Commit Graph

410 Commits

Author SHA1 Message Date
Ryan Boren
315bfb019a Use wp_unslash() instead of stripslashes() and stripslashes_deep(). Use wp_slash() instead of add_magic_quotes().
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23594 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-03 21:11:40 +00:00
Sergey Biryukov
ed830a979b Consistently apply 'register' filter. props wonderboymusic for initial patch. fixes #14406.
git-svn-id: http://core.svn.wordpress.org/trunk@23558 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:43:18 +00:00
Ryan Boren
43a7e695e9 Revert 23416, 23419, 23445 except for wp_reset_vars() changes. We are going a different direction with the slashing cleanup, so resetting to a clean slate. see #21767
git-svn-id: http://core.svn.wordpress.org/trunk@23554 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-03-01 16:28:40 +00:00
Andrew Ozz
0910d5755e Improved logged out warnings, first run, props mintindeed, see #23295
git-svn-id: http://core.svn.wordpress.org/trunk@23504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-28 08:57:17 +00:00
Ryan Boren
cc5ed3a485 Change all core API to expect unslashed rather than slashed arguments.
The exceptions to this are update_post_meta() and add_post_meta() which are often used by plugins in POST handlers and will continue accepting slashed data for now.

Introduce wp_upate_post_meta() and wp_add_post_meta() as unslashed alternatives to update_post_meta() and add_post_meta(). These functions could become methods in WP_Post so don't use them too heavily yet.

Remove all escape() calls from wp_xmlrpc_server. Now that core expects unslashed data this is no longer needed.

Remove addslashes(), addslashes_gpc(), add_magic_quotes() calls on data being prepared for handoff to core functions that until now expected slashed data. Adding slashes in no longer necessary.

Introduce wp_unslash() and use to it remove slashes from GPCS data before using it in core API. Almost every instance of stripslashes() in core should now be wp_unslash(). In the future (a release or three) when GPCS is no longer slashed, wp_unslash() will stop stripping slashes and simply return what is passed. At this point wp_unslash() calls can be removed from core.

Introduce wp_slash() for slashing GPCS data. This will also turn into a noop once GPCS is no longer slashed. wp_slash() should almost never be used. It is mainly of use in unit tests.

Plugins should use wp_unslash() on data being passed to core API.

Plugins should no longer slash data being passed to core. So when you get_post() and then wp_insert_post() the post data from get_post() no longer needs addslashes(). Most plugins were not bothering with this. They will magically start doing the right thing. Unfortunately, those few souls who did it properly will now have to avoid calling addslashes() for 3.6 and newer.

Use wp_kses_post() and wp_kses_data(), which expect unslashed data, instead of wp_filter_post_kses() and wp_filter_kses(), which expect slashed data. Filters are no longer passed slashed data.

Remove many no longer necessary calls to $wpdb->escape() and esc_sql().

In wp_get_referer() and wp_get_original_referer(), return unslashed data.

Remove old stripslashes() calls from WP_Widget::update() handlers. These haven't been necessary since WP_Widget.

Switch several queries over to prepare().

Expect something to break.

Props alexkingorg
see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23416 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-02-14 22:51:06 +00:00
Sergey Biryukov
94e5df7d3e Simplify the logic for printing "Lost your password?" link. props ktdreyer. fixes #16498.
git-svn-id: http://core.svn.wordpress.org/trunk@23336 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-01-23 02:08:44 +00:00
Ryan Boren
d4abd95449 Scope button classes so they can be used on the frontend without interfering with theme styles.
Props helenyhou, koopersmith
fixes #22644


