<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[33023] trunk/src: New password change/set UI.</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="https://core.trac.wordpress.org/changeset/33023">33023</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"https://core.trac.wordpress.org/changeset/33023","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>markjaquith</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2015-07-01 14:47:24 +0000 (Wed, 01 Jul 2015)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>New password change/set UI.
* Generate the password for the user
* More tightly integrate password strength meter
* Warn on weak passwords
see <a href="https://core.trac.wordpress.org/ticket/32589">#32589</a>
props MikeHansenMe, adamsilverstein, binarykitten</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunksrcwpadmincssformscss">trunk/src/wp-admin/css/forms.css</a></li>
<li><a href="#trunksrcwpadminincludesuserphp">trunk/src/wp-admin/includes/user.php</a></li>
<li><a href="#trunksrcwpadminjsuserprofilejs">trunk/src/wp-admin/js/user-profile.js</a></li>
<li><a href="#trunksrcwpadminusereditphp">trunk/src/wp-admin/user-edit.php</a></li>
<li><a href="#trunksrcwpadminusernewphp">trunk/src/wp-admin/user-new.php</a></li>
<li><a href="#trunksrcwpincludesdefaultconstantsphp">trunk/src/wp-includes/default-constants.php</a></li>
<li><a href="#trunksrcwpincludespluggablephp">trunk/src/wp-includes/pluggable.php</a></li>
<li><a href="#trunksrcwpincludesscriptloaderphp">trunk/src/wp-includes/script-loader.php</a></li>
<li><a href="#trunksrcwpincludesuserphp">trunk/src/wp-includes/user.php</a></li>
<li><a href="#trunksrcwploginphp">trunk/src/wp-login.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunksrcwpadmincssformscss"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/css/forms.css</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/css/forms.css 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-admin/css/forms.css 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -401,6 +401,11 @@
</span><span class="cx" style="display: block; padding: 0 10px"> color: #777;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+button.wp-hide-pw > .dashicons {
+ position: relative;
+ top: 3px;
+}
+
</ins><span class="cx" style="display: block; padding: 0 10px"> label,
</span><span class="cx" style="display: block; padding: 0 10px"> #your-profile label + a {
</span><span class="cx" style="display: block; padding: 0 10px"> vertical-align: middle;
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -434,34 +439,58 @@
</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result {
</span><span class="cx" style="display: block; padding: 0 10px"> background-color: #eee;
</span><span class="cx" style="display: block; padding: 0 10px"> border: 1px solid #ddd;
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- float: left;
- margin: 13px 5px 5px 1px;
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ margin: -2px 5px 5px 1px;
</ins><span class="cx" style="display: block; padding: 0 10px"> padding: 3px 5px;
</span><span class="cx" style="display: block; padding: 0 10px"> text-align: center;
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- width: 200px;
- display: none;
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ width: 25em;
+ box-sizing: border-box;
+ opacity: 0;
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.short {
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ opacity: 1;
</ins><span class="cx" style="display: block; padding: 0 10px"> background-color: #ffa0a0;
</span><span class="cx" style="display: block; padding: 0 10px"> border-color: #f04040;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.bad {
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ opacity: 1;
</ins><span class="cx" style="display: block; padding: 0 10px"> background-color: #ffb78c;
</span><span class="cx" style="display: block; padding: 0 10px"> border-color: #ff853c;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.good {
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ opacity: 1;
</ins><span class="cx" style="display: block; padding: 0 10px"> background-color: #ffec8b;
</span><span class="cx" style="display: block; padding: 0 10px"> border-color: #fc0;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.strong {
