Also, remove from `edit-form-comment.php` and add a new filter: `edit_comment_misc_actions`.
Props ozh, joedolson, rachelbaker.
Fixes#15281.
git-svn-id: https://develop.svn.wordpress.org/trunk@32929 602fd350-edb4-49c9-b593-d223f7449a82
`$initial` shouldn't be loosely compared to `true` in `get_calendar()`.
`current_user_can()` shouldn't be loosely compared to `false` in `kses_init()`
`$get_all` shouldn't be loosely compared to `true` in `get_blog_details()`.
`is_array()` and `in_array()` shouldn't be loosely compared in `wpmu_validate_user_signup()`.
`$result` should by strictly compared in `check_ajax_referer()`.
`wp_verify_nonce()` should by strictly compared in `_show_post_preview()`.
`is_user_logged_in()` should not be loosly compared against `false` in `wp-signup.php`.
See #32444.
git-svn-id: https://develop.svn.wordpress.org/trunk@32733 602fd350-edb4-49c9-b593-d223f7449a82
Correct some `@return` values.
`is_user_logged_in()` can simply return the `->exists()` call instead of if/else'ing true/false.
See #32444.
git-svn-id: https://develop.svn.wordpress.org/trunk@32614 602fd350-edb4-49c9-b593-d223f7449a82
When an incomplete header is provided (eg, 'From' with an email address but no
name), ensure that the WP defaults are filled in properly.
Props valendesigns.
Fixes#30266.
git-svn-id: https://develop.svn.wordpress.org/trunk@32070 602fd350-edb4-49c9-b593-d223f7449a82
While RFC 3986 does not specify which character sets are allowed in URIs, Section 2.5 states that octects matching UTF-8 character encoding should be percent-encoded, then unreserved octets outside of the UTF-8 range should be percent-encoded. As browsers tend to only implement support for UTF-8 in URLs, this change only implements the UTF-8 encoding part. We may revisit the second part if it becomes an issue.
Fixes#31486
git-svn-id: https://develop.svn.wordpress.org/trunk@31587 602fd350-edb4-49c9-b593-d223f7449a82
Also update and clarify docsfor the `check_admin_referer` and `check_ajax_referer` hooks.
Props johnbillion, DrewAPicture.
Fixes#31055.
git-svn-id: https://develop.svn.wordpress.org/trunk@31381 602fd350-edb4-49c9-b593-d223f7449a82
In PHP 5.3.0, `is_a()` is no longer deprecated, and will therefore no longer throw `E_STRICT` warnings.
To avoid warnings in PHP < 5.3.0, convert all `is_a()` calls to `$var instanceof WP_Class` calls.
`instanceof` does not throw any error if the variable being tested is not an object, it simply returns `false`.
Props markoheijnen, wonderboymusic.
Fixes#25672.
git-svn-id: https://develop.svn.wordpress.org/trunk@31188 602fd350-edb4-49c9-b593-d223f7449a82
Unlike `get_avatar()`, `get_avatar_url()` is not pluggable. It can be extended/or modified through the new filters included.
Fixes#21195.
Props mdawaffe, pento, pathawks, DrewAPicture
git-svn-id: https://develop.svn.wordpress.org/trunk@31107 602fd350-edb4-49c9-b593-d223f7449a82
Affects DocBlocks for the following core elements:
* Markdown-indent a code snippet in the description for `wp_salt()`
* Backtick-escape inline code in the return description for `get_avatar()`
* Various markdown formatting in the description for `add_filter()`
* Markdown-indent a code snippet in the description for `apply_filters()`
* Backtick-escape inline code in the `@see` description for `apply_filters_ref_array()`
* Backtick-escape inline code in the description for `do_action()`
* Backtick-escape variables in the parameter and return descriptions for `do_action_ref_array()`
* Various markdown formatting in the description for `get_plugin_data()`
Props rarst.
See #30473.
git-svn-id: https://develop.svn.wordpress.org/trunk@30544 602fd350-edb4-49c9-b593-d223f7449a82
Per our inline documentation standards, no further use of the `@uses` tag is recommended as used and used-by relationships can be derived through other means. This removes most uses of the tag in core documentation, with remaining tags to be converted to `@global` or `@see` as they apply.
Fixes#30191.
git-svn-id: https://develop.svn.wordpress.org/trunk@30105 602fd350-edb4-49c9-b593-d223f7449a82
Introduces a new get( $token ) method. get_token() would not have made sense and spurred the overall renaming. Public methods are now get, get_all, verify, create, update, destroy, destroy_others, and destroy_all.
The protected abstract methods designed for alternative implementations remain the same.
props mdawaffe.
see #20276.
git-svn-id: https://develop.svn.wordpress.org/trunk@29635 602fd350-edb4-49c9-b593-d223f7449a82
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.
Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().
This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.
props duck_, nacin, mdawaffe.
see #20276.
git-svn-id: https://develop.svn.wordpress.org/trunk@29221 602fd350-edb4-49c9-b593-d223f7449a82