git-svn-id: http://core.svn.wordpress.org/trunk@22948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-30 13:40:59 +00:00
Andrew Nacin
10b381a047 Revert type="email" on the registration form to avoid validation issues. see #22183.
git-svn-id: http://core.svn.wordpress.org/trunk@22413 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-11-07 07:47:52 +00:00
Andrew Ozz
8c4d96b05a Buttons: slightly bolder :focus styles, make the "Log In" button '.button-large', props lessbloat, see #21598
git-svn-id: http://core.svn.wordpress.org/trunk@22288 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-24 01:27:56 +00:00
Ryan Boren
51920e1858 Consolidate some strings. Props pavelevap, SergeyBiryukov. see #21728
git-svn-id: http://core.svn.wordpress.org/trunk@22124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-10-05 19:04:34 +00:00
Andrew Nacin
71d750b450 Add a login_body_class filter to login_header(). fixes #21133.
git-svn-id: http://core.svn.wordpress.org/trunk@22000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 09:13:06 +00:00
Andrew Nacin
557d9313a7 Introduce constants to allow for easier expression of time periods in seconds. Adds MINUTE_IN_SECONDS, HOUR_IN_SECONDS, DAY_IN_SECONDS, WEEK_IN_SECONDS, YEAR_IN_SECONDS. props nbachiyski, SergeyBiryukov. fixes #20987.
git-svn-id: http://core.svn.wordpress.org/trunk@21996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-25 05:26:19 +00:00
Peter Westwood
e1b861e1cb Passwords: Make it possible for plugins to enforce extra password strength / validity rules during the reset process.
Adds a filter in the password reset process so that a plugin can enforce particular password rules on users to compliment the existing filtering in the Profile modification process.
Fixes #21778.


git-svn-id: http://core.svn.wordpress.org/trunk@21923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-20 11:01:29 +00:00
Andrew Nacin
87c947a987 Use network_site_url() for wp-signup.php. props markjaquith. see #19796.
git-svn-id: http://core.svn.wordpress.org/trunk@21813 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-11 12:27:25 +00:00
Ryan Boren
c55cf716da Use set_url_scheme(). Props johnbillion, MarcusPope. see #19037 #20759
git-svn-id: http://core.svn.wordpress.org/trunk@21664 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-30 13:33:00 +00:00
Ryan Boren
8eb21fd381 Use admin_url() instead of get_edit_user_link() in wp-login.php since cookies are not yet set. Props SergeyBiryukov. fixes #14787
git-svn-id: http://core.svn.wordpress.org/trunk@21507 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-08-14 19:10:37 +00:00
ryan
7b49ad8493 Introduce get_edit_user_link(). Props scribu, georgestephanis, johnbillion. fixes #14787 see #20307
git-svn-id: http://core.svn.wordpress.org/trunk@21364 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-30 18:30:03 +00:00
azaozz
34535097b7 Remove nearly all tabindex attributes from the admin, leaving them only where absolutely necessary (for now that's only the toolbar).
Add tabindex="-1" for the menu images links to avoid double tab stops there when the menu is expanded.

Fix/add auto-focus on the first input fields on the Add/Edit Post, all taxonomy, all edit taxonomy, Log In and Edit Comment screens.

See #21340.

git-svn-id: http://core.svn.wordpress.org/trunk@21311 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-24 00:15:15 +00:00
nacin
489f6828d8 Only obey the RELOCATE move flag if it evaluates to true. props TomAuger, JustinSainton, fixes #20636.
git-svn-id: http://core.svn.wordpress.org/trunk@21251 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-07-09 19:32:09 +00:00
nacin
69112517ed Refresh nonces in the customizer. props koopersmith. see #20876.
git-svn-id: http://core.svn.wordpress.org/trunk@21135 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-26 18:48:18 +00:00
ryan
9115435213 Customizer: Gravefully handle cookie expipration. Prompt for log in in the preview. Props ocean90, koopersmith, nacin. fixes #20876
git-svn-id: http://core.svn.wordpress.org/trunk@21031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-06-08 19:22:11 +00:00
nacin
9f97ddf45c When auth_redirect() detects a logged out user and the target
page was about.php?updated, then issue a message welcoming them.

This is to prevent it from being so jolting if you are taken to
the login screen after an update.

