* @since 0.71
*
* @param int $user_id User ID
- * @return bool|object False on failure, WP_User object on success
+ * @return WP_User|bool WP_User object on success, false on failure.
*/
function get_userdata( $user_id ) {
return get_user_by( 'id', $user_id );
*
* @param string $field The field to retrieve the user with. id | slug | email | login
* @param int|string $value A value for $field. A user ID, slug, email address, or login name.
- * @return bool|object False on failure, WP_User object on success
+ * @return WP_User|bool WP_User object on success, false on failure.
*/
function get_user_by( $field, $value ) {
$userdata = WP_User::get_data_by( $field, $value );
// Send!
try {
- $phpmailer->Send();
+ return $phpmailer->Send();
} catch ( phpmailerException $e ) {
return false;
}
-
- return true;
}
endif;
*
* @param string $username User's username
* @param string $password User's password
- * @return WP_Error|WP_User WP_User object if login successful, otherwise WP_Error object.
+ * @return WP_User|WP_Error WP_User object if login successful, otherwise WP_Error object.
*/
function wp_authenticate($username, $password) {
$username = sanitize_user($username);
*/
function wp_set_auth_cookie($user_id, $remember = false, $secure = '') {
if ( $remember ) {
- $expiration = $expire = time() + apply_filters('auth_cookie_expiration', 1209600, $user_id, $remember);
+ $expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember);
+ // Ensure the browser will continue to send the cookie after the expiration time is reached.
+ // Needed for the login grace period in wp_validate_auth_cookie().
+ $expire = $expiration + ( 12 * HOUR_IN_SECONDS );
} else {
- $expiration = time() + apply_filters('auth_cookie_expiration', 172800, $user_id, $remember);
+ $expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember);
$expire = 0;
}
}
do_action('check_admin_referer', $action, $result);
return $result;
-}endif;
+}
+endif;
if ( !function_exists('check_ajax_referer') ) :
/**
* @param string $query_arg where to look for nonce in $_REQUEST (since 2.5)
*/
function check_ajax_referer( $action = -1, $query_arg = false, $die = true ) {
- if ( $query_arg )
- $nonce = $_REQUEST[$query_arg];
- else
- $nonce = isset($_REQUEST['_ajax_nonce']) ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
+ $nonce = '';
+
+ if ( $query_arg && isset( $_REQUEST[ $query_arg ] ) )
+ $nonce = $_REQUEST[ $query_arg ];
+ elseif ( isset( $_REQUEST['_ajax_nonce'] ) )
+ $nonce = $_REQUEST['_ajax_nonce'];
+ elseif ( isset( $_REQUEST['_wpnonce'] ) )
+ $nonce = $_REQUEST['_wpnonce'];
$result = wp_verify_nonce( $nonce, $action );
* @since 1.5.1
* @uses apply_filters() Calls 'wp_redirect' hook on $location and $status.
*
- * @param string $location The path to redirect to
- * @param int $status Status code to use
- * @return bool False if $location is not set
+ * @param string $location The path to redirect to.
+ * @param int $status Status code to use.
+ * @return bool False if $location is not provided, true otherwise.
*/
function wp_redirect($location, $status = 302) {
global $is_IIS;
- $location = apply_filters('wp_redirect', $location, $status);
- $status = apply_filters('wp_redirect_status', $status, $location);
+ /**
+ * Filter the redirect location.
+ *
+ * @since 2.1.0
+ *
+ * @param string $location The path to redirect to.
+ * @param int $status Status code to use.
+ */
+ $location = apply_filters( 'wp_redirect', $location, $status );
+
+ /**
+ * Filter the redirect status code.
+ *
+ * @since 2.3.0
+ *
+ * @param int $status Status code to use.
+ * @param string $location The path to redirect to.
