Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.
Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().
This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.
props duck_, nacin, mdawaffe.
see #20276.
git-svn-id: https://develop.svn.wordpress.org/trunk@29221 602fd350-edb4-49c9-b593-d223f7449a82
Don't do anything fancy here, just set the 4 returned properties to variables. This function is semi-important.
See #22400.
git-svn-id: https://develop.svn.wordpress.org/trunk@28424 602fd350-edb4-49c9-b593-d223f7449a82
Turn the logic used by wp_get_current_user() into a determine_current_user filter.
props rmccue.
fixes#26706.
git-svn-id: https://develop.svn.wordpress.org/trunk@27484 602fd350-edb4-49c9-b593-d223f7449a82
* `comment_notification_recipients`
* `comment_notification_notify_author`
Also removes some generic `@uses` tags from various related doc blocks.
Props markjaquith.
Fixes#25699.
git-svn-id: https://develop.svn.wordpress.org/trunk@26388 602fd350-edb4-49c9-b593-d223f7449a82
The code was bailing on this-is-a-comment-on-your-own-post detection, ignoring additional recipients. Now:
* Logic check is done within `wp_notify_postauthor()`
* Logic check is overridable via `comment_notification_notify_author` filter (default still false)
* The code doesn't bail on comment-on-own-post detection, but just removes the author from the array
* The code instead now bails if the recipients list is empty, so `comment_notification_recipients` works properly
props ethitter.
fixes#25699
git-svn-id: https://develop.svn.wordpress.org/trunk@26367 602fd350-edb4-49c9-b593-d223f7449a82
* There are several places where a `$_POST` index was unchecked before setting a variable
* In `wp_notify_postauthor()`, `$comment` was being returned null, but its properties were being accessed.
* In `check_ajax_referer()`, 3 different values can be checked for nonce on `$_REQUEST`, but only 1 had an `isset()`
See #25282.
git-svn-id: https://develop.svn.wordpress.org/trunk@25433 602fd350-edb4-49c9-b593-d223f7449a82
The new filters are called comment_notification_recipients and comment_moderation_recipients.
Add the context of $comment_id to the comment_moderation_headers filter, to match the comment_notification_headers filter.
props chipbennett.
fixes#22922, #20353.
git-svn-id: https://develop.svn.wordpress.org/trunk@25104 602fd350-edb4-49c9-b593-d223f7449a82
* All WordPress files move to a src/ directory.
* New task runner (Grunt), configured to copy a built WordPress to build/.
* svn:ignore and .gitignore for Gruntfile.js, wp-config.php, and node.js.
* Remove Akismet external from develop.svn. Still exists in core.svn.
* Drop minified files from src/. The build process will now generate these.
props koop.
see #24976.
and see http://wp.me/p2AvED-1AI.
git-svn-id: https://develop.svn.wordpress.org/trunk@25001 602fd350-edb4-49c9-b593-d223f7449a82