In WordPress 3.4, the changes to wp_salt() provide for extra
security, but will cause a log-out for any installs without 8
unique keys and salts in wp-config.php (with some exceptions).
Properly re-issuing cookies, even for the logged in user, is
not easily doable via admin/includes/update-core.php, as that
file is included long after the headers are sent.

see #19599.



git-svn-id: http://core.svn.wordpress.org/trunk@20887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-24 21:22:09 +00:00
azaozz
000b7a9313 Move mobile devices CSS from wp-login.php to wp-admin.css, props SergeyBiryukov, fixes #19673
git-svn-id: http://svn.automattic.com/wordpress/trunk@20430 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-11 01:45:01 +00:00
azaozz
1d12cd07b0 Introduce wp_is_mobile() and use it instead of $is_iphone global, see #20014
git-svn-id: http://svn.automattic.com/wordpress/trunk@20417 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-04-10 01:19:30 +00:00
ryan
0dfe24e69b Set post password cookies via an action in wp-login.php. Retire wp-pass.php (one less root file). Obey login ssl preferences for post password form submission. Props SergeyBiryukov. fixes #19798
git-svn-id: http://svn.automattic.com/wordpress/trunk@19925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-02-14 18:29:22 +00:00
nacin
e41d7ad161 Translate http://wordpress.org/ for the wp-login.php header image URL. Clean up. props zeo, fixes #19364.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19783 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-29 18:47:41 +00:00
ryan
e3b46b25d3 Lose EOF ?>. Clean up EOF newlines. fixes #12307
git-svn-id: http://svn.automattic.com/wordpress/trunk@19712 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-08 17:01:11 +00:00
nacin
ed9d705b83 Use home URL, not siteurl, in the password reset email. fixes #19767.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-07 18:54:08 +00:00
duck_
65b840b565 Fix mistakes in parameter documentation and add some missing param docs. See #19756.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-06 18:31:43 +00:00
ryan
83b131f8e3 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
git-svn-id: http://svn.automattic.com/wordpress/trunk@19687 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-01-05 20:50:54 +00:00
ryan
07ff8b216b Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
azaozz
4cd52de33b Align login box, messages, navigation links and header image on the login screen, props SergeyBiryukov and helenyhou, fixes #19331
git-svn-id: http://svn.automattic.com/wordpress/trunk@19414 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-23 07:03:00 +00:00
ryan
45ddf08e07 Introduce wp_no_robots(). Call it for pages that should never be indexed, regardless of blog privacy settings. Props nacin. fixes #19251
git-svn-id: http://svn.automattic.com/wordpress/trunk@19304 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-15 20:44:48 +00:00
nacin
065e4cba61 Use wp_login_url() where possible in wp-login.php. props ramiy for initial patch. Escape with a tin foil hat. fixes #19199.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-14 21:08:33 +00:00
nacin
b6a2aab635 Add 'for' attributes to labels in wp-login.php for extra accessibility. props ppaire, fixes #19178.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19189 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-06 20:03:30 +00:00
nacin
13fc52f98f Remove CSS for interim-login. see #19120.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19124 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-11-02 22:47:21 +00:00
ryan
b75f3e8f07 Avoid warning when user_login not in POST. Props ampt. fixes #18755
git-svn-id: http://svn.automattic.com/wordpress/trunk@19056 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-24 21:31:30 +00:00
nacin
43eae59235 Translated strings in attributes require esc_attr(). s/_e/esc_attr_e/g
git-svn-id: http://svn.automattic.com/wordpress/trunk@19028 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-20 15:04:46 +00:00
nacin
92ba22e537 Use wp_lostpassword_url() instead of site_url(wp-login...). Update wp_lostpassword_url() to use network_site_url(). props markoheijnen, fixes #18808.
git-svn-id: http://svn.automattic.com/wordpress/trunk@19027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-10-20 14:40:11 +00:00
nacin
3ff82a3786 Use input type=email on wp-login registration. props scottconnerly, fixes #18761.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-23 22:48:45 +00:00
azaozz
1cdec6ff6e Merge most admin css files, first run, see #18314
git-svn-id: http://svn.automattic.com/wordpress/trunk@18577 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-21 03:46:43 +00:00
ryan
ec4ccf2900 Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
git-svn-id: http://svn.automattic.com/wordpress/trunk@18513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-05 16:57:31 +00:00
ryan
6c81d023bb Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
git-svn-id: http://svn.automattic.com/wordpress/trunk@18504 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-08-04 03:09:27 +00:00
