This corrects the placement of double quotes around the query and makes sure the alignment is consistent.
Props umeshmcakadi, mukesh27, krupalpanchal, dhrumilk, SergeyBiryukov.
Fixes#58372.
git-svn-id: https://develop.svn.wordpress.org/trunk@55857 602fd350-edb4-49c9-b593-d223f7449a82
In [36566] a framework to lazily load metadata was introduced. This supported term and comment meta by default. In this commit, extends support for site ( blog ) meta. Site meta is not heavily used by core and is used by developers to extend multisite. In this change, `_prime_site_caches` and `WP_Site_Query` now call the new function `wp_lazyload_site_meta`. The function `wp_lazyload_site_meta` accepts an array of ids and adds them to the queue of metadata to be lazily loaded. The function `get_blogs_of_user` was updated to now lazily load site meta.
Follow on from [55671].
Props spacedmonkey, johnjamesjacoby, peterwilsoncc, mukesh27.
Fixes#58185.
git-svn-id: https://develop.svn.wordpress.org/trunk@55747 602fd350-edb4-49c9-b593-d223f7449a82
`str_starts_with()` was introduced in PHP 8.0 to perform a case-sensitive check indicating if the string to search in (haystack) begins with the given substring (needle).
WordPress core includes a polyfill for `str_starts_with()` on PHP < 8.0 as of WordPress 5.9.
This commit replaces `0 === strpos( ... )` with `str_starts_with()` in core files, making the code more readable and consistent, as well as improving performance.
While `strpos()` is slightly faster than the polyfill on PHP < 8.0, `str_starts_with()` is noticeably faster on PHP 8.0+, as it is optimized to avoid unnecessarily searching along the whole haystack if it does not find the needle.
Follow-up to [52039], [52040], [52326].
Props spacedmonkey, costdev, sabernhardt, mukesh27, desrosj, jorbin, TobiasBg, ayeshrajans, lgadzhev, SergeyBiryukov.
Fixes#58012.
git-svn-id: https://develop.svn.wordpress.org/trunk@55703 602fd350-edb4-49c9-b593-d223f7449a82
Add a helper function called `wp_cache_set_last_changed` to set the last changed value for cache groups. This function has a new action called `wp_cache_set_last_changed`, allowing for developers to cache invalidate when last changed value is changed.
Props tillkruess, spacedmonkey, peterwilsoncc, mukesh27, johnjamesjacoby.
Fixes#57905.
git-svn-id: https://develop.svn.wordpress.org/trunk@55702 602fd350-edb4-49c9-b593-d223f7449a82
Cache the results of database queries within `WP_User_Query` class. Only cache queries that are requesting 3 or less fields so that caches are not storing full user objects. Cache results are stored in a new global cache group named `users-queries`. Add a new parameter to `WP_User_Query` called `cache_results` to allow developers to opt out of a receiving cached results. `cache_results` parameter defaults to true. Also add a new helper function called `wp_cache_set_users_last_changed`, similar to `wp_cache_set_posts_last_changed` that incroments last changed value in cache group `users`. Ensure that `wp_cache_set_users_last_changed` is called whenever user / user meta is modified for proper cache invalidation.
Props johnjamesjacoby, spacedmonkey, westi, dd32, strategio, srikanthmeenakshi, OllieJones, khoipro, rjasdfiii, flixos90, mukesh27, peterwilsoncc.
Fixes#40613.
git-svn-id: https://develop.svn.wordpress.org/trunk@55657 602fd350-edb4-49c9-b593-d223f7449a82
This reverts the changes implemented in [55358] and [55360].
Changeset [55358] was committed to prevent login name collision when one user registers with the email address `user@example.com` and a second user tries to register with the username `user@example.com`. However, it also introduced a potential backward compatibility issues for plugins that use `wp_update_user()`. When updating an existing user, it throws an `existing_user_email_as_login` error if the email address is also used for the user login, due to the code introduced in [55358].
This changeset removes the new scenario added in [55358] and [55360], restoring the `wp_insert_user()` function back to its previous state.
Props polevaultweb, audrasjb, costdev, peterwilsoncc, hellofromTonya, SergeyBiryukov, azaozz.
See #57967, #57394.
git-svn-id: https://develop.svn.wordpress.org/trunk@55584 602fd350-edb4-49c9-b593-d223f7449a82
This changeset replaces various HelpHub links that have changed to avoid extra 301 redirections.
Props sabernhardt, audrasjb.
