Commit Graph

12 Commits

Author SHA1 Message Date
Scott Taylor
3d26e3513e Session: move WP_Session_Tokens and WP_User_Meta_Session_Tokens into their own files via svn cp. If we move forard with autoloading, session.php is useless. We could even remove it now, and just load these new files in wp-settings.php. That can be decided post-mortem.
See #37827.

Built from https://develop.svn.wordpress.org/trunk@38353


git-svn-id: http://core.svn.wordpress.org/trunk@38294 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-25 17:44:31 +00:00
Drew Jaynes
9193013158 Docs: Apply inline @see tags to hooks referenced in DocBlocks in a variety of wp-includes/* files.
Applying these specially-crafted `@see` tags allows the Code Reference parser to recognize and link these elements as actions and filters.

Fixes #36921.

Built from https://develop.svn.wordpress.org/trunk@37544


git-svn-id: http://core.svn.wordpress.org/trunk@37512 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-23 19:02:28 +00:00
Drew Jaynes
9cb5247392 Docs: Standardize filter docs in remaining wp-includes/* files to use third-person singular verbs per the inline documentation standards for PHP.
See #36913.

Built from https://develop.svn.wordpress.org/trunk@37518


git-svn-id: http://core.svn.wordpress.org/trunk@37486 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:50:28 +00:00
John Blackbourn
a5d44337b2 Docs: @param fixes for a variety of docblocks.
See #32246

Built from https://develop.svn.wordpress.org/trunk@36232


git-svn-id: http://core.svn.wordpress.org/trunk@36199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-01-09 01:45:26 +00:00
Scott Taylor
02a1f35ac8 Fix some internal types that are passed to functions to avoid changing the acceptable types passed as arguments to those functions:
* In `WP_Importer->is_user_over_quota()`, the default value for the first argument for `upload_is_user_over_quota()` is `true`. Don't bother passing `1`.
* When calling `submit_button()` with no `$name`, pass empty string instead of `false`.
* The default value for the 2nd argument to `get_edit_post_link()` is `'display'`. Because PHP is PHP, passing `true` is the same as passing `'display'` or nothing. Don't bother passing `true`. 
* In `WP_User_Meta_Session_Tokens::drop_sessions()`, pass `0` instead of `false` to `delete_metadata()` as the value for `$object_id`, which expects an int. 

See #30799.

Built from https://develop.svn.wordpress.org/trunk@31220


git-svn-id: http://core.svn.wordpress.org/trunk@31201 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-16 22:51:21 +00:00
John Blackbourn
c02845330e Introduce a button on the user profile screen which clears all other sessions, and on the user editing screen which clears all sessions. Only appears when there are applicable sessions which can be cleared.
See #30264.
Props jorbin, ocean90, johnbillion


Built from https://develop.svn.wordpress.org/trunk@30333


git-svn-id: http://core.svn.wordpress.org/trunk@30332 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-11-13 15:21:21 +00:00
Andrew Nacin
75ff6ae302 Add safeguards for when ext/hash is not compiled with PHP.
see #29518, for trunk.

Built from https://develop.svn.wordpress.org/trunk@29751


git-svn-id: http://core.svn.wordpress.org/trunk@29523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-20 17:28:18 +00:00
Andrew Nacin
768136c6da Rename the public methods in the session tokens API.
Introduces a new get( $token ) method. get_token() would not have made sense and spurred the overall renaming. Public methods are now get, get_all, verify, create, update, destroy, destroy_others, and destroy_all.

The protected abstract methods designed for alternative implementations remain the same.

props mdawaffe.
see #20276.

Built from https://develop.svn.wordpress.org/trunk@29635


git-svn-id: http://core.svn.wordpress.org/trunk@29409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 02:07:16 +00:00
Drew Jaynes
647b6d907b Clean up some missing @access tags and other tweaks for 4.0.0-functionality docs.
See #28885.

Built from https://develop.svn.wordpress.org/trunk@29455


git-svn-id: http://core.svn.wordpress.org/trunk@29233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-09 19:32:16 +00:00
Andrew Nacin
84fb6743fe WP_Session_Tokens: Can't abstract a static method.
Implementations can choose to implement the drop_sessions() method on their own.

see #20276.

Built from https://develop.svn.wordpress.org/trunk@29224


git-svn-id: http://core.svn.wordpress.org/trunk@29008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 19:16:15 +00:00
Sergey Biryukov
d2e690ac2d Fix parse error in PHP 5.2.
props georgestephanis.
see #20276.
Built from https://develop.svn.wordpress.org/trunk@29222


git-svn-id: http://core.svn.wordpress.org/trunk@29006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 17:34:15 +00:00
Andrew Nacin
654e46f03d Tie cookies and nonces to user sessions so they may be invalidated upon logout.
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.

Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().

This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.

props duck_, nacin, mdawaffe.
see #20276.

Built from https://develop.svn.wordpress.org/trunk@29221


git-svn-id: http://core.svn.wordpress.org/trunk@29005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 09:13:15 +00:00