Commit Graph

285 Commits

Author SHA1 Message Date
Andrew Nacin
b4fa70c19c Add nonce_user_logged_out filters to wp_create_nonce() and wp_verify_nonce() for when there is no user ID. Provides plugins the ability to tie a nonce to some other characteristic of the session. props sc0ttkclark, fixes #21111.
git-svn-id: https://develop.svn.wordpress.org/trunk@21837 602fd350-edb4-49c9-b593-d223f7449a82
2012-09-13 17:17:47 +00:00
Peter Westwood
da2f11a8b8 Make sure that we always generate random numbers correctly even if the PHP build is slightly broken and truncates large integers.
Fixes #19571 props mdawaffe.


git-svn-id: https://develop.svn.wordpress.org/trunk@21685 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-31 09:45:50 +00:00
Ryan Boren
92ea34f6a2 Use set_url_scheme(). Props johnbillion, MarcusPope. see #19037 #20759
git-svn-id: https://develop.svn.wordpress.org/trunk@21664 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-30 13:33:00 +00:00
Andrew Nacin
d41d58d128 Move the optimization done to get_user_by() in [21376] higher up the stack, into map_meta_cap() and is_super_admin().
This provides nearly the same benefits without possibly receiving a stale object from get_userdata(),
which could affect authentication, and introduce side effects for plugins.

see #21120.



git-svn-id: https://develop.svn.wordpress.org/trunk@21563 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-20 21:58:34 +00:00
Andrew Nacin
a5c7405975 Move most instances of new WP_User to get_userdata(). see #21120.
git-svn-id: https://develop.svn.wordpress.org/trunk@21413 602fd350-edb4-49c9-b593-d223f7449a82
2012-08-03 01:06:05 +00:00
Andrew Nacin
2c058d3b3a Optimize get_user_by( 'id', $id ) to return wp_get_current_user() when the current user ID is requested.
Provides for a major performance improvement by preventing repeated instantiations of WP_User in the capabilities API.

see #21120.



git-svn-id: https://develop.svn.wordpress.org/trunk@21376 602fd350-edb4-49c9-b593-d223f7449a82
2012-07-31 17:45:38 +00:00
Andrew Nacin
c4f902f4c0 Remove $wp_secret_key_default.
With the duplicate key checks, this is isn't necessary. It could also cause problems when you
temporarily update to an English translation of a new version before going back to the locale.

see #19599.



git-svn-id: https://develop.svn.wordpress.org/trunk@20691 602fd350-edb4-49c9-b593-d223f7449a82
2012-05-02 19:29:39 +00:00
Jon Cave
5b863a766b Add missing "?" to gravatar_default URL in get_avatar() to set size parameter correctly. Fixes #20512.
git-svn-id: https://develop.svn.wordpress.org/trunk@20563 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-22 11:45:31 +00:00
Jon Cave
c3a7874f33 Don't override the $current_user global in get_currentuserinfo() on an XML-RPC request
if it's non-empty. Fixes capabilities checks for XML-RPC requests. See #20372.


git-svn-id: https://develop.svn.wordpress.org/trunk@20424 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-10 16:19:53 +00:00
Ryan Boren
781f632a82 When fetching the user in get_currentuserinfo(), make sure it is a valid WP_User object. If it is stdClass, upgrade it to WP_User. If it is WP_Error, an int, or anything else, set the current user to ID 0.
In wp_set_current_user(), return the current user global only if it is a WP_User object. If it is not, fall through and go about setting it up properly.

Formatting cleanups for both functions.

see #20372


git-svn-id: https://develop.svn.wordpress.org/trunk@20410 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-09 22:01:07 +00:00
Andrew Nacin
0a352eed01 wp_set_current_user(0) for XMLRPC_REQUEST in get_currentuserinfo(). Ensures that wp_get_current_user() always returns a WP_User object. see #20372.
git-svn-id: https://develop.svn.wordpress.org/trunk@20402 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-08 01:06:44 +00:00
Ryan Boren
6f9ceb2326 Introduce WP_User::exists(). see #20372
git-svn-id: https://develop.svn.wordpress.org/trunk@20378 602fd350-edb4-49c9-b593-d223f7449a82
2012-04-06 19:18:45 +00:00
Andrew Nacin
555970c950 Internally cache return values of wp_salt(). Always run the filter. Big performance gains on a pageload that generates hundreds of nonces. see #19599.
git-svn-id: https://develop.svn.wordpress.org/trunk@20135 602fd350-edb4-49c9-b593-d223f7449a82
2012-03-07 03:41:56 +00:00
Ryan Boren
021c55798e Split the main WP_Query posts query into two queries to avoid temp tables. Leverage cache to avoid second query in persistent cache environments. Props scribu, cheald, prettyboymp. see #18536
git-svn-id: https://develop.svn.wordpress.org/trunk@19918 602fd350-edb4-49c9-b593-d223f7449a82
2012-02-14 15:09:35 +00:00
Andrew Nacin
25eac276df Re-purpose wp_die() for ajax responses.
* Allows unit testing of core ajax actions.
 * wp_die() now has separate filters to choose a handler depending on the context (ajax, XML-RPC, else).
 * wp_die) in ajax context does not need to be called with a string. Conversion takes place before die().
props kurtpayne, see #15327.