azaozz
5256d7951f <!DOCTYPE html> for all, fixes #18202
git-svn-id: http://svn.automattic.com/wordpress/trunk@18460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-07-22 00:25:41 +00:00
ryan
4fa8ee19e4 Fix handing of super admins that don't have a blog in get_dashboard_url() and login. Props nacin. fixes #17829
git-svn-id: http://svn.automattic.com/wordpress/trunk@18328 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-22 19:45:28 +00:00
koopersmith
bc7d8a9dca Refresh login form styles to match admin style refresh. Props iammattthomas. see #17324.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18223 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-10 02:37:37 +00:00
nacin
e7739ff5f6 Move charset declaration to just inside <head>. props niallkennedy, fixes #17148.
git-svn-id: http://svn.automattic.com/wordpress/trunk@18206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-06-08 22:22:07 +00:00
nacin
8bb7dfd228 Fix typo in docs.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-20 06:00:45 +00:00
ryan
d4abef7def s/login_form/login_init/. Props sorich87. fixes #17411
git-svn-id: http://svn.automattic.com/wordpress/trunk@17918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-13 18:33:20 +00:00
ryan
b58636e914 Send X-Frame-Options: SAMEORIGIN for admin and login pages. see #12293
git-svn-id: http://svn.automattic.com/wordpress/trunk@17826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-06 21:28:53 +00:00
markjaquith
6e1fc710d9 Do not attach wp_enqueue_scripts to login_head. New login_enqueue_scripts hook. props nacin. fixes #16586 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@17465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-02-18 05:10:58 +00:00
ryan
186e70bcca Use get_dashboard_url() to redirect to the active blog if the user doesn't have access to the current blog. fixes #16297
git-svn-id: http://svn.automattic.com/wordpress/trunk@17367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-26 16:35:04 +00:00
ryan
8249212f7d Don't try to redirect to user admin for unpriv users unless a site admin redirect was requested. fixes #16297
git-svn-id: http://svn.automattic.com/wordpress/trunk@17351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-22 18:29:43 +00:00
nacin
405e7dfa4f Correct user admin redirection checks, and deny access to the user admin when not running multisite. fixes #16297.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-01-20 03:04:20 +00:00
ryan
587ea006b5 Translations in title attributes require esc_attr().
git-svn-id: http://svn.automattic.com/wordpress/trunk@17102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-21 17:17:58 +00:00
nacin
8a52e23479 Add login_footer action to the default case, which doesn't use login_footer(). fixes #15880.
git-svn-id: http://svn.automattic.com/wordpress/trunk@17043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-18 17:53:29 +00:00
ryan
3949ce12d0 Pink trailing whites.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16900 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-13 21:21:50 +00:00
nacin
c7ce2852c2 Don't clear saved username in wp_attempt_focus. props JohnPBloch, wojtek.szkutnik. fixes #14031.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16870 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-12-11 04:59:49 +00:00
westi
cab19ed4aa Wrap the reset link in <> so as to protect it when it goes over multiple lines in an email client. Fixes #14140 props demetris.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16285 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-10 23:38:15 +00:00
westi
ae213c99ca Generate Human Readable passwords as they are much more userfriendly. Fixes #13324 props Otto42.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16284 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-11-10 23:31:54 +00:00
nacin
0552424317 Revert submit_button() for wp-includes, setup-config, install, login, signup. see [16061], see #15064, fixes #15247.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-29 00:31:27 +00:00
markjaquith
fc6e89da45 Expand submit_button() capabilities. Replace all (or almost all) manual HTML instances in WP. props sbressler. see #15064
git-svn-id: http://svn.automattic.com/wordpress/trunk@16061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-28 21:56:43 +00:00
nacin
05fde90357 Move registration.php functions to user.php. Deprecate registration.php, everything is now included by default. fixes #13761.
git-svn-id: http://svn.automattic.com/wordpress/trunk@16009 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-27 10:46:24 +00:00
dd32
4f3b9f7b7f Use Absolute URL's & API's in header redirects in more locations. See #14062
git-svn-id: http://svn.automattic.com/wordpress/trunk@16008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-27 10:43:43 +00:00
westi
afc867fe64 Remove the ghetto code and use the script loader properly on the login page.
Ensure that we actually have convertEntities available on the login page.
Introduce a login_footer action.
Hook in the script loader to the login_header and login_footer actions.
See #5919, #15124.

