Commit Graph

9 Commits

Author SHA1 Message Date
Ryan Boren f32bc0c541 Fire wp_auth_check_load() from admin_enqueue_scripts instead of admin_init so that it can access the current screen object.
Black list the update and upgrade screens.

Allow plugins to white/black list screens via the wp_auth_check_load filter.

Props nacin

see #23295


git-svn-id: https://develop.svn.wordpress.org/trunk@24738 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-18 19:06:35 +00:00
Andrew Ozz 1989f70fd1 Logged out warnings:
- Replace the Close button with an always visible "X" icon in the top/right corner.
- Check if the user is still logged in every 3 min. by default.
- Add 'wp_auth_check_interval' filter so the interval can be set from PHP.
See #23295.

git-svn-id: https://develop.svn.wordpress.org/trunk@24695 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-12 23:32:32 +00:00
Andrew Ozz 12c0ce7913 Logged out warnings:
- Close the iframe immediately on successful login.
- Catch iframe origin exceptions in WebKit when there is a server error or another page is loaded in the iframe.
See #23295.

git-svn-id: https://develop.svn.wordpress.org/trunk@24655 602fd350-edb4-49c9-b593-d223f7449a82
2013-07-11 00:44:37 +00:00
Andrew Ozz 1819e0f2c2 Nonce refresh:
- Update the heartbeat nonce when refreshing nonces on the Edit Post screen.
- After a user logs in from the auth-check dialog, speed up heatrbeat to check/refresh nonces on the Edit Post screen.
- Speeding up heartbeat: bring back the setting how long it should last (how many ticks).
- Add 'heartbeat-nonces-expired' jQuery event when nonces have expired and the user is logged in.
See #23295, see #23216.

git-svn-id: https://develop.svn.wordpress.org/trunk@24528 602fd350-edb4-49c9-b593-d223f7449a82
2013-06-29 01:31:44 +00:00
Andrew Ozz e4f73af495 Separate the nonces update from checking the post lock. Fix scheduling the logged out check. See #23697, see #23295.
git-svn-id: https://develop.svn.wordpress.org/trunk@24273 602fd350-edb4-49c9-b593-d223f7449a82
2013-05-16 03:47:09 +00:00
Andrew Ozz 16f9ab52d5 Logged out warnings: by default run the logged-out check every 3 min. Tag along if something else is using heartbeat. See #23295
git-svn-id: https://develop.svn.wordpress.org/trunk@24271 602fd350-edb4-49c9-b593-d223f7449a82
2013-05-16 01:50:43 +00:00
Andrew Ozz db72372fcc Logged out warnings:
- Don't use <base> tag to set target="_blank". It can break form submission. Instead, set target only on links with JS.
- Fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN == true.
- Properly show/hide the "Close" button when the dialog is shown multiple times.
See #23295

git-svn-id: https://develop.svn.wordpress.org/trunk@24208 602fd350-edb4-49c9-b593-d223f7449a82
2013-05-08 22:45:58 +00:00
Andrew Ozz 9a9d5861cf Logged out warnings:
- Don't remove login error messages coming from wp_signon().
- When the login form is shown in iframe, open all links in a new tab/window.
- Add filter for the login form error message.
See #23295

git-svn-id: https://develop.svn.wordpress.org/trunk@24179 602fd350-edb4-49c9-b593-d223f7449a82
2013-05-06 21:35:50 +00:00
Andrew Ozz 45f54b41d8 Logged out warnings: add fallback text dialog for:
- The login page has "X-Frame-Options: DENY" header.
- Cross-domain when displaying on the front-end on multisite with domain mapping.
- The site forces ssl login but not ssl admin.

Add onbeforeunload prompt to counter (frame-busting) JS redirects. Move the JS and CSS into separate files. See #23295.

git-svn-id: https://develop.svn.wordpress.org/trunk@23805 602fd350-edb4-49c9-b593-d223f7449a82
2013-03-27 08:43:11 +00:00