pendergast
56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Dominik Schilling
80c9ed8bfa Users: Don't show roles dropdown on user-edit.php if current user cannot promote user.
Fixes #43580.
Built from https://develop.svn.wordpress.org/trunk@42856


git-svn-id: http://core.svn.wordpress.org/trunk@42686 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-19 20:56:32 +00:00
Sergey Biryukov
4848a09b35 I18N: Use the actual placeholder instead of a number in translator comments if the corresponding string does not use numbered placeholders.
Add missing translator comments in `WP_Theme_Install_List_Table` and `wp_notify_postauthor()`.
Add missing commas in some translator comments.

Fixes #43523.
Built from https://develop.svn.wordpress.org/trunk@42827


git-svn-id: http://core.svn.wordpress.org/trunk@42657 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-03-11 16:44:34 +00:00
Sergey Biryukov
e97d2c0407 Users: After [41163], add a notice for Email field on Profile screen that the new address will not become active until confirmed.
Props dilipbheda.
Fixes #43106. See #16470.
Built from https://develop.svn.wordpress.org/trunk@42688


git-svn-id: http://core.svn.wordpress.org/trunk@42516 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-11 12:23:31 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Gary Pendergast
a779284c00 General: Reformat inline if () statements inside HTML tags.
This pattern occurs a handful of times across the codebase:

`<div class="foo<?php if ( $bar ) { echo ' baz'; } ?>">`

Unfortunately, it doesn't really play nicely with `phpcbf`, so all instances need to be removed in preperation for auto code formatting.

See #41057.


Built from https://develop.svn.wordpress.org/trunk@42217


git-svn-id: http://core.svn.wordpress.org/trunk@42046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-23 04:09:49 +00:00
Dominik Schilling
f2589e222e Taxonomy/Users: Use correct escaping function for URLs.
Built from https://develop.svn.wordpress.org/trunk@41522


git-svn-id: http://core.svn.wordpress.org/trunk@41355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 21:14:47 +00:00
Dominik Schilling
9041e7a071 Taxonomy/Users: Provide a fallback for incorrect HTTP referrers.
Built from https://develop.svn.wordpress.org/trunk@41398


git-svn-id: http://core.svn.wordpress.org/trunk@41231 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-19 09:13:44 +00:00
Weston Ruter
90bedf8f9d Editor: Add CodeMirror-powered code editor with syntax highlighting, linting, and auto-completion.
* Code editor is integrated into the Theme/Plugin Editor, Additional CSS in Customizer, and Custom HTML widget. Code editor is not yet integrated into the post editor, and it may not be until accessibility concerns are addressed.
* The CodeMirror component in the Custom HTML widget is integrated in a similar way to TinyMCE being integrated into the Text widget, adopting the same approach for integrating dynamic JavaScript-initialized fields.
* Linting is performed for JS, CSS, HTML, and JSON via JSHint, CSSLint, HTMLHint, and JSONLint respectively. Linting is not yet supported for PHP.
* When user lacks `unfiltered_html` the capability, the Custom HTML widget will report any Kses-invalid elements and attributes as errors via a custom Kses rule for HTMLHint.
* When linting errors are detected, the user will be prevented from saving the code until the errors are fixed, reducing instances of broken websites.
* The placeholder value is removed from Custom CSS in favor of a fleshed-out section description which now auto-expands when the CSS field is empty. See #39892.
* The CodeMirror library is included as `wp.CodeMirror` to prevent conflicts with any existing `CodeMirror` global.
* An `wp.codeEditor.initialize()` API in JS is provided to convert a `textarea` into CodeMirror, with a `wp_enqueue_code_editor()` function in PHP to manage enqueueing the assets and settings needed to edit a given type of code.
* A user preference is added to manage whether or not "syntax highlighting" is enabled. The feature is opt-out, being enabled by default.
* Allowed file extensions in the theme and plugin editors have been updated to include formats which CodeMirror has modes for: `conf`, `css`, `diff`, `patch`, `html`, `htm`, `http`, `js`, `json`, `jsx`, `less`, `md`, `php`, `phtml`, `php3`, `php4`, `php5`, `php7`, `phps`, `scss`, `sass`, `sh`, `bash`, `sql`, `svg`, `xml`, `yml`, `yaml`, `txt`.