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ opacity: 1;
</ins><span class="cx" style="display: block; padding: 0 10px"> background-color: #c3ff88;
</span><span class="cx" style="display: block; padding: 0 10px"> border-color: #8dff1c;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+#pass1.short {
+ border-color: #f04040;
+}
+
+#pass1.bad {
+ border-color: #ff853c;
+}
+
+#pass1.good {
+ border-color: #fc0;
+}
+
+#pass1.strong {
+ border-color: #8dff1c;
+}
+
+.pw-weak{
+ display:none;
+}
+
</ins><span class="cx" style="display: block; padding: 0 10px"> .indicator-hint {
</span><span class="cx" style="display: block; padding: 0 10px"> padding-top: 8px;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre></div>
<a id="trunksrcwpadminincludesuserphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/includes/user.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/includes/user.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-admin/includes/user.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -176,7 +176,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $user_id = wp_update_user( $user );
</span><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><span class="cx" style="display: block; padding: 0 10px"> $user_id = wp_insert_user( $user );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- wp_new_user_notification( $user_id, isset( $_POST['send_password'] ) ? wp_unslash( $pass1 ) : '' );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ wp_new_user_notification( $user_id );
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> return $user_id;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre></div>
<a id="trunksrcwpadminjsuserprofilejs"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/js/user-profile.js</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/js/user-profile.js 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-admin/js/user-profile.js 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1,6 +1,111 @@
</span><span class="cx" style="display: block; padding: 0 10px"> /* global ajaxurl, pwsL10n */
</span><span class="cx" style="display: block; padding: 0 10px"> (function($){
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $(function(){
+ var pw_new = $('.user-pass1-wrap'),
+ pw_line = pw_new.find('.wp-pwd'),
+ pw_field = $('#pass1'),
+ pw_field2 = $('#pass2'),
+ pw_togglebtn = pw_new.find('.wp-hide-pw'),
+ pw_generatebtn = pw_new.find('button.wp-generate-pw'),
+ pw_2 = $('.user-pass2-wrap'),
+ parentform = pw_new.closest('form'),
+ pw_strength = $('#pass-strength-result'),
+ pw_submitbtn_edit = $('#submit'),
+ pw_submitbtn_new = $( '#createusersub' ),
+ pw_checkbox = $('.pw-checkbox'),
+ pw_weak = $('.pw-weak')
+ ;
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ generatePassword = function() {
+ pw_field.val( pw_field.data( 'pw' ) );
+ pw_field.trigger( 'propertychange' );
+ pw_field.attr( 'type', 'text' ).focus();
+ pw_field[0].setSelectionRange(100, 100);
+ };
+
+ pw_2.hide();
+ pw_line.hide();
+ pw_togglebtn.show();
+ pw_generatebtn.show();
+
+ if ( pw_field.data( 'reveal' ) == 1 ) {
+ generatePassword();
+ }
+
+ parentform.on('submit', function(){
+ pw_field2.val( pw_field.val() );
+ pw_field.attr('type', 'password');
+ });
+
+
+ pw_field.on('input propertychange', function(){
+ setTimeout( function(){
+ var cssClass = pw_strength.attr('class');
+ pw_field.removeClass( 'short bad good strong' );
+ if ( 'undefined' !== typeof cssClass ) {
+ pw_field.addClass( cssClass );
+ if ( cssClass == 'short' || cssClass == 'bad' ) {
+ if ( ! pw_checkbox.attr( 'checked' ) ) {
+ pw_submitbtn_new.attr( 'disabled','disabled' );
+ pw_submitbtn_edit.attr( 'disabled','disabled' );
+ }
+ pw_weak.show();
+ } else {
+ pw_submitbtn_new.removeAttr( 'disabled' );
+ pw_submitbtn_edit.removeAttr( 'disabled' );
+ pw_weak.hide();
+ }
+ }
+ }, 1 );
+ } );
+
+ pw_checkbox.change( function() {
+ if ( pw_checkbox.attr( 'checked' ) ) {
+ pw_submitbtn_new.removeAttr( 'disabled' );
+ pw_submitbtn_edit.removeAttr( 'disabled' );
+ } else {
+ pw_submitbtn_new.attr( 'disabled','disabled' );
+ pw_submitbtn_edit.attr( 'disabled','disabled' );
+ }
+ } );
+
+ /**
+ * Fix a LastPass mismatch issue, LastPass only changes pass2.
+ *
+ * This fixes the issue by copying any changes from the hidden
+ * pass2 field to the pass1 field.