git-svn-id: https://develop.svn.wordpress.org/trunk@19801 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-31 22:12:58 +00:00
Andrew Nacin
30889de384 Provide a DB fallback for keys in wp_salt(). Fall back when any secret is used more than once. Change how we detect a localized 'put your unique phrase here' -- eliminate $wp_default_secret_key and introduce $wp_secret_key_default to be added during the localized build process, not by translators. fixes #19599.
git-svn-id: https://develop.svn.wordpress.org/trunk@19771 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-27 18:52:20 +00:00
Jon Cave
156048ca52 split was deprecated in PHP 5.3.0, so use explode instead. Props garyc40. Fixes #16325.
git-svn-id: https://develop.svn.wordpress.org/trunk@19726 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-09 21:20:51 +00:00
Ryan Boren
55d6e7e261 Update wp_salt() phpdoc. fixes #18696
git-svn-id: https://develop.svn.wordpress.org/trunk@19725 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-09 20:52:08 +00:00
Ryan Boren
a8d77cbae9 User lowercase true, false, null instead of uppercase. Props c3mdigital, mfields. fixes #16302
git-svn-id: https://develop.svn.wordpress.org/trunk@19687 602fd350-edb4-49c9-b593-d223f7449a82
2012-01-05 20:50:54 +00:00
Andrew Nacin
242f736374 s/is/if/. props ocean90.
git-svn-id: https://develop.svn.wordpress.org/trunk@19616 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-20 22:06:34 +00:00
Andrew Nacin
483f3fd886 Gravatar emails should be trimmed before being lowered and hashed. props evansolomon. fixes #19614.
git-svn-id: https://develop.svn.wordpress.org/trunk@19614 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-20 22:00:44 +00:00
Ryan Boren
676ba7043e Use one space, not two, after trailing punctuation. fixes #19537
git-svn-id: https://develop.svn.wordpress.org/trunk@19593 602fd350-edb4-49c9-b593-d223f7449a82
2011-12-13 23:45:31 +00:00
Jon Cave
939b085f54 Correct @param text ordering to put "Optional." in description, see r19019 and #18958. Also remove empty docblock tag.
git-svn-id: https://develop.svn.wordpress.org/trunk@19030 602fd350-edb4-49c9-b593-d223f7449a82
2011-10-20 15:53:57 +00:00
Peter Westwood
d01e2af94b Improve the parsing of email addresses in wp_mail to re-support RFC2822 nameless "<address@tld.com>" style. Fixes #18463 props kitchin and SergeyBiryukov.
git-svn-id: https://develop.svn.wordpress.org/trunk@18717 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-19 14:30:50 +00:00
Jon Cave
82c0f09c09 Fix typos in documentation (wp-includes/[i-z]). See #18560.
git-svn-id: https://develop.svn.wordpress.org/trunk@18639 602fd350-edb4-49c9-b593-d223f7449a82
2011-09-05 19:08:15 +00:00
Ryan Boren
1d3e616495 Introduce metadata_exists(), WP_User::get_data_by(), WP_User::get(), WP_User::has_prop(). Don't fill user objects with meta. Eliminate data duplication in cache and memory. Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18597 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-24 19:32:59 +00:00
Dion Hulse
395a623c52 Harden up is_user_logged_in() against empty $current_user instances to prevent PHP Notices on XML-RPC requests. Fixes #18458
git-svn-id: https://develop.svn.wordpress.org/trunk@18558 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-17 08:51:36 +00:00
Ryan Boren
eda7d43e85 Deprecate get_userdatabylogin() and get_user_by_email(). Props scribu. fixes #18333
git-svn-id: https://develop.svn.wordpress.org/trunk@18513 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-05 16:57:31 +00:00
Ryan Boren
8eea785bcb Add magic get/set/isset methods to WP_User to avoid data duplication. Standardize on WP_User::ID. Props scribu. see #15458
git-svn-id: https://develop.svn.wordpress.org/trunk@18504 602fd350-edb4-49c9-b593-d223f7449a82
2011-08-04 03:09:27 +00:00
Mark Jaquith
46a87bd9fa Throw _doing_it_wrong() when nonce action not passed to check_admin_referer(). props duck_. see #16449
git-svn-id: https://develop.svn.wordpress.org/trunk@18195 602fd350-edb4-49c9-b593-d223f7449a82
2011-06-08 16:56:26 +00:00
Peter Westwood
526f6fe677 Update wp_mail to correctly call the Address adding functions on PHPMailer for To, CC, BCC in a way which preserves our support for full RFC2822 address specifications.
Older versions of PHPMailer were not too careful about validating what we passed in to them as a plain email address - the new version expects we pass in the Name and Email address seperately.
Fixes #17305 based on a patch from dllh.

