*/
function wp_signon( $credentials = array(), $secure_cookie = '' ) {
if ( empty($credentials) ) {
+ $credentials = array(); // Back-compat for plugins passing an empty string.
+
if ( ! empty($_POST['log']) )
$credentials['user_login'] = $_POST['log'];
if ( ! empty($_POST['pwd']) )
$secure_cookie = is_ssl();
/**
- * Filter whether to use a secure sign-on cookie.
+ * Filters whether to use a secure sign-on cookie.
*
* @since 3.1.0
*
}
/**
- * Filter whether the given user can be authenticated with the provided $password.
+ * Filters whether the given user can be authenticated with the provided $password.
*
* @since 2.5.0
*
function wp_authenticate_spam_check( $user ) {
if ( $user instanceof WP_User && is_multisite() ) {
/**
- * Filter whether the user has been marked as a spammer.
+ * Filters whether the user has been marked as a spammer.
*
* @since 3.7.0
*
* @param bool $spammed Whether the user is considered a spammer.
* @param WP_User $user User to check against.
*/
- $spammed = apply_filters( 'check_is_user_spammed', is_user_spammy(), $user );
+ $spammed = apply_filters( 'check_is_user_spammed', is_user_spammy( $user ), $user );
if ( $spammed )
return new WP_Error( 'spammer_account', __( '<strong>ERROR</strong>: Your account has been marked as a spammer.' ) );
}
/**
- * Validate the logged-in cookie.
+ * Validates the logged-in cookie.
*
* Checks the logged-in cookie if the previous auth cookie could not be
* validated and parsed.
*
- * This is a callback for the determine_current_user filter, rather than API.
+ * This is a callback for the {@see 'determine_current_user'} filter, rather than API.
*
* @since 3.9.0
*
$count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->posts $where" );
/**
- * Filter the number of posts a user has written.
+ * Filters the number of posts a user has written.
*
* @since 2.7.0
* @since 4.1.0 Added `$post_type` argument.
global $wpdb;
if ( !empty( $deprecated ) )
- _deprecated_argument( __FUNCTION__, '3.0' );
+ _deprecated_argument( __FUNCTION__, '3.0.0' );
if ( empty( $user ) )
$user = get_current_user_id();
$result = false;
/**
- * Filter a specific user option value.
+ * Filters a specific user option value.
*
* The dynamic portion of the hook name, `$option`, refers to the user option name.
*
*
* @see WP_User_Query
*
- * @param array $args Optional. Arguments to retrieve users. See {@see WP_User_Query::prepare_query()}
+ * @param array $args Optional. Arguments to retrieve users. See WP_User_Query::prepare_query().
* for more information on accepted arguments.
* @return array List of users.
*/
if ( empty( $user_id ) )
return array();
+ /**
+ * Filters the list of a user's sites before it is populated.
+ *
+ * Passing a non-null value to the filter will effectively short circuit
+ * get_blogs_of_user(), returning that value instead.
+ *
+ * @since 4.6.0
+ *
+ * @param null|array $blogs An array of WP_Site objects of which the user is a member.
+ * @param int $user_id User ID.
+ * @param bool $all Whether the returned array should contain all sites, including
+ * those marked 'deleted', 'archived', or 'spam'. Default false.
+ */
+ $blogs = apply_filters( 'pre_get_blogs_of_user', null, $user_id, $all );
+
+ if ( null !== $blogs ) {
+ return $blogs;
+ }
+
$keys = get_user_meta( $user_id );
if ( empty( $keys ) )
return array();
}
/**
- * Filter the list of blogs a user belongs to.
+ * Filters the list of blogs a user belongs to.
*
* @since MU
*
*
* @param array|string $args {
* Optional. Array or string of arguments to generate a drop-down of users.
- * {@see WP_User_Query::prepare_query() for additional available arguments.
+ * See WP_User_Query::prepare_query() for additional available arguments.
*
* @type string $show_option_all Text to show as the drop-down default (all).