+ */
+ pw_field2.on( 'input propertychange', function() {
+ pw_field.val( pw_field2.val() );
+ pw_field.trigger( 'propertychange' );
+ } );
+
+ pw_new.on( 'click', 'button.wp-generate-pw', function(){
+ pw_generatebtn.hide();
+ pw_line.show();
+ generatePassword();
+ });
+
+ pw_togglebtn.on( 'click', function() {
+ var show = pw_togglebtn.attr( 'data-toggle' );
+ if ( show == 1 ) {
+ pw_field.attr( 'type', 'text' );
+ pw_togglebtn.attr( 'data-toggle', 0 )
+ .find( '.text' )
+ .text( 'hide' )
+ ;
+ } else {
+ pw_field.attr( 'type', 'password' );
+ pw_togglebtn.attr( 'data-toggle', 1 )
+ .find( '.text' )
+ .text( 'show' )
+ ;
+ }
+ pw_field.focus();
+ pw_field[0].setSelectionRange(100, 100);
+ });
+ });
+
</ins><span class="cx" style="display: block; padding: 0 10px"> function check_pass_strength() {
</span><span class="cx" style="display: block; padding: 0 10px"> var pass1 = $('#pass1').val(), pass2 = $('#pass2').val(), strength;
</span><span class="cx" style="display: block; padding: 0 10px">
</span></span></pre></div>
<a id="trunksrcwpadminusereditphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/user-edit.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/user-edit.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-admin/user-edit.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -462,28 +462,34 @@
</span><span class="cx" style="display: block; padding: 0 10px"> <th><label for="pass1"><?php _e( 'New Password' ); ?></label></th>
</span><span class="cx" style="display: block; padding: 0 10px"> <td>
</span><span class="cx" style="display: block; padding: 0 10px"> <input class="hidden" value=" " /><!-- #24364 workaround -->
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <input type="password" name="pass1" id="pass1" class="regular-text" size="16" value="" autocomplete="off" />
- <p class="description"><?php _e( 'If you would like to change the password type a new one. Otherwise leave this blank.' ); ?></p>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <button type="button" class="button button-secondary wp-generate-pw hide-if-no-js"><?php _e( 'Generate new password' ); ?></button>
+ <div class="wp-pwd hide-if-js">
+ <input type="password" name="pass1" id="pass1" class="regular-text" value="" autocomplete="off" data-pw="<?php echo esc_attr( wp_generate_password( 24 ) ); ?>" />
+ <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0">
+ <span class="dashicons dashicons-visibility"></span>
+ <span class="text">hide</span>
+ </button>
+ <div style="display:none" id="pass-strength-result"></div>
+ </div>
</ins><span class="cx" style="display: block; padding: 0 10px"> </td>
</span><span class="cx" style="display: block; padding: 0 10px"> </tr>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-<tr class="user-pass2-wrap">
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<tr class="user-pass2-wrap hide-if-js">
</ins><span class="cx" style="display: block; padding: 0 10px"> <th scope="row"><label for="pass2"><?php _e( 'Repeat New Password' ); ?></label></th>
</span><span class="cx" style="display: block; padding: 0 10px"> <td>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <input name="pass2" type="password" id="pass2" class="regular-text" size="16" value="" autocomplete="off" />
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <input name="pass2" type="password" id="pass2" class="regular-text" value="" autocomplete="off" />
</ins><span class="cx" style="display: block; padding: 0 10px"> <p class="description"><?php _e( 'Type your new password again.' ); ?></p>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <br />
- <div id="pass-strength-result"><?php _e( 'Strength indicator' ); ?></div>
- <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p>
</del><span class="cx" style="display: block; padding: 0 10px"> </td>
</span><span class="cx" style="display: block; padding: 0 10px"> </tr>
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<tr class="pw-weak">
+ <th><label for="pw-weak"><?php _e( 'Confirm Password' ); ?></label></th>
+ <td>
+ <input type="checkbox" name="pw-weak" class="pw-checkbox" />
+ <?php _e( 'Confirm use of weak password' ); ?>
+ </td>
+</tr>
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php endif; ?>
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-// This is a temporary hook for WordPress 4.3 development. Do not use it or document it.
-do_action( '__temp_password_field', $profileuser );
-?>
-
-<?php
</del><span class="cx" style="display: block; padding: 0 10px"> if ( IS_PROFILE_PAGE && count( $sessions->get_all() ) === 1 ) : ?>
</span><span class="cx" style="display: block; padding: 0 10px"> <tr class="user-sessions-wrap hide-if-no-js">
</span><span class="cx" style="display: block; padding: 0 10px"> <th> </th>
</span></span></pre></div>
<a id="trunksrcwpadminusernewphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/user-new.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/user-new.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-admin/user-new.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -190,7 +190,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> wp_enqueue_script('wp-ajax-response');
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-wp_enqueue_script('user-profile');
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+wp_enqueue_script( 'user-profile' );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Filter whether to enable user auto-complete for non-super admins in Multisite.