git-svn-id: http://svn.automattic.com/wordpress/trunk@16000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-27 06:57:10 +00:00
nacin
b23df1e46b Make a string accurate. props jane, see #5919.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15999 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-27 06:48:01 +00:00
westi
7186208818 Bring back a seperate js file for the password strength meter and correctly mark it as a dependancy of the user profile code. See #5919.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-27 06:39:20 +00:00
nacin
14ccdbec33 Pruning shears.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15904 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-21 19:55:28 +00:00
nacin
5e1184aa57 Pinking shears.
git-svn-id: http://svn.automattic.com/wordpress/trunk@15843 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-19 07:48:22 +00:00
scribu
119713f3da first pass at strength indicator on password reset. see #5919
git-svn-id: http://svn.automattic.com/wordpress/trunk@15782 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-12 21:37:01 +00:00
scribu
013c8b9a93 Revert part of [15780] included by accident. See #5919
git-svn-id: http://svn.automattic.com/wordpress/trunk@15781 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-12 20:32:41 +00:00
scribu
08e984e5e8 move password-strength-meter.js into user-profile.js. See #5919
git-svn-id: http://svn.automattic.com/wordpress/trunk@15780 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-12 20:29:19 +00:00
scribu
ce6b055cf8 Improve password reset email copy. See #5919
git-svn-id: http://svn.automattic.com/wordpress/trunk@15776 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-12 17:22:05 +00:00
ryan
9c31fd7c70 First pass of user admin. Network admin and screen cleanups. see #14696
git-svn-id: http://svn.automattic.com/wordpress/trunk@15746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-07 19:34:18 +00:00
scribu
36e537424d Fix password reset procedure. See #5919
git-svn-id: http://svn.automattic.com/wordpress/trunk@15735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-06 19:02:43 +00:00
ryan
79fdf626a1 Streamline password reset process. Allow user to input new password. Props scribu. see #5919
git-svn-id: http://svn.automattic.com/wordpress/trunk@15710 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-10-04 15:32:54 +00:00
ryan
d1d63b81d5 Remove login-header.png. Use CSS3 with fallback color. Login RTL fix. Props ocean90. fixes #13587
git-svn-id: http://svn.automattic.com/wordpress/trunk@15090 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-06-01 15:54:00 +00:00
dd32
8199a1be9b Reset position after shaking the login screen, Fixes IE6 hiding the Remember Me & Login buttons. Props ocean90. Fixes #13495
git-svn-id: http://svn.automattic.com/wordpress/trunk@14817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-23 11:06:44 +00:00
dd32
be365e349f Correct the no-shake iphone check. See #13495
git-svn-id: http://svn.automattic.com/wordpress/trunk@14809 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-23 00:26:13 +00:00
westi
9016d1ff10 Shake not your iphone for an incorrect password. Fixes #13495
git-svn-id: http://svn.automattic.com/wordpress/trunk@14806 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-22 21:31:14 +00:00
westi
9570dfc394 Introduce __return_zero() and use it instead of create_function in the login header.
Also add version info to __return_true and __return_false.