git-svn-id: https://develop.svn.wordpress.org/trunk@18006 602fd350-edb4-49c9-b593-d223f7449a82
2011-05-23 11:14:05 +00:00
Ryan Boren
dbf64808b9 Use exceptions with phpmailer to avoid headers already sent errors. fixes #17228
git-svn-id: https://develop.svn.wordpress.org/trunk@17753 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-28 18:16:01 +00:00
Ryan Boren
71eeebc9bc Remove setcookie() back compat. Props hakre. see#16920
git-svn-id: https://develop.svn.wordpress.org/trunk@17612 602fd350-edb4-49c9-b593-d223f7449a82
2011-04-06 17:07:59 +00:00
Mark Jaquith
04ab78140f Improvement to check_admin_referer() when called without first argument (PLUGIN AUTHORS: STOP DOING THAT). props indie-ulf. fixes #16449 for trunk
git-svn-id: https://develop.svn.wordpress.org/trunk@17385 602fd350-edb4-49c9-b593-d223f7449a82
2011-02-03 20:42:00 +00:00
Ryan Boren
9908d4ae83 Add some cookie filters to allow plugins more control over SSL cookie delivery. see #15330
git-svn-id: https://develop.svn.wordpress.org/trunk@17227 602fd350-edb4-49c9-b593-d223f7449a82
2011-01-06 04:08:23 +00:00
Dion Hulse
01a2da49e1 Restore pre-3.1 "Status:" header handling for IIS in wp_redirect. Revist in 3.2 to see if it's still required. Fixes #10187
git-svn-id: https://develop.svn.wordpress.org/trunk@16907 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-14 10:15:31 +00:00
Andrew Nacin
108e48f206 Remove unnecessary space. props demetris, JohnPBloch. fixes #12797.
git-svn-id: https://develop.svn.wordpress.org/trunk@16760 602fd350-edb4-49c9-b593-d223f7449a82
2010-12-06 22:56:47 +00:00
Andrew Nacin
3b115a7ec5 Fix arin whois link. props ozh. @todo consider its removal. see #15281.
git-svn-id: https://develop.svn.wordpress.org/trunk@16411 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-17 00:54:22 +00:00
Andrew Nacin
200eefec46 Use square brackets instead of braces for string access. props hakre, fixes #13900.
git-svn-id: https://develop.svn.wordpress.org/trunk@16340 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-13 09:53:55 +00:00
Andrew Nacin
57ad813bf4 Don't notify the author when they posted or moderated the comment. fixes #12774.
git-svn-id: https://develop.svn.wordpress.org/trunk@16304 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-11 16:28:49 +00:00
Ryan Boren
56a6f6f060 Send moderation emails to post author. see #6286
git-svn-id: https://develop.svn.wordpress.org/trunk@16223 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-06 15:20:50 +00:00
Ryan Boren
20131f4e62 Don't fire wp_notify_postauthor() when the author moderated the comment. Props mrmist. fixes #12774
git-svn-id: https://develop.svn.wordpress.org/trunk@16208 602fd350-edb4-49c9-b593-d223f7449a82
2010-11-05 15:36:04 +00:00
Ryan Boren
9ee8b20f30 First pass of user admin. Network admin and screen cleanups. see #14696
git-svn-id: https://develop.svn.wordpress.org/trunk@15746 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-07 19:34:18 +00:00
Dion Hulse
f96d26ff97 Retire IIS 3,4,5 Set-Cookie redirection workaround. See [2436] for original implementation. See #10187
git-svn-id: https://develop.svn.wordpress.org/trunk@15682 602fd350-edb4-49c9-b593-d223f7449a82
2010-10-02 04:02:24 +00:00
Ryan Boren
98e7f76197 Link directly to comment in email notification. Props lancewillett. fixes #12797
git-svn-id: https://develop.svn.wordpress.org/trunk@15553 602fd350-edb4-49c9-b593-d223f7449a82
2010-08-31 18:24:41 +00:00
Ryan Boren
e8b955bd48 Typo fix. Props pedger, mattsains. fixes #13740
git-svn-id: https://develop.svn.wordpress.org/trunk@15149 602fd350-edb4-49c9-b593-d223f7449a82
2010-06-06 14:44:48 +00:00
Ryan Boren
aec821c651 Strip trailing whitespace
git-svn-id: https://develop.svn.wordpress.org/trunk@14924 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-26 02:42:15 +00:00
Ryan Boren
e939bd4e55 Email messages should be plain text. Props arena. see #13488
git-svn-id: https://develop.svn.wordpress.org/trunk@14803 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-22 13:48:38 +00:00
Andrew Nacin
3dd5d1edd4 False alarm, something else is going on here. Revert [14780], restore [14695]. see #13317.
git-svn-id: https://develop.svn.wordpress.org/trunk@14781 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-21 15:08:07 +00:00
Andrew Nacin
b5ce43f348 Revert [14695]. We need to be a bit less strict. see #13317.
git-svn-id: https://develop.svn.wordpress.org/trunk@14780 602fd350-edb4-49c9-b593-d223f7449a82
2010-05-21 15:03:54 +00:00