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -355,7 +355,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $new_user_email = $creating && isset( $_POST['email'] ) ? wp_unslash( $_POST['email'] ) : '';
</span><span class="cx" style="display: block; padding: 0 10px"> $new_user_uri = $creating && isset( $_POST['url'] ) ? wp_unslash( $_POST['url'] ) : '';
</span><span class="cx" style="display: block; padding: 0 10px"> $new_user_role = $creating && isset( $_POST['role'] ) ? wp_unslash( $_POST['role'] ) : '';
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-$new_user_send_password = $creating && isset( $_POST['send_password'] ) ? wp_unslash( $_POST['send_password'] ) : '';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+$new_user_send_password = $creating && isset( $_POST['send_password'] ) ? wp_unslash( $_POST['send_password'] ) : true;
</ins><span class="cx" style="display: block; padding: 0 10px"> $new_user_ignore_pass = $creating && isset( $_POST['noconfirmation'] ) ? wp_unslash( $_POST['noconfirmation'] ) : '';
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -390,25 +390,40 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @param bool $show Whether to show the password fields. Default true.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> if ( apply_filters( 'show_password_fields', true ) ) : ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <tr class="form-field form-required">
- <th scope="row"><label for="pass1"><?php _e('Password'); ?> <span class="description"><?php /* translators: password input field */_e('(required)'); ?></span></label></th>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <tr class="form-field form-required user-pass1-wrap">
+ <th scope="row">
+ <label for="pass1">
+ <?php _e( 'Password' ); ?>
+ <span class="description hide-if-js"><?php /* translators: password input field */_e( '(required)' ); ?></span>
+ </label>
+ </th>
</ins><span class="cx" style="display: block; padding: 0 10px"> <td>
</span><span class="cx" style="display: block; padding: 0 10px"> <input class="hidden" value=" " /><!-- #24364 workaround -->
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <input name="pass1" type="password" id="pass1" autocomplete="off" />
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <button type="button" class="button button-secondary wp-generate-pw hide-if-no-js"><?php _e( 'Show password' ); ?></button>
+ <div class="wp-pwd hide-if-js">
+ <?php $initial_password = wp_generate_password( 24 ); ?>
+ <input type="password" name="pass1" id="pass1" class="regular-text" value="<?php echo esc_attr( $initial_password ); ?>" autocomplete="off" data-reveal="1" data-pw="<?php echo esc_attr( $initial_password ); ?>" />
+ <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0">
+ <span class="dashicons dashicons-visibility"></span>
+ <span class="text">hide</span>
+ </button>
+ <div style="display:none" id="pass-strength-result"></div>
+ </div>
+ <p><span class="description"><?php _e( 'A password reset link will be sent to the user via email' ); ?></span></p>
</ins><span class="cx" style="display: block; padding: 0 10px"> </td>
</span><span class="cx" style="display: block; padding: 0 10px"> </tr>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <tr class="form-field form-required">
- <th scope="row"><label for="pass2"><?php _e('Repeat Password'); ?> <span class="description"><?php /* translators: password input field */_e('(required)'); ?></span></label></th>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <tr class="form-field form-required user-pass2-wrap hide-if-js">
+ <th scope="row"><label for="pass2"><?php _e( 'Repeat Password' ); ?> <span class="description"><?php /* translators: password input field */_e('(required)'); ?></span></label></th>
</ins><span class="cx" style="display: block; padding: 0 10px"> <td>
</span><span class="cx" style="display: block; padding: 0 10px"> <input name="pass2" type="password" id="pass2" autocomplete="off" />
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <br />
- <div id="pass-strength-result"><?php _e('Strength indicator'); ?></div>
- <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p>
</del><span class="cx" style="display: block; padding: 0 10px"> </td>
</span><span class="cx" style="display: block; padding: 0 10px"> </tr>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <tr>
- <th scope="row"><?php _e('Send Password?') ?></th>
- <td><label for="send_password"><input type="checkbox" name="send_password" id="send_password" value="1" <?php checked( $new_user_send_password ); ?> /> <?php _e('Send this password to the new user by email.'); ?></label></td>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <tr class="pw-weak">
+ <th><label for="pw-weak"><?php _e( 'Confirm Password' ); ?></label></th>
+ <td>
+ <input type="checkbox" name="pw-weak" class="pw-checkbox" />
+ <?php _e( 'Confirm use of weak password' ); ?>
+ </td>
</ins><span class="cx" style="display: block; padding: 0 10px"> </tr>
</span><span class="cx" style="display: block; padding: 0 10px"> <?php endif; ?>
</span><span class="cx" style="display: block; padding: 0 10px"> <?php } // !is_multisite ?>
</span></span></pre></div>
<a id="trunksrcwpincludesdefaultconstantsphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/default-constants.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/default-constants.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-includes/default-constants.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -92,6 +92,9 @@
</span><span class="cx" style="display: block; padding: 0 10px"> if ( !defined('SHORTINIT') )
</span><span class="cx" style="display: block; padding: 0 10px"> define('SHORTINIT', false);
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ // Constants for features added to WP that should short-circuit their plugin implementations
+ define( 'WP_FEATURE_BETTER_PASSWORDS', true );
+
</ins><span class="cx" style="display: block; padding: 0 10px"> // Constants for expressing human-readable intervals
</span><span class="cx" style="display: block; padding: 0 10px"> // in their respective number of seconds.