* Default empty.
$option_none_value = $r['option_none_value'];
/**
- * Filter the query arguments for the user drop-down.
+ * Filters the query arguments for the user drop-down.
*
* @since 4.4.0
*
}
/**
- * Filter the wp_dropdown_users() HTML output.
+ * Filters the wp_dropdown_users() HTML output.
*
* @since 2.3.0
*
} else {
/**
- * Filter a user field value in the 'edit' context.
+ * Filters a user field value in the 'edit' context.
*
* The dynamic portion of the hook name, `$field`, refers to the prefixed user
* field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
} else {
/**
- * Filter the value of a user field in the 'db' context.
+ * Filters the value of a user field in the 'db' context.
*
* The dynamic portion of the hook name, `$field`, refers to the prefixed user
* field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
} else {
/**
- * Filter the value of a user field in a standard context.
+ * Filters the value of a user field in a standard context.
*
* The dynamic portion of the hook name, `$field`, refers to the prefixed user
* field being filtered, such as 'user_login', 'user_email', 'first_name', etc.
$valid = ( $sanitized == $username && ! empty( $sanitized ) );
/**
- * Filter whether the provided username is valid or not.
+ * Filters whether the provided username is valid or not.
*
* @since 2.0.1
*
$sanitized_user_login = sanitize_user( $userdata['user_login'], true );
/**
- * Filter a username after it has been sanitized.
+ * Filters a username after it has been sanitized.
*
* This filter is called before the user is created or updated.
*
}
/**
- * Filter the list of blacklisted usernames.
+ * Filters the list of blacklisted usernames.
*
* @since 4.4.0
*
$meta = array();
/**
- * Filter a user's nicename before the user is created or updated.
+ * Filters a user's nicename before the user is created or updated.
*
* @since 2.0.3
*
$raw_user_url = empty( $userdata['user_url'] ) ? '' : $userdata['user_url'];
/**
- * Filter a user's URL before the user is created or updated.
+ * Filters a user's URL before the user is created or updated.
*
* @since 2.0.3
*
$raw_user_email = empty( $userdata['user_email'] ) ? '' : $userdata['user_email'];
/**
- * Filter a user's email before the user is created or updated.
+ * Filters a user's email before the user is created or updated.
*
* @since 2.0.3
*
$nickname = empty( $userdata['nickname'] ) ? $user_login : $userdata['nickname'];
/**
- * Filter a user's nickname before the user is created or updated.
+ * Filters a user's nickname before the user is created or updated.
*
* @since 2.0.3
*
$first_name = empty( $userdata['first_name'] ) ? '' : $userdata['first_name'];
/**
- * Filter a user's first name before the user is created or updated.
+ * Filters a user's first name before the user is created or updated.
*
* @since 2.0.3
*
$last_name = empty( $userdata['last_name'] ) ? '' : $userdata['last_name'];
/**
- * Filter a user's last name before the user is created or updated.
+ * Filters a user's last name before the user is created or updated.
*
* @since 2.0.3
*
}
/**
- * Filter a user's display name before the user is created or updated.
+ * Filters a user's display name before the user is created or updated.
*
* @since 2.0.3
*
$description = empty( $userdata['description'] ) ? '' : $userdata['description'];
/**
- * Filter a user's description before the user is created or updated.
+ * Filters a user's description before the user is created or updated.
*
* @since 2.0.3
*
$user = new WP_User( $user_id );
/**
- * Filter a user's meta values and keys before the user is created or updated.
+ * Filters a user's meta values and keys before the user is created or updated.
*
* Does not include contact methods. These are added using `wp_get_user_contact_methods( $user )`.
*
$userdata['user_pass'] = wp_hash_password( $userdata['user_pass'] );
/**
- * Filter whether to send the password change email.
+ * Filters whether to send the password change email.
*
* @since 4.3.0
*
if ( isset( $userdata['user_email'] ) && $user['user_email'] !== $userdata['user_email'] ) {
/**
- * Filter whether to send the email change email.