See #57726.
git-svn-id: https://develop.svn.wordpress.org/trunk@55414 602fd350-edb4-49c9-b593-d223f7449a82
This fixes a regression introduced in [41163], where the link in change confirmation emails for users with no roles in a multisite install was incorrect, causing them to be unable to change their email address. This changeset replaces `admin_url()` with `self_admin_url()` to restore the previous fix.
Follow-up to [38876], [40632], [41165], [41163].
Props roytanck, SergeyBiryukov, johnbillion, afrin29.
Fixes#57164.
git-svn-id: https://develop.svn.wordpress.org/trunk@55396 602fd350-edb4-49c9-b593-d223f7449a82
When registering a new user, check that no existing user has an email matching the username.
Prevents a login name collision when one user registers with the email address user@test.com and a second user tries to register with the username user@test.com.
Props buutqn, dunhakdis, roytanck, ajayver.
Fixes#57394.
git-svn-id: https://develop.svn.wordpress.org/trunk@55358 602fd350-edb4-49c9-b593-d223f7449a82
The `$credentials['user_login']` and `$credentials['user_password']` parameters are passed by reference to the `wp_authenticate` action, and are at that point [https://www.php.net/manual/en/language.references.pass.php#124383 created as null] if they don't exist in the array.
This commit sets those values to an empty string, resolving two PHP 8.1 deprecation notices:
* One from `preg_replace()` in `wp_strip_all_tags()` via `sanitize_user()` in `wp_authenticate()`:
{{{
Deprecated: preg_replace(): Passing null to parameter #3 ($subject) of type array|string is deprecated
}}}
* One from `trim()` in `wp_authenticate()` itself:
{{{
Deprecated: trim(): Passing null to parameter #1 ($string) of type string is deprecated
}}}
Includes documenting the `$credentials` parameter using hash notation.
Follow-up to [6643], [37697].
Props lenasterg, TobiasBg, ocean90, afragen, lkraav, SergeyBiryukov.
Fixes#56850.
git-svn-id: https://develop.svn.wordpress.org/trunk@55301 602fd350-edb4-49c9-b593-d223f7449a82
This new function makes it easier to switch to a specific user’s locale by reducing duplicate code and storing the user’s ID as additional context for plugins to consume. Existing usage of `switch_to_locale()` in core has been replaced with `switch_to_user_locale()` where appropriate.
Also, this change ensures `WP_Locale_Switcher` properly filters `determine_locale` so that anyyone using the `determine_locale()` function will get the correct locale information when switching is in effect.
Props costdev.
Fixes#57123.
See #26511.
git-svn-id: https://develop.svn.wordpress.org/trunk@55161 602fd350-edb4-49c9-b593-d223f7449a82
While using reserved PHP keywords as parameter name labels is allowed, in the context of function calls using named parameters in PHP 8.0+, this will easily lead to confusion. To avoid that, it is recommended not to use reserved keywords as function parameter names.
This commit renames the `$global` parameter to `$is_global` in:
* `update_user_option()`
* `delete_user_option()`
Follow-up to [52946], [52996], [52997], [52998], [53003], [53014], [53029], [53039], [53116], [53117], [53137], [53174], [53184], [53185], [53192], [53193], [53198], [53203], [53207], [53215], [53216], [53220], [53230], [53232], [53236], [53239], [53240], [53242], [53243], [53245], [53246], [53257], [53269], [53270], [53271], [53272], [53273], [53274], [53275], [53276], [53277], [53281], [53283], [53284], [53285], [53287], [53364], [53365], [54927], [54929], [54930], [54931], [54932], [54933], [54938], [54943], [54944], [54945], [54946], [54947], [54948], [54950], [54951], [54952], [54956], [54959], [54960], [54961], [54962], [54964], [54965], [54969], [54970], [54971], [54972], [54996], [55000], [55011], [55013], [55014].
Props jrf, aristath, poena, justinahinon, SergeyBiryukov.
See #56788.
git-svn-id: https://develop.svn.wordpress.org/trunk@55015 602fd350-edb4-49c9-b593-d223f7449a82
Unlike other clean cache functions like `clean_post_cache`, `clean_user_cache` did not also clear user meta caches. This is inconsistent and can result in some strange side effects. Update the `clean_user_cache` function to also clear user meta caches when called.
Props dd32, spacedmonkey, peterwilsoncc.
Fixes#54316.
git-svn-id: https://develop.svn.wordpress.org/trunk@54940 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that sending a password reset link works as expected if the user's login and email were initially the same, but the email address was subsequently updated and no longer matches the login, which is still set to the old address.