Props westonruter, georgestephanis, obenland, melchoyce, pixolin, mizejewski, michelleweber, afercia, grahamarmfield, samikeijonen, rianrietveld, iseulde.
See #38707.
Fixes #12423, #39892.

Built from https://develop.svn.wordpress.org/trunk@41376


git-svn-id: http://core.svn.wordpress.org/trunk@41209 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-09-13 06:08:47 +00:00
John Blackbourn
62fe4be994 Users: Require a confirmation link in an email to be clicked when a user attempts to change their email address.
This adds this previously Multisite-only functionality to single site installations too. This change prevents accidental or erroneous email address changes from potentially locking users out of their account.

Props rodrigosprimo, tharsheblows, johnbillion

Fixes #16470

Built from https://develop.svn.wordpress.org/trunk@41163


git-svn-id: http://core.svn.wordpress.org/trunk@41003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 02:10:42 +00:00
Sergey Biryukov
9ba7ab1cfc Users: Display the name of user being edited on Edit User screen.
Props seanchayes.
Fixes #28182.
Built from https://develop.svn.wordpress.org/trunk@39907


git-svn-id: http://core.svn.wordpress.org/trunk@39844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-15 07:14:39 +00:00
Andrea Fercia
57c2604200 Accessibility: Remove inappropriate content from the Edit User screen heading.
See #26601.

Built from https://develop.svn.wordpress.org/trunk@39538


git-svn-id: http://core.svn.wordpress.org/trunk@39478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 22:08:43 +00:00
John Blackbourn
16371b99d8 Users: Style the super admin message on the user editing screen as a notice, not a success message.
Fixes #39131

Built from https://develop.svn.wordpress.org/trunk@39531


git-svn-id: http://core.svn.wordpress.org/trunk@39471 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-07 01:28:40 +00:00
Dominik Schilling
2328e7b17a I18N: In wp_dropdown_languages() rename the new show_site_locale_default argument to show_option_site_default.
This makes it consistent with arguments of other `wp_dropdown_*()` functions.

Props SergeyBiryukov.
See #38632.
Fixes #38871.
Built from https://develop.svn.wordpress.org/trunk@39331


git-svn-id: http://core.svn.wordpress.org/trunk@39271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-21 16:14:30 +00:00
Pascal Birchler
548ac82b06 I18N: Add ability to change user's locale back to site's locale.
Previously there was no way to remove the user locale setting again, even though that might be desirable.

This adds a new 'Site Default' option to the user-specific language setting by introducing a new `show_site_locale_default` argument to `wp_dropdown_languages()`.

Props ocean90.
See #29783.
Fixes #38632.
Built from https://develop.svn.wordpress.org/trunk@39169


git-svn-id: http://core.svn.wordpress.org/trunk@39109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 23:01:31 +00:00
Dominik Schilling
ba9b3cf6a6 I18N: Don't use get_user_option() for retrieving user's language.
`get_user_option()` checks for both option types, site and network. Since `locale` is only a network option we can directly access the field via `WP_User`s magic getter.

Props johnjamesjacoby.
Fixes #38578.
Built from https://develop.svn.wordpress.org/trunk@39040


git-svn-id: http://core.svn.wordpress.org/trunk@38982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 22:26:31 +00:00
Dominik Schilling
cf571b12c1 I18N: Use correct value for the for attribute of the user language setting label.
Props johnjamesjacoby.
Fixes #38576.
Built from https://develop.svn.wordpress.org/trunk@39039


git-svn-id: http://core.svn.wordpress.org/trunk@38981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 21:58:38 +00:00
Pascal Birchler
badf0925a8 I18N: Improve "Site Language" label for per-user language selection.
Renames the label to "Language" and adds an explanation of the feature to the help tab.