+ * Filters whether to send the email change email.
*
* @since 4.3.0
*
);
/**
- * Filter the contents of the email sent when the user's password is changed.
+ * Filters the contents of the email sent when the user's password is changed.
*
* @since 4.3.0
*
);
/**
- * Filter the contents of the email sent when the user's email is changed.
+ * Filters the contents of the email sent when the user's email is changed.
*
* @since 4.3.0
*
* A simpler way of inserting a user into the database.
*
* Creates a new user with just the username, password, and email. For more
- * complex user creation use {@see wp_insert_user()} to specify more information.
+ * complex user creation use wp_insert_user() to specify more information.
*
* @since 2.0.0
* @see wp_insert_user() More complete way to create a new user
}
/**
- * Filter the user contact methods.
+ * Filters the user contact methods.
*
* @since 2.9.0
*
$hint = __( 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' );
/**
- * Filter the text describing the site's password complexity policy.
+ * Filters the text describing the site's password complexity policy.
*
* @since 4.1.0
*
/**
* Fires before a new password is retrieved.
*
+ * Use the {@see 'retrieve_password'} hook instead.
+ *
* @since 1.5.0
* @deprecated 1.5.1 Misspelled. Use 'retrieve_password' hook instead.
*
*/
do_action( 'retrieve_password', $user->user_login );
+ $allow = true;
+ if ( is_multisite() && is_user_spammy( $user ) ) {
+ $allow = false;
+ }
+
/**
- * Filter whether to allow a password to be reset.
+ * Filters whether to allow a password to be reset.
*
* @since 2.7.0
*
* @param bool $allow Whether to allow the password to be reset. Default true.
* @param int $user_data->ID The ID of the user attempting to reset a password.
*/
- $allow = apply_filters( 'allow_password_reset', true, $user->ID );
+ $allow = apply_filters( 'allow_password_reset', $allow, $user->ID );
if ( ! $allow ) {
return new WP_Error( 'no_password_reset', __( 'Password reset is not allowed for this user' ) );
}
/**
- * Filter the expiration time of password reset keys.
+ * Filters the expiration time of password reset keys.
*
* @since 4.3.0
*
$user_id = $row->ID;
/**
- * Filter the return value of check_password_reset_key() when an
+ * Filters the return value of check_password_reset_key() when an
* old-style key is used.
*
* @since 3.7.0 Previously plain-text keys were stored in the database.
$sanitized_user_login = sanitize_user( $user_login );
/**
- * Filter the email address of a user being registered.
+ * Filters the email address of a user being registered.
*
* @since 2.1.0
*
do_action( 'register_post', $sanitized_user_login, $user_email, $errors );
/**
- * Filter the errors encountered when a new user is being registered.
+ * Filters the errors encountered when a new user is being registered.
*
* The filtered WP_Error object may, for example, contain errors for an invalid
* or existing username or email address. A WP_Error object should always returned,
}
/**
- * Initiate email notifications related to the creation of new users.
+ * Initiates email notifications related to the creation of new users.
*
* Notifications are sent both to the site admin and to the newly created user.
*
* @since 4.4.0
+ * @since 4.6.0 Converted the `$notify` parameter to accept 'user' for sending
+ * notifications only to the user created.
*
* @param int $user_id ID of the newly created user.
- * @param string $notify Optional. Type of notification that should happen. Accepts 'admin' or an empty string
- * (admin only), or 'both' (admin and user). Default 'both'.
+ * @param string $notify Optional. Type of notification that should happen. Accepts 'admin'
+ * or an empty string (admin only), 'user', or 'both' (admin and user).
+ * Default 'both'.
*/
function wp_send_new_user_notifications( $user_id, $notify = 'both' ) {
wp_new_user_notification( $user_id, null, $notify );
}
/**
- * Filter the current user.
+ * Filters the current user.
*
* The default filters use this to determine the current user from the
* request's cookies, if available.