+ */
+ $status = apply_filters( 'wp_redirect_status', $status, $location );
- if ( !$location ) // allows the wp_redirect filter to cancel a redirect
+ if ( ! $location )
return false;
$location = wp_sanitize_redirect($location);
status_header($status); // This causes problems on IIS and some FastCGI setups
header("Location: $location", true, $status);
+
+ return true;
}
endif;
* @return string redirect-sanitized URL
**/
function wp_validate_redirect($location, $default = '') {
+ $location = trim( $location );
// browsers will assume 'http' is your protocol, and will obey a redirect to a URL starting with '//'
if ( substr($location, 0, 2) == '//' )
$location = 'http:' . $location;
*/
function wp_notify_postauthor( $comment_id, $comment_type = '' ) {
$comment = get_comment( $comment_id );
+ if ( empty( $comment ) )
+ return false;
+
$post = get_post( $comment->comment_post_ID );
$author = get_userdata( $post->post_author );
if ( $post->post_author == get_current_user_id() )
return false;
+ // The post author is no longer a member of the blog
+ if ( ! user_can( $post->post_author, 'read_post', $post->ID ) )
+ return false;
+
// If there's no email to send the comment to
if ( '' == $author->user_email )
return false;
}
$notify_message .= get_permalink($comment->comment_post_ID) . "#comments\r\n\r\n";
$notify_message .= sprintf( __('Permalink: %s'), get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment_id ) . "\r\n";
- if ( EMPTY_TRASH_DAYS )
- $notify_message .= sprintf( __('Trash it: %s'), admin_url("comment.php?action=trash&c=$comment_id") ) . "\r\n";
- else
- $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=delete&c=$comment_id") ) . "\r\n";
- $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=spam&c=$comment_id") ) . "\r\n";
+
+ if ( user_can( $post->post_author, 'edit_comment', $comment_id ) ) {
+ if ( EMPTY_TRASH_DAYS )
+ $notify_message .= sprintf( __('Trash it: %s'), admin_url("comment.php?action=trash&c=$comment_id") ) . "\r\n";
+ else
+ $notify_message .= sprintf( __('Delete it: %s'), admin_url("comment.php?action=delete&c=$comment_id") ) . "\r\n";
+ $notify_message .= sprintf( __('Spam it: %s'), admin_url("comment.php?action=spam&c=$comment_id") ) . "\r\n";
+ }
$wp_email = 'wordpress@' . preg_replace('#^www\.#', '', strtolower($_SERVER['SERVER_NAME']));
if ( isset($reply_to) )
$message_headers .= $reply_to . "\n";
- $notify_message = apply_filters('comment_notification_text', $notify_message, $comment_id);
- $subject = apply_filters('comment_notification_subject', $subject, $comment_id);
- $message_headers = apply_filters('comment_notification_headers', $message_headers, $comment_id);
+ $emails = array( $author->user_email );
- @wp_mail( $author->user_email, $subject, $notify_message, $message_headers );
+ $emails = apply_filters( 'comment_notification_recipients', $emails, $comment_id );
+ $notify_message = apply_filters( 'comment_notification_text', $notify_message, $comment_id );
+ $subject = apply_filters( 'comment_notification_subject', $subject, $comment_id );
+ $message_headers = apply_filters( 'comment_notification_headers', $message_headers, $comment_id );
+
+ foreach ( $emails as $email ) {
+ @wp_mail( $email, $subject, $notify_message, $message_headers );
+ }
return true;
}
$post = get_post($comment->comment_post_ID);
$user = get_userdata( $post->post_author );
// Send to the administration and to the post author if the author can modify the comment.