Props johnbillion, jorbin.
Fixes #38344.
Built from https://develop.svn.wordpress.org/trunk@38856


git-svn-id: http://core.svn.wordpress.org/trunk@38799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-21 10:41:51 +00:00
Andrea Fercia
2eda436430 Accessibility: Remove target=_blank from the Users and Widgets screens help tabs links.
Stop taking control of users' browsers.

Props rianrietveld.
Fixes #38217. See #23432.

Built from https://develop.svn.wordpress.org/trunk@38723


git-svn-id: http://core.svn.wordpress.org/trunk@38666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-04 07:10:31 +00:00
Pascal Birchler
4a88d55054 I18N: Introduce a user-specific language setting.
By enabling the user to select their preferred locale when editing the profile, we allow for greater personalization of the WordPress admin and therefore a better user experience.

The back end will be displayed in the user's individual locale while the locale used on the front end equals the one set for the whole site. If the user didn't specify a locale, the site's locale will be used as a fallback. The new `locale` property of the `WP_User` class can be used to retrieve the user's locale setting.

Props ocean90, ipm-frommen, swissspidy.
Fixes #29783.
Built from https://develop.svn.wordpress.org/trunk@38705


git-svn-id: http://core.svn.wordpress.org/trunk@38648 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-03 07:04:29 +00:00
Andrea Fercia
eeefec932f Administration: Improve the usage of the button CSS classes.
Introduces some consistency in the usage of the button CSS classes, fixes the
focus style for accessibility and responsiveness of the buttons.

- Adds the `button` class to all primary buttons make them responsive
- Removes all `secondary-button` classes and replaces it with button when needed. `button-secondary` shouldn't be used and exists just for backward compatibility reasons
- Replaces classes inside `submit_button()` with a shorthand for some buttons, and use an empty string for the default `button` class. Passing `button` is unnecessary
- Adjusts `get_submit_button()` to remove empty items

Props iseulde, dimchik, chris_d2d, mhowell, afercia.
Fixes #27314, #37138, #37448.

Built from https://develop.svn.wordpress.org/trunk@38672


git-svn-id: http://core.svn.wordpress.org/trunk@38615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-28 19:54:28 +00:00
Sergey Biryukov
a2582f50cc Users: Pass $profileuser parameter to user_profile_picture_description filter on "Edit User" screen.
Props turtlepod, deremohan.
Fixes #37379.
Built from https://develop.svn.wordpress.org/trunk@38481


git-svn-id: http://core.svn.wordpress.org/trunk@38422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-31 21:13:32 +00:00
Peter Wilson
26c07ed8d9 Users: Check zxcvbn is defined before calling.
Prevents JavaScript errors by checking zxcvbn is defined before calling.

Changes `wp.passwordStrength.meter()` to return `-1` if the strength of the password is unknown.

On the user profile screen, `generatePassword()` checks if the user has entered the password before setting the value of the password input box.

Props peterwilsoncc, adamsilverstein.
Fixes #34905.

Built from https://develop.svn.wordpress.org/trunk@37940


git-svn-id: http://core.svn.wordpress.org/trunk@37881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-01 12:45:29 +00:00
Dominik Schilling
25e66e4f1e Text Changes: Unify permission error messages.
The new format looks like "Sorry, you are not allowed to <action>.". This provides a consistent experience for all error messages related to missing permissions. It also reduces the number of similar strings and allows translators to provide a consistent style in their language.

Props ramiy, Presskopp.
Fixes #34521.
Built from https://develop.svn.wordpress.org/trunk@37914


git-svn-id: http://core.svn.wordpress.org/trunk@37855 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-29 15:16:29 +00:00
Drew Jaynes
c3055cc190 Docs: Standardize hook docs in wp-admin/* to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37488


git-svn-id: http://core.svn.wordpress.org/trunk@37456 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:01:30 +00:00
Dominik Schilling
6a3acea8b5 Multisite: Validate new email address confirmations.
Built from https://develop.svn.wordpress.org/trunk@37103


git-svn-id: http://core.svn.wordpress.org/trunk@37070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-30 14:44:26 +00:00
Jeremy Felt
b4ab399def Multisite: Provide an "Edit user" link after adding a new user
Props codex-m, jeremyfelt.
Fixes #35705.

