sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
32,391 Commits 2 Branches 473 Tags 137 MiB
Commit Graph

72 Commits

Author SHA1 Message Date
Drew Jaynes 3f756da63a Login: Pass the username and `WP_User` object to the `retrieve_password_title` filter. 
Adding these parameters creates parity with the `retrieve_password_message` filter, used for modifying the message body of the same password reset email.

Props sudar.
Fixes #34252.


git-svn-id: https://develop.svn.wordpress.org/trunk@35093 602fd350-edb4-49c9-b593-d223f7449a82
 2015-10-13 00:50:28 +00:00
John Blackbourn 9b156ee2a9 Correctly set the `secure` flag on the post password cookie based on the scheme of the referring URL, if it's available, instead of the home URL. 
Fixes #29641


git-svn-id: https://develop.svn.wordpress.org/trunk@34932 602fd350-edb4-49c9-b593-d223f7449a82
 2015-10-08 03:08:05 +00:00
John Blackbourn 855991c578 Correctly set the `secure` flag for the test cookie based on the login URL scheme, and the same for the user settings cookies based on the admin URL scheme. 
Fixes #34159


git-svn-id: https://develop.svn.wordpress.org/trunk@34931 602fd350-edb4-49c9-b593-d223f7449a82
 2015-10-08 03:04:41 +00:00
Sergey Biryukov 6cc5757f10 Reset Password: Move the code for creating password reset key into a new function, `get_password_reset_key()`, and use it in `retrieve_password()`. 
Previously: [25231].

Props DH-Shredder.
Fixes #34180.

git-svn-id: https://develop.svn.wordpress.org/trunk@34923 602fd350-edb4-49c9-b593-d223f7449a82
 2015-10-08 00:10:41 +00:00
John Blackbourn 61280672d2 Prevent a PHP notice when POSTing to `wp-login.php?action=register` without a `user_login` or `user_email` field in the POST request. 
Fixes #34192


git-svn-id: https://develop.svn.wordpress.org/trunk@34910 602fd350-edb4-49c9-b593-d223f7449a82
 2015-10-07 14:42:39 +00:00
John Blackbourn c4dd769f22 Prevent a PHP notice from appearing on `wp-login.php?action=postpass` when there's no `$_POST['post_password']` parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here). 
Fixes #34160
Props iamfriendly


git-svn-id: https://develop.svn.wordpress.org/trunk@34909 602fd350-edb4-49c9-b593-d223f7449a82
 2015-10-07 14:29:29 +00:00
Drew Jaynes f2188269ce Login: Pass the `$errors` object as a parameter to the `lostpassword_post` hook. 
Props iamfriendly.
Fixes #32116.


git-svn-id: https://develop.svn.wordpress.org/trunk@34885 602fd350-edb4-49c9-b593-d223f7449a82
 2015-10-06 22:59:30 +00:00
Scott Taylor 8a33422bfc Passwords: fix the markup on the Reset Password Form for `user-pass1` so the JavaScript operates properly. 
Props ldinclaux.
See #33892.
Fixes #33908.


git-svn-id: https://develop.svn.wordpress.org/trunk@34371 602fd350-edb4-49c9-b593-d223f7449a82
 2015-09-22 03:56:25 +00:00
Sergey Biryukov 04c1c825e9 Reset Password: Move `<div>` out of `<p>` in `wp-login.php`. 
Props ldinclaux.
Fixes #33892.

git-svn-id: https://develop.svn.wordpress.org/trunk@34232 602fd350-edb4-49c9-b593-d223f7449a82
 2015-09-16 11:45:09 +00:00
John Blackbourn 1a352d56f9 Implement `wp_login_url()` and `wp_registration_url()` in places where `wp-login.php` is currently hard-coded. 
See #31495
Props GregLone


git-svn-id: https://develop.svn.wordpress.org/trunk@34213 602fd350-edb4-49c9-b593-d223f7449a82
 2015-09-15 17:10:24 +00:00
John Blackbourn 43340fe787 When a user with no role logs in, redirect them to the home page rather than their profile screen which they do not have access to. 
See #25162


git-svn-id: https://develop.svn.wordpress.org/trunk@33924 602fd350-edb4-49c9-b593-d223f7449a82
 2015-09-05 21:34:01 +00:00
Helen Hou-Sandi 0c19c94561 Drop the hyphen from e-mail and standardize on email. 
The AP Stylebook changed this in 2011, and we're woefully inconsistent, so let's go with the standard.

props morganestes, voldemortensen, niallkennedy (for patching on the previous AP style).
fixes #26156.


git-svn-id: https://develop.svn.wordpress.org/trunk@33774 602fd350-edb4-49c9-b593-d223f7449a82
 2015-08-28 03:16:02 +00:00
Mark Jaquith fff891b1d9 Autogenerate passwords that more reliably fit within their inputs. 
fixes #33166

git-svn-id: https://develop.svn.wordpress.org/trunk@33474 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-29 03:55:56 +00:00
Scott Taylor 68ff8b1a80 Passwords UI: clean up the new JS in `wp-admin/js/user-profile.js`. 
Instead of wrapping `#pass1` in a `<span>` dynamically, add the `<span>` to the HTML in PHP. It currently has no styling.