Follow-up to [6643], [18513], [19056], [37474], [50129], [50140].
Props donmhico, pbearne, azouamauriac, boblindner, daxelrod, audrasjb, SergeyBiryukov.
Fixes#53634.
git-svn-id: https://develop.svn.wordpress.org/trunk@54477 602fd350-edb4-49c9-b593-d223f7449a82
The user meta `context` property in `wp_register_persisted_preferences_meta()` was incorrectly configured. It should be part of the `schema` array, not the `show_in_rest` array.
Follow-up to [54182].
Props talldanwp, dd32.
Fixes#56665. See #56467.
git-svn-id: https://develop.svn.wordpress.org/trunk@54329 602fd350-edb4-49c9-b593-d223f7449a82
This commit adds three filters to customize the `wp_list_authors()` and `wp_list_users()` output:
* `wp_list_authors_args`: Filters the query arguments for the list of all authors of the site.
* `pre_wp_list_authors_post_counts_query`: Filters whether to short-circuit performing the query for author post counts. This may be useful to account for custom post types or post statuses.
* `wp_list_users_args`: Filters the query arguments for the list of all users of the site.
Follow-up to [979], [3848], [5135], [5727], [31653], [52064], [53486], [53501].
Props kevinB, wonderboymusic, DrewAPicture, Mte90, audrasjb, rafiahmedd, costdev, nacin, afercia, chetan200891, hellofromTonya, TimothyBlynJacobs, chaion07, SergeyBiryukov.
Fixes#17025.
git-svn-id: https://develop.svn.wordpress.org/trunk@54262 602fd350-edb4-49c9-b593-d223f7449a82
Adds a new feature to persist editor UI preferences between page loads and browsers.
* Adds a new preferences persistence API.
* Saves editor preferences in user meta instead of in browser's local storage.
Why?
Due to the transient nature of browser storage, this persistence is not as sticky as it is expected to be, including: switching browsers (unique storage between browsers), or using private browsing tabs (storage cleared between sessions), or the same user across a network of sites (storage unique by domain).
This is a backport from Gutenberg.[https://github.com/WordPress/gutenberg/pull/39795 See WordPress/gutenberg PR 39795].
Props talldanwp, youknowriad, noisysocks, mamaduka, costdev, ironprogrammer, hellofromTonya.
See #56467.
git-svn-id: https://develop.svn.wordpress.org/trunk@54182 602fd350-edb4-49c9-b593-d223f7449a82
Some plugins may call the `wp_cache_*()` functions with an empty string, `false`, or `null` as cache key, usually as a result of not checking the return value of another function that's used as the key.
Previously, this was silently failing, leading to odd behavior at best and often breakage due to key collisions.
A valid cache key must be either an integer number or a non-empty string.
This commit introduces a quick type check on the given cache keys and adds a `_doing_it_wrong()` message that should help plugin developers to notice these issues quicker.
Includes:
* A check in `update_user_caches()` and `clean_user_cache()` to make sure user email is not empty before being cached or removed from cache, as it is technically possible to create a user with empty email via `wp_insert_user()`.
* Some minor cleanup in unit tests where the email was passed to `wp_insert_user()` incorrectly or was unintentionally reset.
Props tillkruess, malthert, dd32, spacedmonkey, flixos90, peterwilsoncc, SergeyBiryukov.
Fixes#56198.
git-svn-id: https://develop.svn.wordpress.org/trunk@53818 602fd350-edb4-49c9-b593-d223f7449a82
That allows locales to switch the order of the first name and last name, should they prefer to do so.
The string was previously used in `wp_insert_user()` and is now reused in other places for consistency:
* `WP_MS_Users_List_Table::column_name()`
* `WP_Users_List_Table::column_name()`
* `wp_list_authors()`
* `wp_list_users()`
Note: This also removes the `wp_list_author_full_name` filter, introduced for the same purpose in `wp_list_authors()`, as redundant for now.
Follow-up to [53486].
See #17025.
git-svn-id: https://develop.svn.wordpress.org/trunk@53501 602fd350-edb4-49c9-b593-d223f7449a82
This aims to improve performance by calling `sanitize_url()` directly, instead of the `esc_url_raw()` wrapper. As of WordPress 6.1, `sanitize_url()` is the recommended function for sanitizing a URL for database or redirect usage.
Follow-up to [11383], [13096], [51597], [53452].