Built from https://develop.svn.wordpress.org/trunk@36695


git-svn-id: http://core.svn.wordpress.org/trunk@36662 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 21:43:25 +00:00
Dominik Schilling
86690daf0b Multisite: Switch to a usermeta key for email confirmation.
To prevent inconsistent data across sites in a network the new email address is now stored in usermeta. Adds visual feedback for the case when an update has failed.
All existing options will be removed on a database upgrade.

Props MikeHansenMe, kovshenin, jeremyfelt, ocean90.
Fixes #23358.
Built from https://develop.svn.wordpress.org/trunk@36679


git-svn-id: http://core.svn.wordpress.org/trunk@36646 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 15:34:28 +00:00
Sergey Biryukov
a7008072db I18N: Remove <a> tag from translatable string in wp-admin/user-edit.php.
Add translator comment.

Props ramiy.
Fixes #35672.
Built from https://develop.svn.wordpress.org/trunk@36655


git-svn-id: http://core.svn.wordpress.org/trunk@36622 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 23:27:25 +00:00
Sergey Biryukov
d206e633c2 Users: Only show the profile picture if 'Show Avatars' option in Discussion Settings is enabled.
Props ocean90.
See #32286.
Built from https://develop.svn.wordpress.org/trunk@35613


git-svn-id: http://core.svn.wordpress.org/trunk@35577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 19:41:25 +00:00
Sergey Biryukov
694ff83cc6 Users: Add user's Gravatar to 'About the user' section on user profile page.
Add `user_profile_picture_description` filter for the description text displayed under the Gravatar.

Props carolinegeven, obrienlabs, SergeyBiryukov.
Fixes #32286.
Built from https://develop.svn.wordpress.org/trunk@35610


git-svn-id: http://core.svn.wordpress.org/trunk@35574 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 19:28:28 +00:00
Jeremy Felt
9926983b66 Revert [34778], continue using _site_option() for the current network.
The `_network_option()` parameter order will be changing to accept `$network_id` first. The `_site_option()` functions will remain in use throughout core as our way of retrieving a network option for the current network.

See #28290.

Built from https://develop.svn.wordpress.org/trunk@34912


git-svn-id: http://core.svn.wordpress.org/trunk@34877 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-07 17:11:25 +00:00
Jeremy Felt
54512d64cb MS: Use *_network_option() functions throughout core.
Replaces all uses of `*_site_option()` with the corresponding "network" function.

This excludes one usage in `wp-admin/admin-footer.php` that needs more investigation.

Props spacedmonkey.
See #28290.

Built from https://develop.svn.wordpress.org/trunk@34778


git-svn-id: http://core.svn.wordpress.org/trunk@34743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-02 19:08:26 +00:00
Drew Jaynes
1a91ac752a Docs: Fix a minor typo from [34592]. Meant to be past-tense, not present.
See #32246.

Built from https://develop.svn.wordpress.org/trunk@34593


git-svn-id: http://core.svn.wordpress.org/trunk@34557 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-26 13:14:25 +00:00
Drew Jaynes
231b6f4d5b Docs: Add missing parameter documentation for $profileuser in the hook doc for show_password_fields, added in [11302].
Also adds a changelog entry for when the parameter was introduced.

See #32246.

Built from https://develop.svn.wordpress.org/trunk@34592


git-svn-id: http://core.svn.wordpress.org/trunk@34556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-26 13:11:49 +00:00
Drew Jaynes
efad273513 Docs: Relocate the hook doc for the show_password_fields filter to its duplicate, since the original was removed in [34582].
Adds a changelog entry noting the adjustment in behavior, and simplifies the conditional logic.

Fixes #15115.