git-svn-id: http://svn.automattic.com/wordpress/trunk@14639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-14 16:46:53 +00:00
ryan
5c48b8b015 Force reauth when auth_redirect() redirects to login. see #12142
git-svn-id: http://svn.automattic.com/wordpress/trunk@14556 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-11 13:44:40 +00:00
ryan
2ecda01ce0 Fix user validation feedback. Props sivel. fixes #13162
git-svn-id: http://svn.automattic.com/wordpress/trunk@14428 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-05-03 23:46:42 +00:00
nacin
36876023a4 Keep 'remember me' checked when user/pass is incorrect. props xibe, fixes #13165.
git-svn-id: http://svn.automattic.com/wordpress/trunk@14280 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-28 17:01:55 +00:00
ryan
8e4859a35c Use network_*_url(). see #12736
git-svn-id: http://svn.automattic.com/wordpress/trunk@13884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-03-29 21:45:31 +00:00
dd32
ac9c531035 Set up the password nag for newly registered users. Fixes #12143
git-svn-id: http://svn.automattic.com/wordpress/trunk@13490 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-28 07:15:15 +00:00
nacin
640158f15b Add redirect_to and associated filters to registration and password recovery. fixes #12282
git-svn-id: http://svn.automattic.com/wordpress/trunk@13465 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-27 18:21:03 +00:00
nacin
a8e56e49ec Use is_ssl() in place of manual SERVER['HTTPS'] == 'on' checks. fixes #11885
git-svn-id: http://svn.automattic.com/wordpress/trunk@13427 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-26 06:21:47 +00:00
dd32
679250491d Variable Cleanup, Unused variables, Typo'd variables, unused code blocks. Fixes #12299
git-svn-id: http://svn.automattic.com/wordpress/trunk@13242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-20 02:01:46 +00:00
dd32
041c570da1 Switch to *_user_option() for default password nag to avoid extra DB queries. Fixes #11380
git-svn-id: http://svn.automattic.com/wordpress/trunk@12983 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-06 06:20:38 +00:00
dd32
fc6c57b180 Show login form upon email-sent for recover/reset passwords. Props nacin. Fixes #11141
git-svn-id: http://svn.automattic.com/wordpress/trunk@12981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-06 04:42:14 +00:00
ryan
9f8149616d ms-functions pruning and cleanup. Props nacin. see #11644
git-svn-id: http://svn.automattic.com/wordpress/trunk@12948 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-04 18:57:32 +00:00
ryan
699387f747 Remove trailing whitespace
git-svn-id: http://svn.automattic.com/wordpress/trunk@12859 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-26 22:49:05 +00:00
markjaquith
7f91337a3b Shake the JS weight away!
git-svn-id: http://svn.automattic.com/wordpress/trunk@12817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-24 06:16:17 +00:00
markjaquith
29bafc4bac seismic failures.
git-svn-id: http://svn.automattic.com/wordpress/trunk@12815 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-23 23:07:56 +00:00
markjaquith
dcc35f621e Fix "is_multixsite()" typo from [12735]
git-svn-id: http://svn.automattic.com/wordpress/trunk@12814 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-23 22:50:37 +00:00
ryan
9bea527ac3 Coding style
git-svn-id: http://svn.automattic.com/wordpress/trunk@12735 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-15 23:40:29 +00:00
wpmuguru
7b64248bc8 merge in multisite login, wp-includes, See #11644
git-svn-id: http://svn.automattic.com/wordpress/trunk@12697 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-11 21:49:40 +00:00
ryan
533244e72d Typo fix in comment. see #11643
git-svn-id: http://svn.automattic.com/wordpress/trunk@12666 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-08 19:10:50 +00:00
ryan
a521ef3bae Document impenetrable logic in login secure cookie and redirect handler. fixes #11643
git-svn-id: http://svn.automattic.com/wordpress/trunk@12665 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-08 19:09:37 +00:00
westi
2c4aadf49f Fix some more html encoding in email subject issues. Fixes #9913.
git-svn-id: http://svn.automattic.com/wordpress/trunk@12398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-14 22:09:54 +00:00
ryan
edd5d4d608 Pass user_login and user_email to registration_errors. Props nacin. fixes #11237
git-svn-id: http://svn.automattic.com/wordpress/trunk@12266 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-11-23 18:51:14 +00:00
azaozz
efa493655e Show the login form in a popup when autosave hits the login grace period, fixes #10704
git-svn-id: http://svn.automattic.com/wordpress/trunk@12021 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-10-11 11:26:59 +00:00
ryan
8e3808bce2 Remove trailing whitespace