Props benjgrolleau, peterwilsoncc, SergeyBiryukov.
Fixes#55852.
git-svn-id: https://develop.svn.wordpress.org/trunk@53455 602fd350-edb4-49c9-b593-d223f7449a82
For consistency with some similar filters like `send_password_change_email` or `send_email_change_email`, and for more flexibility, pass `$user_login` and `$user_data` parameters directly to the new `send_retrieve_password_email` and `retrieve_password_notification_email` filters.
Follow-up to [52604], [52605], [52606], [52607].
Props SergeyBiryukov, costdev, peterwilsoncc.
Fixes#54690.
git-svn-id: https://develop.svn.wordpress.org/trunk@53178 602fd350-edb4-49c9-b593-d223f7449a82
The new location is next to the pre-existing `count_users()` function, along with other user-specific functions, and should be a more appropriate place in terms of consistency.
This affects:
* `get_user_count()`
* `wp_maybe_update_user_counts()`
* `wp_update_user_counts()`
* `wp_schedule_update_user_counts()`
* `wp_is_large_user_count()`
Follow-up to [53011], [53016].
See #38741.
git-svn-id: https://develop.svn.wordpress.org/trunk@53018 602fd350-edb4-49c9-b593-d223f7449a82
This changeset replaces contracted verb forms like `doesn't`, `can't`, or `isn't` with non-contracted forms like `does not`, `cannot`, or `is not`, for better consistency across the WordPress administration. It also updates some corresponding unit tests strings.
Props Presskopp, socalchristina, aandrewdixon, francina, SergeyBiryukov, JeffPaul, audrasjb, hellofromTonya.
Fixes#38913.
See #39176.
git-svn-id: https://develop.svn.wordpress.org/trunk@52978 602fd350-edb4-49c9-b593-d223f7449a82
Similar to other checks on `user_login` and `user_url`, this change moves the maximum length check on `user_nicename` after the `pre_user_nicename` filter has been applied, to account for any changes to the value prior to saving.
Props SergeyBiryukov, ravipatel, muhammadfaizanhaidar, mukesh27, csesumonpro, azouamauriac.
Fixes#54987.
git-svn-id: https://develop.svn.wordpress.org/trunk@52954 602fd350-edb4-49c9-b593-d223f7449a82
The `user_url` database field only allows up to 100 characters, and if the value is longer than that, the function should return a proper error message instead of silently failing.
This complements similar checks for `user_login` and `user_nicename` fields.
Follow-up to [45], [1575], [32299], [34218], [34626].
Props mkox, sabernhardt, tszming, SergeyBiryukov.
Fixes#44107.
git-svn-id: https://develop.svn.wordpress.org/trunk@52650 602fd350-edb4-49c9-b593-d223f7449a82
This change introduces two new hooks to help developers to filter retrieve password emails:
- `send_retrieve_password_email` can be used to filter whether to send the retrieve password email;
- `retrieve_password_notification_email` can be used to filter the contents of the reset password notification email sent to the user.
This changesets also adds unit tests for these new filters.
Props connapptivity, costdev, audrasjb, johnbillion.
Fixes#54690.
git-svn-id: https://develop.svn.wordpress.org/trunk@52604 602fd350-edb4-49c9-b593-d223f7449a82
When `add_filter( 'wp_is_application_passwords_available', '__return_false' )` exists, HTTPS requirement message is shown even if HTTPS is enabled on the site. This happens because `wp_is_application_passwords_available_for_user()` first invokes `wp_is_application_passwords_available()` which is filterable. The situation could happen if the `'wp_is_application_passwords_available_for_user'` filter returns `false`.
To fix this, the check for HTTPS (or if in a 'local' environment) is moved to a new function called `wp_is_application_passwords_supported()`. Then the return from this function is used as an OR condition for the Application Passwords section and for displaying the HTTPS required message.
Tests are included for both `wp_is_application_passwords_supported()` and `wp_is_application_passwords_available()`.
Follow-up to [51980], [51988].
Props davidbinda, SergeyBiryukov, ocean90, felipeelia, costdev, hellofromTonya.
Fixes#53658.
git-svn-id: https://develop.svn.wordpress.org/trunk@52398 602fd350-edb4-49c9-b593-d223f7449a82
This fixes a mix of tabs and spaces in the email template. Spaces inside a string are not considered WPCS errors, and are not required to be converted to tabs.
Follow-up to [52060], [52063].
See #43700.
git-svn-id: https://develop.svn.wordpress.org/trunk@52076 602fd350-edb4-49c9-b593-d223f7449a82
Adds the `wp_login_url()` login link to the Error message to be more helpful to users when their user email already is registered.
Improves the error message to more clearly communicate next step.
Follow-up to [16009], [22124], [31963].
Props andynick, costdev, dansoschin, sabernhardt, webcommsat.
Fixes#53631.
git-svn-id: https://develop.svn.wordpress.org/trunk@52074 602fd350-edb4-49c9-b593-d223f7449a82
Introduces a new function called `wp_list_users()`. Similar to other list functions such as `wp_list_authors()`, it lists all the users of the site. Options are available to configure the HTML output.
Following the same pattern of the other list functions, the list's HTML output is rendered by default. Setting the `echo` argument to `false`, returns the list's HTML output.
A new test class is included.
Props afercia, audrasjb, chriscct7, costdev, desrosj, greenshady, hellofromTonya, mte90, nacin, rohan013, sergeybiryukov.
Fixes#15145.
git-svn-id: https://develop.svn.wordpress.org/trunk@52064 602fd350-edb4-49c9-b593-d223f7449a82
Load a language switcher on the login and registration screens that allows users to choose any already-installed language. Set user locale on registration.
Props johnbillion, Nikschavan, afercia, sabernhardt, garrett-eclipse, keyur5, paaljoachim, Clorith, tobifjellner.
Fixes#43700.
git-svn-id: https://develop.svn.wordpress.org/trunk@52058 602fd350-edb4-49c9-b593-d223f7449a82
Similar to the existing `role`/`role__in`/`role__not_in` query arguments, this adds support for three new query arguments in `WP_User_Query`:
* `capability`
* `capability__in`
* `capability__not_in`
These can be used to fetch users with (or without) a specific set of capabilities, for example to get all users
with the capability to edit a certain post type.
Under the hood, this will check all existing roles on the site and perform a `LIKE` query against the `capabilities` user meta field to find:
* all users with a role that has this capability
* all users with the capability being assigned directly
Note: In WordPress, not all capabilities are stored in the database. Capabilities can also be modified using filters like `map_meta_cap`. These new query arguments do NOT work for such capabilities.
The prime use case for capability queries is to get all "authors", i.e. users with the capability to edit a certain post type.
Until now, `'who' => 'authors'` was used for this, which relies on user levels. However, user levels were deprecated a long time ago and thus never added to custom roles. This led to constant frustration due to users with custom roles missing from places like author dropdowns.
This updates any usage of `'who' => 'authors'` in core to use capability queries instead.
Subsequently, `'who' => 'authors'` queries are being **deprecated** in favor of these new query arguments.
Also adds a new `capabilities` parameter (mapping to `capability__in` in `WP_User_Query`) to the REST API users controller.
Also updates `twentyfourteen_list_authors()` in Twenty Fourteen to make use of this new functionality, adding a new `twentyfourteen_list_authors_query_args` filter to make it easier to override this behavior.
Props scribu, lgladdly, boonebgorges, spacedmonkey, peterwilsoncc, SergeyBiryukov, swissspidy.
Fixes#16841.
git-svn-id: https://develop.svn.wordpress.org/trunk@51943 602fd350-edb4-49c9-b593-d223f7449a82
This allows custom user meta values to be provided when creating or updating a user in the same way custom post meta can be provided to `wp_insert_post()` when creating or updating a post.
Also introduces the `insert_custom_user_meta` to filter these values.
Props desrosj, donmhico
Fixes#41950
git-svn-id: https://develop.svn.wordpress.org/trunk@51738 602fd350-edb4-49c9-b593-d223f7449a82
When a closure does not use `$this`, it can be made `static` for improved performance.
Static closures are supported in PHP since PHP 5.4.
Props jrf, hellofromTonya, swissspidy, SergeyBiryukov.
See #53359.
git-svn-id: https://develop.svn.wordpress.org/trunk@51657 602fd350-edb4-49c9-b593-d223f7449a82
- Typo corrections in filter descriptions.
- DocBlocks are now now wrapped to the next line after 80 characters, and not extending beyond 120 total characters wide.
- Remove unnecessary repeated references to the suggested replacement hooks.
- Adjustments to the indentation for consistency with other emails in Core, allowing the `phpcs:ignore` comment to be removed.
Props SergeyBiryukov.
Fixes#44314.
git-svn-id: https://develop.svn.wordpress.org/trunk@51410 602fd350-edb4-49c9-b593-d223f7449a82