Built from https://develop.svn.wordpress.org/trunk@34590


git-svn-id: http://core.svn.wordpress.org/trunk@34554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-26 13:05:26 +00:00
Scott Taylor
a40e30e7f4 Move 2 ad hoc user admin functions:
* Move `use_ssl_preference()` from `wp-admin/user-edit.php` to `wp-admin/includes/user.php`.
* Move `admin_created_user_email()` from `wp-admin/user-new.php` to `wp-admin/includes/user.php`.

See #33813.

Built from https://develop.svn.wordpress.org/trunk@34021


git-svn-id: http://core.svn.wordpress.org/trunk@33990 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-10 21:33:33 +00:00
Andrea Fercia
47ceb6bb5c Accessibility: bump H3 headings to H2 on User Edit and Your Profile screens.
Ongoing effort to restore a good headings hierarchy in the admin screens after the reintroduction of the missing main `<h1>` in [32974].

Fix a typo in the DocBlock for the `additional_capabilities_display` filter.

Props metodiew.
Fixes #33606. See #31650.
Built from https://develop.svn.wordpress.org/trunk@33909


git-svn-id: http://core.svn.wordpress.org/trunk@33878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-05 18:30:24 +00:00
Helen Hou-Sandí
1f500055a6 Drop the hyphen from e-mail and standardize on email.
The AP Stylebook changed this in 2011, and we're woefully inconsistent, so let's go with the standard.

props morganestes, voldemortensen, niallkennedy (for patching on the previous AP style).
fixes #26156.

Built from https://develop.svn.wordpress.org/trunk@33774


git-svn-id: http://core.svn.wordpress.org/trunk@33742 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-08-28 03:17:21 +00:00
Scott Taylor
d92795db13 Passwords UI: clean up the new JS in wp-admin/js/user-profile.js.
Instead of wrapping `#pass1` in a `<span>` dynamically, add the `<span>` to the HTML in PHP. It currently has no styling.

Fixes #33145.

Built from https://develop.svn.wordpress.org/trunk@33450


git-svn-id: http://core.svn.wordpress.org/trunk@33417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-27 21:25:25 +00:00
Mark Jaquith
5abcb6938c Toggle between dashicons-hidden and dashicons-visibility in the password hide/show button.
fixes #33135
Built from https://develop.svn.wordpress.org/trunk@33438


git-svn-id: http://core.svn.wordpress.org/trunk@33405 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-27 03:13:24 +00:00
Sergey Biryukov
a1fef4c4ef Update help text after [33368].
fixes #33082.
Built from https://develop.svn.wordpress.org/trunk@33420


git-svn-id: http://core.svn.wordpress.org/trunk@33388 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-26 01:52:25 +00:00
Sergey Biryukov
bd0f6a2132 Remove unused pw-weak ID attributes.
see #33077.
Built from https://develop.svn.wordpress.org/trunk@33419


git-svn-id: http://core.svn.wordpress.org/trunk@33387 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-26 00:58:24 +00:00
Mark Jaquith
7aa41d1e37 Improve the "sessions" section strings.
fixes #33082
props johnjamesjacoby
Built from https://develop.svn.wordpress.org/trunk@33368


git-svn-id: http://core.svn.wordpress.org/trunk@33340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 20:50:25 +00:00
Mark Jaquith
8ce90dada0 Move password and session items into "Account Management" profile section.
fixes #33080
props johnjamesjacoby
Built from https://develop.svn.wordpress.org/trunk@33367


git-svn-id: http://core.svn.wordpress.org/trunk@33339 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 20:45:27 +00:00
Mark Jaquith
1ef40251b9 Introduce a Cancel button and onUnload warning for password changes.
fixes #33079
props johnjamesjacoby
Built from https://develop.svn.wordpress.org/trunk@33364


git-svn-id: http://core.svn.wordpress.org/trunk@33336 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 18:36:24 +00:00
Mark Jaquith
f08f12f7cc Fix up and normalize pw_weak/pw-weak IDs and labels.
props johnjamesjacoby
fixes #33077
Built from https://develop.svn.wordpress.org/trunk@33363


git-svn-id: http://core.svn.wordpress.org/trunk@33335 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 17:24:24 +00:00
Konstantin Obenland
45bfab3aa8 Passwords: Add password strength meter feedback for screen readers.
Also gives context to the show/hide button.