Fixes #33145.


git-svn-id: https://develop.svn.wordpress.org/trunk@33450 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-27 21:24:36 +00:00
Konstantin Obenland 2ab769b1b9 Passwords: Add password strength meter feedback for screen readers. 
Also gives context to the show/hide button.

Props rianrietveld, afercia.
Fixes #33032.



git-svn-id: https://develop.svn.wordpress.org/trunk@33353 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-22 00:14:37 +00:00
Konstantin Obenland f645e3767a Login: Reflect new password flow in registration form. 
Props Ipstenu.
Fixes #32428.



git-svn-id: https://develop.svn.wordpress.org/trunk@33265 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-14 16:07:46 +00:00
Konstantin Obenland 8560ac41f1 Password: Improve display of password meter on login screen. 
Fixes #32925.


git-svn-id: https://develop.svn.wordpress.org/trunk@33251 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-14 03:31:35 +00:00
Mark Jaquith ef9f9c1a24 Fix small typo from [33019]. 
see #32429

git-svn-id: https://develop.svn.wordpress.org/trunk@33034 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-01 18:15:42 +00:00
Mark Jaquith cc23659078 New password change/set UI. 
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords

see #32589

props MikeHansenMe, adamsilverstein, binarykitten

git-svn-id: https://develop.svn.wordpress.org/trunk@33023 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-01 14:47:24 +00:00
Dion Hulse 5b58664439 Expire password reset links after 24 hours (by default). This causes existing password reset links to become invalid. 
Props markjaquith, voldemortensen, johnbillion, MikeHansenMe, dd32
See #32429


git-svn-id: https://develop.svn.wordpress.org/trunk@33019 602fd350-edb4-49c9-b593-d223f7449a82
 2015-07-01 06:32:07 +00:00
Scott Taylor 986990163f Add doc blocks to functions that are missing them. 
If the function has no need for `@param` or `@return`, do an archeaological dig to find `@since`.

See #32444.


git-svn-id: https://develop.svn.wordpress.org/trunk@32672 602fd350-edb4-49c9-b593-d223f7449a82
 2015-05-31 03:17:50 +00:00
Dominik Schilling (ocean90) b0d6757918 Use HTTPS URLs for codex.wordpress.org. 
see #27115.

git-svn-id: https://develop.svn.wordpress.org/trunk@32116 602fd350-edb4-49c9-b593-d223f7449a82
 2015-04-12 21:28:58 +00:00
John Blackbourn d6b90486d1 Implement an `aria-describedby` attribute for login screen errors, and improve the "Forgot password?" anchor text. 
Props aferica, rianrietveld
Fixes #31143


git-svn-id: https://develop.svn.wordpress.org/trunk@31871 602fd350-edb4-49c9-b593-d223f7449a82
 2015-03-24 16:28:56 +00:00
John Blackbourn 66548dcb82 Introduce a `logout_redirect` filter so the redirect destination can be changed when a user logs out. Parameters: 
* string  $redirect_to           The redirect destination URL.
 * string  $requested_redirect_to The requested redirect destination URL passed as a parameter.
 * WP_User $user                  The WP_User object for the user that's logging out. 

Fixes #27617
Props SergeyBiryukov, johnbillion


git-svn-id: https://develop.svn.wordpress.org/trunk@31417 602fd350-edb4-49c9-b593-d223f7449a82
 2015-02-11 19:18:19 +00:00
Scott Taylor 6fd11624d1 The keyword `elseif` should be used instead of `else if` so that all control keywords look like single words. 
This was a mess, is now standardized across the codebase, except for a few 3rd-party libs. 