git-svn-id: http://svn.automattic.com/wordpress/trunk@11930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-14 14:03:32 +00:00
azaozz
e9ce147405 Clean up .button and .button[disabled] CSS classes, add spinner and gray-out buttons after clicking Publish or Update post.
git-svn-id: http://svn.automattic.com/wordpress/trunk@11874 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-25 05:14:49 +00:00
ryan
0fc380223a Make it raw
git-svn-id: http://svn.automattic.com/wordpress/trunk@11803 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-11 05:58:48 +00:00
ryan
85c806b96b urlencode login
git-svn-id: http://svn.automattic.com/wordpress/trunk@11802 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-11 05:56:43 +00:00
ryan
55a2d968ce Pass user login when resetting passwords.
git-svn-id: http://svn.automattic.com/wordpress/trunk@11801 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-11 05:48:44 +00:00
ryan
b6a2f6a186 Enforce activation key to be a string.
git-svn-id: http://svn.automattic.com/wordpress/trunk@11799 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-11 05:29:36 +00:00
ryan
bb9135074d Reject activation keys that are arrays.
git-svn-id: http://svn.automattic.com/wordpress/trunk@11797 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-11 04:53:10 +00:00
azaozz
0b1ce740ed Give login screen proper iPhone viewport, props noel, fixes #10023
git-svn-id: http://svn.automattic.com/wordpress/trunk@11514 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-06-03 22:15:22 +00:00
ryan
709eaa542b noindex for login. Props Viper007Bond, joostdevalk. fixes #10026
git-svn-id: http://svn.automattic.com/wordpress/trunk@11513 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-06-03 21:29:02 +00:00
ryan
2df887bd07 Trim tailing whitespace
git-svn-id: http://svn.automattic.com/wordpress/trunk@11450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-24 23:47:49 +00:00
ryan
629775df07 Make login more pluggable. Props Denis-de-Bernardy. fixes #9682
git-svn-id: http://svn.automattic.com/wordpress/trunk@11291 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-12 04:55:06 +00:00
markjaquith
6c2ffddf31 _a(), _ea(), _xa(), attr() are now esc_attr__(), esc_attr_e(), esc_attr_x(), esc_attr() -- still short, but less cryptic. see #9650
git-svn-id: http://svn.automattic.com/wordpress/trunk@11204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-05 19:43:53 +00:00
westi
614244af2b Add a nag message if the user is still using an auto-generated password. See #9710 props DD32.
git-svn-id: http://svn.automattic.com/wordpress/trunk@11162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-03 17:06:29 +00:00
azaozz
4ec5141bee Fix styling issues with the registration form, fixes #9688
git-svn-id: http://svn.automattic.com/wordpress/trunk@11148 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-30 23:53:26 +00:00
ryan
2d489767bb s/attribute_escape/attr/. see #9650
git-svn-id: http://svn.automattic.com/wordpress/trunk@11109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-28 05:58:45 +00:00
ryan
c2ff1cd44a Some attr escaping. see #9650
git-svn-id: http://svn.automattic.com/wordpress/trunk@11104 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-27 23:09:08 +00:00
ryan
bbe1956bbb Grammar fix. Props Denis-de-Bernardy. fixes #9601
git-svn-id: http://svn.automattic.com/wordpress/trunk@11022 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-20 21:50:29 +00:00
ryan
d43bd8177c Use wpdb::insert() and update(). Props DD32. see #6836
git-svn-id: http://svn.automattic.com/wordpress/trunk@10730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-06 04:27:51 +00:00
ryan
b37719c1f6 Check admin_url() when redirecting to profile. Props drossy. fixes #8493
git-svn-id: http://svn.automattic.com/wordpress/trunk@10705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-03-04 20:34:52 +00:00
ryan
bea9ee50aa Allow filtering of login message even if empty. Props DD32. fixes #8675
git-svn-id: http://svn.automattic.com/wordpress/trunk@10634 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-02-23 06:46:42 +00:00
ryan
c2ba81dbb1 Don't show form when confirming password resets.
git-svn-id: http://svn.automattic.com/wordpress/trunk@10023 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-12-03 19:04:07 +00:00
markjaquith
67b3b12fa5 "Login" is a noun. The verb is "Log In"
git-svn-id: http://svn.automattic.com/wordpress/trunk@9804 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-20 03:23:15 +00:00
azaozz
205f2f5418 New login form design, props iammattthomas, fixes #8286
git-svn-id: http://svn.automattic.com/wordpress/trunk@9800 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-20 00:56:20 +00:00
ryan
9861eb1a85 Notice fixes from DD32. see #7509
git-svn-id: http://svn.automattic.com/wordpress/trunk@9699 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-11-14 23:01:16 +00:00