Props rianrietveld, afercia.
Fixes #33032.


Built from https://develop.svn.wordpress.org/trunk@33353


git-svn-id: http://core.svn.wordpress.org/trunk@33325 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-22 00:15:25 +00:00
Konstantin Obenland
e4305c7b28 Passwords: Make show/hide toggle translatable.
See #32589.

Built from https://develop.svn.wordpress.org/trunk@33249


git-svn-id: http://core.svn.wordpress.org/trunk@33221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:35:24 +00:00
Konstantin Obenland
7e3f0cf45e Passwords: New UI for install screen.
Also synchronises the use of `pw_weak` as an input name and removes trailing
periods from checkbox labels.

Props MikeHansenMe, adamsilverstein, obenland.
See #32589.


Built from https://develop.svn.wordpress.org/trunk@33246


git-svn-id: http://core.svn.wordpress.org/trunk@33218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-13 22:22:24 +00:00
Dominik Schilling
73d57e6c86 Add/Edit User: Move weak password label to the checkbox.
props paulwilde.
fixes #32908.
Built from https://develop.svn.wordpress.org/trunk@33137


git-svn-id: http://core.svn.wordpress.org/trunk@33108 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-08 21:28:25 +00:00
Konstantin Obenland
bd974d7bf2 Use a less element-specific class name for links within page titles.
After [32974] these links are no longer within an `h2`, making the class name
inaccurate. `add-new-h1` has the potential to expose the same problem for in a
possible future change.

Fixes #31650.


Built from https://develop.svn.wordpress.org/trunk@33067


git-svn-id: http://core.svn.wordpress.org/trunk@33038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-03 16:42:24 +00:00
Mark Jaquith
423a1a7ca4 New password change/set UI.
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords

see #32589

props MikeHansenMe, adamsilverstein, binarykitten
Built from https://develop.svn.wordpress.org/trunk@33023


git-svn-id: http://core.svn.wordpress.org/trunk@32994 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-01 14:48:24 +00:00
Konstantin Obenland
7dc1d06e64 Proper heading for admin screens.
First step towards restoring a good heading structure in wp-admin.
The previous `<h1>` contained the site title and a link to the front page and was removed with the toolbar refactoring in 3.2.

Props joedolson, afercia.
Fixes #31650.


Built from https://develop.svn.wordpress.org/trunk@32974


git-svn-id: http://core.svn.wordpress.org/trunk@32945 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-27 15:41:25 +00:00
Scott Taylor
5e14470894 Avoid using <code> in a translation string.
Props ramiy.
Fixes #31848.

Built from https://develop.svn.wordpress.org/trunk@32799


git-svn-id: http://core.svn.wordpress.org/trunk@32770 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-06-16 19:53:27 +00:00
Mark Jaquith
0a70901c50 Insert temporary password field hook for feature development in a plugin.
Built from https://develop.svn.wordpress.org/trunk@32625


git-svn-id: http://core.svn.wordpress.org/trunk@32595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-05-27 19:59:25 +00:00
Dominik Schilling
64fc7294b6 Use HTTPS URLs for codex.wordpress.org.
see #27115.
Built from https://develop.svn.wordpress.org/trunk@32116


git-svn-id: http://core.svn.wordpress.org/trunk@32095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-12 21:29:32 +00:00
Helen Hou-Sandí
d85f8fe326 Admin notices: Make (most) core notices dismissible.
These no longer return upon refreshing the page when JS is on and working, so users should be able to dismiss them. This is particularly important on the post edit screen when DFW is triggered, but pretty much all notices can be dismissed if needed. A post on Make/Core will follow with information on how this can be leveraged in plugins.

props valendesigns, afercia, paulwilde, adamsilverstein, helen.
fixes #31233. see #23367.