- $email_to = array( get_option('admin_email') );
+ $emails = array( get_option('admin_email') );
if ( user_can($user->ID, 'edit_comment', $comment_id) && !empty($user->user_email) && ( get_option('admin_email') != $user->user_email) )
- $email_to[] = $user->user_email;
+ $emails[] = $user->user_email;
$comment_author_domain = @gethostbyaddr($comment->comment_author_IP);
$comments_waiting = $wpdb->get_var("SELECT count(comment_ID) FROM $wpdb->comments WHERE comment_approved = '0'");
$subject = sprintf( __('[%1$s] Please moderate: "%2$s"'), $blogname, $post->post_title );
$message_headers = '';
- $notify_message = apply_filters('comment_moderation_text', $notify_message, $comment_id);
- $subject = apply_filters('comment_moderation_subject', $subject, $comment_id);
- $message_headers = apply_filters('comment_moderation_headers', $message_headers);
+ $emails = apply_filters( 'comment_moderation_recipients', $emails, $comment_id );
+ $notify_message = apply_filters( 'comment_moderation_text', $notify_message, $comment_id );
+ $subject = apply_filters( 'comment_moderation_subject', $subject, $comment_id );
+ $message_headers = apply_filters( 'comment_moderation_headers', $message_headers, $comment_id );
- foreach ( $email_to as $email )
- @wp_mail($email, $subject, $notify_message, $message_headers);
+ foreach ( $emails as $email ) {
+ @wp_mail( $email, $subject, $notify_message, $message_headers );
+ }
return true;
}
function wp_new_user_notification($user_id, $plaintext_pass = '') {
$user = get_userdata( $user_id );
- $user_login = stripslashes($user->user_login);
- $user_email = stripslashes($user->user_email);
-
// The blogname option is escaped with esc_html on the way into the database in sanitize_option
// we want to reverse this for the plain text arena of emails.
$blogname = wp_specialchars_decode(get_option('blogname'), ENT_QUOTES);
$message = sprintf(__('New user registration on your site %s:'), $blogname) . "\r\n\r\n";
- $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
- $message .= sprintf(__('E-mail: %s'), $user_email) . "\r\n";
+ $message .= sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
+ $message .= sprintf(__('E-mail: %s'), $user->user_email) . "\r\n";
@wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
if ( empty($plaintext_pass) )
return;
- $message = sprintf(__('Username: %s'), $user_login) . "\r\n";
+ $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
$message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
$message .= wp_login_url() . "\r\n";
- wp_mail($user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
+ wp_mail($user->user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
}
endif;
$i = wp_nonce_tick();
// Nonce generated 0-12 hours ago
- if ( substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10) == $nonce )
+ if ( substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10) === $nonce )
return 1;
// Nonce generated 12-24 hours ago
- if ( substr(wp_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) == $nonce )
+ if ( substr(wp_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) === $nonce )
return 2;
// Invalid nonce
return false;
$wp_hasher = new PasswordHash(8, true);
}
- return $wp_hasher->HashPassword($password);
+ return $wp_hasher->HashPassword( trim( $password ) );
}
endif;
function wp_set_password( $password, $user_id ) {
global $wpdb;
- $hash = wp_hash_password($password);
+ $hash = wp_hash_password( $password );
$wpdb->update($wpdb->users, array('user_pass' => $hash, 'user_activation_key' => ''), array('ID' => $user_id) );
wp_cache_delete($user_id, 'users');
if ( !empty( $rating ) )
$out .= "&r={$rating}";
+ $out = str_replace( '&', '&', esc_url( $out ) );
$avatar = "<img alt='{$safe_alt}' src='{$out}' class='avatar avatar-{$size} photo' height='{$size}' width='{$size}' />";
} else {
$avatar = "<img alt='{$safe_alt}' src='{$default}' class='avatar avatar-{$size} photo avatar-default' height='{$size}' width='{$size}' />";
$left_lines = explode("\n", $left_string);
$right_lines = explode("\n", $right_string);
-
$text_diff = new Text_Diff($left_lines, $right_lines);
- $renderer = new WP_Text_Diff_Renderer_Table();
+ $renderer = new WP_Text_Diff_Renderer_Table( $args );
$diff = $renderer->render($text_diff);
if ( !$diff )
return '';
$r = "<table class='diff'>\n";
- $r .= "<col class='ltype' /><col class='content' /><col class='ltype' /><col class='content' />";
+
+ if ( ! empty( $args[ 'show_split_view' ] ) ) {
+ $r .= "<col class='content diffsplit left' /><col class='content diffsplit middle' /><col class='content diffsplit right' />";
+ } else {
+ $r .= "<col class='content' />";
+ }
if ( $args['title'] || $args['title_left'] || $args['title_right'] )
$r .= "<thead>";
return $r;
}
endif;
+
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff