HostForge-Systems/wordpress
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
654e46f03d3806b80a691e8a21100ee6c5d8873a
wordpress/wp-includes
History
Andrew Nacin 654e46f03d Tie cookies and nonces to user sessions so they may be invalidated upon logout. 
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.

Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().

This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.

props duck_, nacin, mdawaffe.
see #20276.

Built from https://develop.svn.wordpress.org/trunk@29221


git-svn-id: http://core.svn.wordpress.org/trunk@29005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 09:13:15 +00:00
..
certificates
WP_HTTP: Update the Root Certificate bundle used for SSL communication by WP_HTTP.
2014-02-27 02:33:14 +00:00
css
Keyboard accessibility for the media modal:
2014-07-18 07:57:15 +00:00
fonts
Update Dashicons.
2014-04-07 17:52:16 +00:00
ID3
images
Edit Image modal:
2014-03-27 22:41:14 +00:00
js
Keyboard accessibility for the media modal:
2014-07-18 07:57:15 +00:00
pomo
Introduce a binary-safe wrapper for strlen() and use it in seems_utf8(), utf8_uri_encode(), and wp_read_image_metadata().
2014-06-23 14:48:14 +00:00
SimplePie
SimplePie: Fix use of DOMElement as array.
2013-09-11 04:02:10 +00:00
Text
theme-compat
Eliminate use of extract() in wp-includes/theme-compat/comments-popup.php.
2014-05-13 04:40:16 +00:00
admin-bar.php
Customizer: Add meta capability customize which is mapped to edit_theme_options.
2014-07-14 19:01:16 +00:00
atomlib.php
First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin.
2013-12-24 18:57:12 +00:00
author-template.php
Convert documentation of default arguments in wp_list_authors() to the hash-notation style.
2014-06-29 22:34:14 +00:00
bookmark-template.php
Add indentation for the hash notation missed in [29108].
2014-07-11 22:59:16 +00:00
bookmark.php
Convert default arguments documentation for get_bookmarks() into a hash notation.
2014-07-11 23:03:13 +00:00
cache.php
Add periods to short descriptions for magic methods added in [28501], [28521], and [28524].
2014-07-14 01:12:14 +00:00
canonical.php
Canonical redirects should only be applied for GET requests.
2014-07-02 14:11:14 +00:00
capabilities.php
Customizer: Add meta capability customize which is mapped to edit_theme_options.
2014-07-14 19:01:16 +00:00
category-template.php
Cleanup for switch statements:
2014-05-30 17:58:15 +00:00
category.php
Deprecate get_all_category_ids(). Suggest get_terms() as a replacement.
2014-06-05 16:25:14 +00:00
class-feed.php
Add access modifiers to methods/members in WP_Feed_Cache, WP_SimplePie_File, and WP_Feed_Cache_Transient.
2014-05-19 05:27:15 +00:00
class-http.php
Convert default arguments documentation for WP_Http_Cookie::__construct() into a hash notation.
2014-07-11 22:50:15 +00:00
class-IXR.php
Allow query strings for servers in IXR_Client and WP_HTTP_IXR_Client.
2014-03-15 05:01:14 +00:00
class-json.php
class-oembed.php
Add periods to short descriptions for magic methods added in [28501], [28521], and [28524].
2014-07-14 01:12:14 +00:00
class-phpass.php
First there were two, and now there are three -- in the @since versions that came before and that shall be. And so it will be, says nacin.
2013-12-24 18:57:12 +00:00
class-phpmailer.php
Update PHPMailer to 5.2.7 from 5.2.4.
2014-03-03 20:25:14 +00:00
class-pop3.php
class-simplepie.php
hackificator complains if you call include 'file.php' without the parens, needs to be include( 'file.php' )
2014-05-18 20:52:15 +00:00
class-smtp.php
Update PHPMailer to 5.2.7 from 5.2.4.
2014-03-03 20:25:14 +00:00
class-snoopy.php
class-wp-admin-bar.php
In wp-includes/class-wp-admin-bar.php, break is unreachabled after return.
2014-05-06 18:29:15 +00:00
class-wp-ajax-response.php
Fill out inline documentation for magic methods added to the WP_Ajax_Response class in [28524].
2014-07-13 23:44:14 +00:00
class-wp-customize-control.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 00:32:16 +00:00
class-wp-customize-manager.php
Customizer: Add meta capability customize which is mapped to edit_theme_options.
2014-07-14 19:01:16 +00:00
class-wp-customize-section.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 00:40:15 +00:00
class-wp-customize-setting.php
Allow for easier adding of custom class variables when extending WP_Customize_Section or WP_Customize_Setting.
2014-06-24 22:56:14 +00:00
class-wp-customize-widgets.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 00:42:15 +00:00
class-wp-editor.php
TinyMCE: add the 'colorpicker' and 'lists' plugins, fixes #28939, #27359.
2014-07-17 21:54:14 +00:00
class-wp-embed.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 00:44:14 +00:00
class-wp-error.php
Fill out inline documentation for magic methods added to the WP_Error class in [28511].
2014-07-13 23:42:14 +00:00
class-wp-http-ixr-client.php
Add access modifiers to methods/members in WP_HTTP_IXR_Client.
2014-05-19 05:51:15 +00:00
class-wp-image-editor-gd.php
Add ->get_quality() method to WP_Image_Editor class.
2014-06-28 03:50:15 +00:00
class-wp-image-editor-imagick.php
Add ->get_quality() method to WP_Image_Editor class.
2014-06-28 03:50:15 +00:00
class-wp-image-editor.php
Add ->get_quality() method to WP_Image_Editor class.
2014-06-28 03:50:15 +00:00
class-wp-theme.php
Remove redundant 'Visit author homepage' title attributes for plugins and themes.
2014-06-05 04:52:16 +00:00
class-wp-walker.php
Add periods to short descriptions for magic methods added in [28501], [28521], and [28524].
2014-07-14 01:12:14 +00:00
class-wp-xmlrpc-server.php
Add periods to short descriptions for magic methods added in [28501], [28521], and [28524].
2014-07-14 01:12:14 +00:00
class-wp.php
Don't 404 for empty feeds.
2014-07-17 22:22:15 +00:00
class.wp-dependencies.php
Add missing access modifiers to methods in WP_Dependencies and _WP_Dependency.
2014-05-19 06:14:14 +00:00
class.wp-scripts.php
WP_Scripts->in_default_dir() should use the WPINC constant
2014-06-29 22:23:15 +00:00
class.wp-styles.php
Add missing access modifiers to methods in WP_Scripts and WP_Styles.
2014-05-19 06:17:14 +00:00
comment-template.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 01:02:15 +00:00
comment.php
Add periods to short descriptions for magic methods added in [28501], [28521], and [28524].
2014-07-14 01:12:14 +00:00
compat.php
cron.php
Remove SSL verification by default for requests to wp-cron.php. Props sivel, rhurling. Fixes #12609.
2014-06-19 22:53:19 +00:00
date.php
WP_Date_Query: The inclusive logic should include all times within the date range.
2014-07-01 01:18:15 +00:00
default-constants.php
Revert [28563]. See #18298.
2014-07-09 18:07:16 +00:00
default-filters.php
Allow for custom authentication handlers for all requests.
2014-03-09 15:23:15 +00:00
default-widgets.php
Cleanup wp_widget_rss_form() after [28734]. "$$input used sanitized variables which contained actual values, unlike $inputs[$input] which in that context contains data about which input fields are hidden."
2014-06-20 17:29:14 +00:00
deprecated.php
LIKE escape sanity:
2014-06-10 00:30:15 +00:00
feed-atom-comments.php
Introduce 'rss_tag_pre' action, which fires between the xml and rss tags in a feed.
2014-07-07 10:18:15 +00:00
feed-atom.php
Introduce 'rss_tag_pre' action, which fires between the xml and rss tags in a feed.
2014-07-07 10:18:15 +00:00
feed-rdf.php
Introduce 'rss_tag_pre' action, which fires between the xml and rss tags in a feed.
2014-07-07 10:18:15 +00:00
feed-rss2-comments.php
Introduce 'rss_tag_pre' action, which fires between the xml and rss tags in a feed.
2014-07-07 10:18:15 +00:00
feed-rss2.php
Introduce 'rss_tag_pre' action, which fires between the xml and rss tags in a feed.
2014-07-07 10:18:15 +00:00
feed-rss.php
Revert r25824:25875 from the core.svn.wordpress.org repository.
2013-10-25 02:29:52 +00:00
feed.php
Force a separator in get_wp_title_rss() if it was inadvertently filtered out by the theme.
2014-06-30 10:11:15 +00:00
formatting.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 01:02:15 +00:00
functions.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 01:02:15 +00:00
functions.wp-scripts.php
In wp_localize_script(), instantiate the $wp_scripts global instead of bailing when it is called before wp_enqueue_scripts. This allows wp_enqueue_media() to be called on the front end with no JS errors.
2014-06-26 01:38:15 +00:00
functions.wp-styles.php
Inline documentation for hooks in wp-includes/functions.wp-styles.php.
2013-10-27 17:59:09 +00:00
general-template.php
Use includes_url() in wlwmanifest_link().
2014-06-29 22:27:15 +00:00
http.php
Remove by-reference modifiers from arguments in wp_remote_retrieve_* functions.
2014-05-05 18:46:15 +00:00
kses.php
Make wp_kses_no_null() remove any invalid control characters in a string.
2014-07-01 18:01:17 +00:00
l10n.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 01:02:15 +00:00
link-template.php
Pass the post object rather than the post ID between the post permalink functions. Fixes #28425. Props arnee
2014-07-08 15:48:17 +00:00
load.php
Improve inline documentation for wp-includes/load.php.
2014-06-04 04:12:17 +00:00
locale.php
Better description for WP_Locale::_strings_for_pot(). props dimadin. fixes #25937.
2013-11-13 14:01:09 +00:00
media-template.php
Media Grid:
2014-07-17 20:42:15 +00:00
media.php
Media Grid:
2014-07-17 20:42:15 +00:00
meta.php
Replace all uses of like_escape() with $wpdb->esc_like().
2014-06-10 00:44:15 +00:00
ms-blogs.php
Inline documentation cleanup for 4.0 audit.
2014-07-14 01:02:15 +00:00
ms-default-constants.php
Properly set $subdomain_error to false when applicable in ms_subdomain_constants(). This was previously untestable because it used static vars: use globals instead.
2014-07-16 22:35:14 +00:00
ms-default-filters.php
In multisite, on the updated_option action, if the option name is one of: 'blogname', 'siteurl', 'post_count' - refresh the blog details cache for the current blog id.
2014-06-28 04:07:16 +00:00
ms-deprecated.php
Theme compat: Move <head profile> to <link>.
2014-03-25 17:22:15 +00:00
ms-files.php
ms-functions.php
get_blog_details()->post_count should update on more actions than just publish_post.
2014-06-26 00:53:15 +00:00
ms-load.php
Replace all uses of like_escape() with $wpdb->esc_like().
2014-06-10 00:44:15 +00:00
ms-settings.php
Move ms-load.php and ms-default-constants.php inclusion back to ms-settings.php to avoid breaking WP-CLI.
2014-06-30 23:50:15 +00:00
nav-menu-template.php
Correct filter documentation in wp_nav_menu().
2014-06-27 03:37:16 +00:00
nav-menu.php
return false in has_nav_menu() if the $location does not exist in the $_wp_registered_nav_menus global.
2014-06-26 00:57:15 +00:00
option.php
Conditionally set the the secure flag on the test cookie, post password cookie, settings cookies, and comment author cookies depending on whether the front end and/or admin area are served over https. Fixes #28427
2014-06-29 13:25:16 +00:00
pluggable-deprecated.php
Reference https://wordpress.org rather than http://wordpress.org in strings, links, comments, etc.
2014-03-03 02:34:27 +00:00
pluggable.php
Tie cookies and nonces to user sessions so they may be invalidated upon logout.
2014-07-18 09:13:15 +00:00
plugin.php
General phpDoc fixes in wp-includes/plugin.php.
2014-06-29 09:19:15 +00:00
post-formats.php
Allow has_post_format() to be used to check for any format.
2013-11-24 13:45:10 +00:00
post-template.php
Convert default arguments documentation for wp_page_menu() into a hash notation.
2014-07-11 23:13:15 +00:00
post-thumbnail-template.php
Revert [27166].
2014-03-26 18:43:14 +00:00
post.php
Convert default arguments documentation for get_posts() into a hash notation.
2014-07-11 23:34:15 +00:00
query.php
Fill out inline documentation for magic methods added to the WP_Query class in [28523].
2014-07-13 23:36:14 +00:00
registration-functions.php
registration.php
revision.php
Remove backticks on $post variables in some short parameter descriptions.
2014-07-03 19:28:14 +00:00
rewrite.php
WP_Query was only missing one access modifier.
2014-05-19 17:41:13 +00:00
rss-functions.php
Don't rely on include_path to include files.
2013-09-25 00:18:11 +00:00
rss.php
Inline docs for hooks in MagPie.
2013-09-06 17:19:09 +00:00
script-loader.php
Enhance the editor on the Add/Edit Post screens, first run. Props avril, see #28328.
2014-07-09 22:06:15 +00:00
session.php
Tie cookies and nonces to user sessions so they may be invalidated upon logout.
2014-07-18 09:13:15 +00:00
shortcodes.php
After [29197], use ! empty() instead of isset(). Don't call has_shortcode() internally twice if it's true.
2014-07-17 17:38:13 +00:00
taxonomy.php
Avoid a race condition when multiple windows are open so that orphaned terms cannot be created by accident.
2014-07-16 21:52:15 +00:00
template-loader.php
Add jshintrc to qunit.
2013-10-30 14:39:10 +00:00
template.php
Revert [28563]. See #18298.
2014-07-09 18:07:16 +00:00
theme.php
Make audio and video URLs/embed handlers work in <iframe>-sandbox'd MCE views.
2014-07-15 21:51:15 +00:00
update.php
Use direct typecasting instead of intval() for better performance.
2014-06-24 16:06:14 +00:00
user.php
Tie cookies and nonces to user sessions so they may be invalidated upon logout.
2014-07-18 09:13:15 +00:00
vars.php
Update the wp-inclues/vars.php file header to include Nginx as a recognized web server.
2014-01-10 18:15:13 +00:00
version.php
Use more generic, reusable CSS for the filter bar on Add Themes. This will allow us to reuse the UI in other places, such as the Media Library. props paulwilde. fixes #28794.
2014-07-18 03:40:16 +00:00
widgets.php
is_active_widget() should skip orphaned widgets.
2014-07-10 15:49:14 +00:00
wlwmanifest.xml
The Pinking Shears stir from their slumber, awakened by what may seem, to those
2013-12-11 19:49:11 +00:00
wp-db.php
Add periods to short descriptions for magic methods added in [28501], [28521], and [28524].
2014-07-14 01:12:14 +00:00
wp-diff.php
Fill out inline documentation for magic methods added to the WP_Text_Diff_Renderer_Table class in [28525].
2014-07-13 23:32:14 +00:00