westi
f419d59754 Protect log out actions against CSRF. Props markjaquith and ionfish. Fixes #7790.
git-svn-id: http://svn.automattic.com/wordpress/trunk@9025 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-28 21:05:37 +00:00
azaozz
eb3e916086 Completion and fixes for wp-app, wp-login and xmlrpc inline documentation, props jacobsantos, fixes #7550
git-svn-id: http://svn.automattic.com/wordpress/trunk@8952 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-22 05:15:41 +00:00
ryan
9a3f8221c1 Typo fix. Props jdevalk.
git-svn-id: http://svn.automattic.com/wordpress/trunk@8919 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-09-17 20:17:37 +00:00
westi
00583d64eb Performance improvements using strpos. Fixes #7611 and #7610 props johnbillion.
git-svn-id: http://svn.automattic.com/wordpress/trunk@8754 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-27 20:47:01 +00:00
ryan
0ee91f227e Add login_redirect filter. fixes #7002 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@8736 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-26 17:57:03 +00:00
ryan
8dfd6d050f Do secure redirect only for admin destinations. see #7561
git-svn-id: http://svn.automattic.com/wordpress/trunk@8730 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-25 20:40:34 +00:00
ryan
203086a4de Option to force SSL. see #7561
git-svn-id: http://svn.automattic.com/wordpress/trunk@8701 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-21 17:40:38 +00:00
ryan
35b18e5034 Trailing whitespace cleanup
git-svn-id: http://svn.automattic.com/wordpress/trunk@8600 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-08-09 05:36:14 +00:00
westi
f69ddab179 Make lost password admin notification pluggable. Fixes #7430 props error.
git-svn-id: http://svn.automattic.com/wordpress/trunk@8489 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-07-29 20:21:34 +00:00
azaozz
44a80acfe5 Login: keep username when password is incorrect and focus on password field
git-svn-id: http://svn.automattic.com/wordpress/trunk@8454 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-07-25 06:32:53 +00:00
ryan
702019d574 Fix case. fixes #7344 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@8411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-07-23 16:36:10 +00:00
ryan
a0b5e9133d Allow disabling password reset per user. Props axelseaa. fixes #7344 for trunk
git-svn-id: http://svn.automattic.com/wordpress/trunk@8400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-07-22 19:15:42 +00:00
ryan
8ae2545c47 Inline user_login focus JS and avoid JS error. Props azaozz. fixes #7282
git-svn-id: http://svn.automattic.com/wordpress/trunk@8314 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-07-11 20:14:44 +00:00
ryan
ba56acc787 Typo fix. Props JeremyVisser. fixes #7196
git-svn-id: http://svn.automattic.com/wordpress/trunk@8210 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-06-28 13:51:39 +00:00
ryan
63b5bd26fe Only use SSL for login POST links if SSL logins are forced. Clear old cookies. see #7001
git-svn-id: http://svn.automattic.com/wordpress/trunk@8197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-06-26 16:40:04 +00:00
ryan
636c562256 SSL fixes. see #7001
git-svn-id: http://svn.automattic.com/wordpress/trunk@8190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-06-24 22:19:27 +00:00
ryan
6adcab8b27 Introduce logged_in cookie. Deliver auth cookies only to wp-admin. see #7001
git-svn-id: http://svn.automattic.com/wordpress/trunk@8069 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-06-11 17:25:55 +00:00
ryan
d1e50738c7 Don't forget to echo. Props DD32. fixes #7107 see #7001
git-svn-id: http://svn.automattic.com/wordpress/trunk@8061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-06-08 16:56:00 +00:00
ryan
c790febe36 More use of site_url(), admin_url(), and site_url(). Force login and admin links to be https if FORCE_SSL_LOGIN. see #7001
git-svn-id: http://svn.automattic.com/wordpress/trunk@8058 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-06-06 07:39:11 +00:00
ryan
9771ec5110 First cut and better admin SSL support. see #7001
git-svn-id: http://svn.automattic.com/wordpress/trunk@7998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-27 17:46:01 +00:00
ryan
5322be300a File file level phpdoc from jacobsantos. see #7037
git-svn-id: http://svn.automattic.com/wordpress/trunk@7992 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-25 20:33:13 +00:00
ryan
a6a1522a8d File file level phpdoc from jacobsantos. see #7037
git-svn-id: http://svn.automattic.com/wordpress/trunk@7991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-25 15:50:15 +00:00
ryan
68a874a4dd wp_admin_css() improvements. Props mdawaffe. see #7011
git-svn-id: http://svn.automattic.com/wordpress/trunk@7979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2008-05-22 00:06:41 +00:00