See #30799.


git-svn-id: https://develop.svn.wordpress.org/trunk@31090 602fd350-edb4-49c9-b593-d223f7449a82
 2015-01-08 07:04:40 +00:00
Andrew Nacin 0375edc8c6 No need for wp_get_password_hint() to be prefixed as if it is private. 
see #21243.


git-svn-id: https://develop.svn.wordpress.org/trunk@30855 602fd350-edb4-49c9-b593-d223f7449a82
 2014-12-15 08:33:48 +00:00
Drew Jaynes (DrewAPicture) ebdb7cb273 Docs Formatting: Backtick-escape inline code for the `login_form_ . $action` dynamic hook in wp-login.php. 
See #30552.


git-svn-id: https://develop.svn.wordpress.org/trunk@30651 602fd350-edb4-49c9-b593-d223f7449a82
 2014-11-30 11:44:29 +00:00
Drew Jaynes (DrewAPicture) a22e8b5354 Ensure inline code is markdown-escaped as such, HTML tags are removed from summaries, and that code snippets in descriptions are properly indented. 
Affects DocBlocks for the following core elements:
* Backtick-escape code snippets in the description for `get_object_taxonomies()`
* Backtick-escape inline code in a markdown-formatted unordered list in the description for `get_taxonomy_labels()`
* Remove an HTML tag from the summary for the `Walker_Category_Checklist` class
* Remove an HTML tag from the summary for `wp_category_checklist()`, various formatting
* Remove an HTML tag from the summary for `wp_terms_checklist()`
* Backtick-escape an HTML tag in the description for `wp_popular_terms_checklist()`
* Remove HTML tags from the summaries for `page_template_dropdown()`, `parent_dropdown()`, and `wp_dropdown_roles()`
* Backtick-escape HTML tags in a parameter description for `add_settings_error()`
* Various formatting in the description and summary for `settings_errors()`
* Markdown-indent code snippets in the descriptions for `wpdb::prepare()`, `wpdb::insert()`, `wpdb::replace()`, `wpdb::update()`, and `wpdb::delete()`
* Backtick-escape an HTML tag in a parameter description for `login_header()`
* Remove HTML tags from the summaries for the `lostpassword_form` and `signup_header` hooks

Props rarst.
See #30473.


git-svn-id: https://develop.svn.wordpress.org/trunk@30546 602fd350-edb4-49c9-b593-d223f7449a82
 2014-11-24 06:30:19 +00:00
Andrew Nacin 1023d2bc60 Form validation for password resets. 
git-svn-id: https://develop.svn.wordpress.org/trunk@30417 602fd350-edb4-49c9-b593-d223f7449a82
 2014-11-20 12:21:45 +00:00
John Blackbourn 0adcbd0094 Add `$user_login` and `$user_data` parameters to the `retrieve_password_message` filter. 
Props ivankristianto, dcavins
Fixes #25853


git-svn-id: https://develop.svn.wordpress.org/trunk@30357 602fd350-edb4-49c9-b593-d223f7449a82
 2014-11-16 07:24:39 +00:00
Drew Jaynes (DrewAPicture) 7cd15026bd Correct references of `@uses $wpdb` in core documentation to use `@global`. 
See #30191, [30105].
Fixes #30217.


git-svn-id: https://develop.svn.wordpress.org/trunk@30122 602fd350-edb4-49c9-b593-d223f7449a82
 2014-10-31 17:55:39 +00:00
John Blackbourn bc1168e953 Rename `_wp_password_hint()` to `_wp_get_password_hint()` to bring it inline with core terminology. Fixes #21243. 
git-svn-id: https://develop.svn.wordpress.org/trunk@30033 602fd350-edb4-49c9-b593-d223f7449a82
 2014-10-26 23:29:11 +00:00
Sergey Biryukov 5ab446aab7 Move password hint text to a function. Add 'password_hint' filter. 
props convissor.
fixes #21243.

git-svn-id: https://develop.svn.wordpress.org/trunk@29962 602fd350-edb4-49c9-b593-d223f7449a82
 2014-10-18 20:20:56 +00:00
Helen Hou-Sandi 179f12066d Refresh the post-update login message. 
Just a little older in the soul, like your faithful release lead.

fixes #29388.


git-svn-id: https://develop.svn.wordpress.org/trunk@29644 602fd350-edb4-49c9-b593-d223f7449a82
 2014-08-27 05:31:53 +00:00
Andrew Nacin 9c6f4dd67c Password resets: Use network_site_url() for form actions. 
props mdawaffe.
fixes #29156.


git-svn-id: https://develop.svn.wordpress.org/trunk@29631 602fd350-edb4-49c9-b593-d223f7449a82
 2014-08-26 20:00:07 +00:00
Sergey Biryukov 31105be6c7 Avoid PHP notices in wp-login.php if password reset cookie is not set. 
props mdawaffe.
see #29060.

git-svn-id: https://develop.svn.wordpress.org/trunk@29381 602fd350-edb4-49c9-b593-d223f7449a82
 2014-08-06 02:16:51 +00:00
Andrew Nacin 94c53962b1 Don't pass around the password reset key. 
props mdawaffe.
fixes #29060.