Built from https://develop.svn.wordpress.org/trunk@31973


git-svn-id: http://core.svn.wordpress.org/trunk@31952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-04-01 22:06:28 +00:00
Scott Taylor
bce851dcf2 Replace array_shift() with reset() where appropriate for performance.
Props SergeyBiryukov.
Fixes #31259.

Built from https://develop.svn.wordpress.org/trunk@31829


git-svn-id: http://core.svn.wordpress.org/trunk@31811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-03-19 03:56:27 +00:00
Jeremy Felt
754636aaf1 Avoid clearing stored capabilities for a user when removing their built in role in multisite.
Previously, if “No role on this site” was assigned to a user AND that user did not have an empty role array stored for the site, the `$blog_prefix . ‘capabilities’` meta for that user would be deleted completely after changes to the user were saved. Any custom capabilities stored (i.e. `$user->add_role()`) would be removed as well.

This removes the code controlling the old WPMU handling of “no role” and allows custom stored capabilities to remain. Users with no role and custom capabilities will now appear in the users list table with “None” as the role.

In the process we’re able to better clarify the multisite specific pieces that do occur.

Props PeteMall, jeremyfelt.

Fixes #18934.

Built from https://develop.svn.wordpress.org/trunk@31516


git-svn-id: http://core.svn.wordpress.org/trunk@31497 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-02-23 01:34:24 +00:00
Sergey Biryukov
98da858b40 Revert [30027]. These fields are already sufficiently labeled; duplicate labels can lead to confused behavior for screen readers.
see #31117, #30101.
Built from https://develop.svn.wordpress.org/trunk@31281


git-svn-id: http://core.svn.wordpress.org/trunk@31262 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-25 18:33:22 +00:00
Sergey Biryukov
1c9e1836ac Remove obsolete help sentence on Edit User screen.
fixes #30750.
Built from https://develop.svn.wordpress.org/trunk@31067


git-svn-id: http://core.svn.wordpress.org/trunk@31048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-07 08:23:23 +00:00
Aaron Jorbin
7ea306dd9d Set the type attribute of the buttons for logging out of all sessions to buttons
By not setting this attribute, the buttons default to submit and as the first
submit button on the page, it causes pressing the enter key to log you out of
all sessions. This change restores the pre 4.1 behavior where pressing enter
while focused on a form field submits the form.

props ocean90
fixes #30871 for trunk


Built from https://develop.svn.wordpress.org/trunk@31010


git-svn-id: http://core.svn.wordpress.org/trunk@30991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-31 17:33:24 +00:00
Andrew Nacin
23f4b0f62f Updates to the 'Log out everywhere' implementation.
* Include a message and a disabled button when you're only logged in at one location.
 * Avoid leaking the session token in HTML.
 * Simplify, simplify, simplify.

see #30264.

Built from https://develop.svn.wordpress.org/trunk@30888


git-svn-id: http://core.svn.wordpress.org/trunk@30878 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-16 09:15:23 +00:00
Andrew Nacin
741e0ec6de No need for wp_get_password_hint() to be prefixed as if it is private.
see #21243.

Built from https://develop.svn.wordpress.org/trunk@30855


git-svn-id: http://core.svn.wordpress.org/trunk@30845 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-15 08:34:23 +00:00
John Blackbourn
bdd00b3902 Improve various hook and filter docs so they are correctly parsed for the code reference.
Fixes #30558
Props DrewAPicture

Built from https://develop.svn.wordpress.org/trunk@30754


git-svn-id: http://core.svn.wordpress.org/trunk@30744 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-06 21:32:24 +00:00
John Blackbourn
9b9424aa77 Admin help text changes for the General Settings screen, post editing screen, network settings screen, and user editing screen.
Fixes #30547
Props kpdesign

Built from https://develop.svn.wordpress.org/trunk@30705


git-svn-id: http://core.svn.wordpress.org/trunk@30695 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-12-02 05:15:23 +00:00