git-svn-id: https://develop.svn.wordpress.org/trunk@29327 602fd350-edb4-49c9-b593-d223f7449a82
 2014-07-29 18:18:58 +00:00
Dominik Schilling (ocean90) ea34a0bdf7 Replace `is_https_url()` with `'https' === parse_url( $url, PHP_URL_SCHEME )`. 
see #28427, #28487.

git-svn-id: https://develop.svn.wordpress.org/trunk@29311 602fd350-edb4-49c9-b593-d223f7449a82
 2014-07-27 17:45:34 +00:00
Sergey Biryukov 98e7bb798c Don't always focus password field on interim login. 
props johnbillion.
fixes #28961.

git-svn-id: https://develop.svn.wordpress.org/trunk@29258 602fd350-edb4-49c9-b593-d223f7449a82
 2014-07-21 16:20:05 +00:00
Drew Jaynes (DrewAPicture) 161266c17d Fix syntax for single- and multi-line comments in root-directory files. 
See #28931.


git-svn-id: https://develop.svn.wordpress.org/trunk@29205 602fd350-edb4-49c9-b593-d223f7449a82
 2014-07-17 09:11:46 +00:00
John Blackbourn 0a4e8b2b7e Implement email and url input types where appropriate. Props Kau-Boy. Fixes #22183. 
git-svn-id: https://develop.svn.wordpress.org/trunk@29030 602fd350-edb4-49c9-b593-d223f7449a82
 2014-07-08 17:51:58 +00:00
Sergey Biryukov 5235448195 Avoid overwriting $error global with an interim variable. 
props MikeLittle.
fixes #28691.

git-svn-id: https://develop.svn.wordpress.org/trunk@28925 602fd350-edb4-49c9-b593-d223f7449a82
 2014-06-30 14:38:21 +00:00
Scott Taylor dcd7ff837d Use the `WPINC` constant when loading `class-phpass.php` 
Props wojtek.szkutnik
See #14157.


git-svn-id: https://develop.svn.wordpress.org/trunk@28903 602fd350-edb4-49c9-b593-d223f7449a82
 2014-06-29 22:11:44 +00:00
John Blackbourn db4da6e488 Remove the WordPress logo from the focusable elements on the install/update screens. Fixes #28674. Props stompweb 
git-svn-id: https://develop.svn.wordpress.org/trunk@28896 602fd350-edb4-49c9-b593-d223f7449a82
 2014-06-29 14:09:39 +00:00
John Blackbourn 15e019d99e Conditionally set the the `secure` flag on the test cookie, post password cookie, settings cookies, and comment author cookies depending on whether the front end and/or admin area are served over `https`. Fixes #28427 
git-svn-id: https://develop.svn.wordpress.org/trunk@28895 602fd350-edb4-49c9-b593-d223f7449a82
 2014-06-29 13:24:55 +00:00
Scott Taylor 84fb91f383 Don't annotate `$wp_error` twice in `login_header()` docs. `$wp_error` is always expected to be of type `WP_Error`. 
Props SergeyBiryukov.
Fixes #28518.


git-svn-id: https://develop.svn.wordpress.org/trunk@28792 602fd350-edb4-49c9-b593-d223f7449a82
 2014-06-20 19:18:25 +00:00
Andrew Nacin 961459ee31 Forcing SSL logins now forces SSL for the entire admin, with no middle ground. 
fixes #10267.


git-svn-id: https://develop.svn.wordpress.org/trunk@28609 602fd350-edb4-49c9-b593-d223f7449a82
 2014-05-29 03:58:41 +00:00
Scott Taylor 451319728b In `wp-login.php`, `break` is unreachable after `exit` 
See #27882.


git-svn-id: https://develop.svn.wordpress.org/trunk@28340 602fd350-edb4-49c9-b593-d223f7449a82
 2014-05-07 03:57:17 +00:00
Drew Jaynes (DrewAPicture) 609cf29058 Clean up duplicate hook notations and adjacency for calls to the `wp_signup_location` filter. 
Also adds braces missed in [25535].

See #26869.


git-svn-id: https://develop.svn.wordpress.org/trunk@28215 602fd350-edb4-49c9-b593-d223f7449a82
 2014-04-25 07:11:32 +00:00
Drew Jaynes (DrewAPicture) 9da8915408 Ensure the `register` filter hook is only documented once. 
See #26869.


git-svn-id: https://develop.svn.wordpress.org/trunk@28208 602fd350-edb4-49c9-b593-d223f7449a82
 2014-04-25 06:23:31 +00:00