</span><span class="cx" style="display: block; padding: 0 10px"> define( 'MINUTE_IN_SECONDS', 60 );
</span></span></pre></div>
<a id="trunksrcwpincludespluggablephp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/pluggable.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/pluggable.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-includes/pluggable.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1690,9 +1690,9 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @since 2.0.0
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="cx" style="display: block; padding: 0 10px"> * @param int $user_id User ID.
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- * @param string $plaintext_pass Optional. The user's plaintext password. Default empty.
</del><span class="cx" style="display: block; padding: 0 10px"> */
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-function wp_new_user_notification($user_id, $plaintext_pass = '') {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+function wp_new_user_notification($user_id) {
+ global $wpdb;
</ins><span class="cx" style="display: block; padding: 0 10px"> $user = get_userdata( $user_id );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> // The blogname option is escaped with esc_html on the way into the database in sanitize_option
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1705,14 +1705,26 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( empty($plaintext_pass) )
- return;
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ // Generate something random for a password reset key.
+ $key = wp_generate_password( 20, false );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
- $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ do_action( 'retrieve_password_key', $user->user_login, $key );
+
+ // Now insert the key, hashed, into the DB.
+ if ( empty( $wp_hasher ) ) {
+ require_once ABSPATH . WPINC . '/class-phpass.php';
+ $wp_hasher = new PasswordHash( 8, true );
+ }
+ $hashed = time() . ':' . $wp_hasher->HashPassword( $key );
+ $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user->user_login ) );
+
+ $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";
+ $message .= __('To set your password, visit the following address:') . "\r\n\r\n";
+ $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . ">\r\n\r\n";
+
</ins><span class="cx" style="display: block; padding: 0 10px"> $message .= wp_login_url() . "\r\n";
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- wp_mail($user->user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message);
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> endif;
</span></span></pre></div>
<a id="trunksrcwpincludesscriptloaderphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/script-loader.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/script-loader.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-includes/script-loader.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -365,7 +365,7 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> $scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array( 'jquery', 'zxcvbn-async' ), false, 1 );
</span><span class="cx" style="display: block; padding: 0 10px"> did_action( 'init' ) && $scripts->localize( 'password-strength-meter', 'pwsL10n', array(
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- 'empty' => __('Strength indicator'),
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ 'empty' => __(' '),
</ins><span class="cx" style="display: block; padding: 0 10px"> 'short' => __('Very weak'),
</span><span class="cx" style="display: block; padding: 0 10px"> 'bad' => __('Weak'),
</span><span class="cx" style="display: block; padding: 0 10px"> /* translators: password strength */
</span></span></pre></div>
<a id="trunksrcwpincludesuserphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/user.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/user.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-includes/user.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2409,7 +2409,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @return string The password hint text.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> function wp_get_password_hint() {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- $hint = __( 'Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $hint = __( 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ & ).' );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Filter the text describing the site's password complexity policy.
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2615,7 +2615,7 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- wp_new_user_notification( $user_id, $user_pass );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ wp_new_user_notification( $user_id );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> return $user_id;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre></div>
<a id="trunksrcwploginphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-login.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-login.php 2015-07-01 12:53:05 UTC (rev 33022)
+++ trunk/src/wp-login.php 2015-07-01 14:47:24 UTC (rev 33023)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -652,13 +652,15 @@
</span><span class="cx" style="display: block; padding: 0 10px"> <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off">
</span><span class="cx" style="display: block; padding: 0 10px"> <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" />
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p>
- <label for="pass1"><?php _e('New password') ?><br />
- <input type="password" name="pass1" id="pass1" class="input" size="20" value="" autocomplete="off" /></label>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p class="user-pass1-wrap">
+ <label for="pass1"><?php _e('New password') ?></label><br />
+ <div class="wp-pwd">
+ <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 24 ) ); ?>" name="pass1" id="pass1" class="input" size="20" value="" autocomplete="off" />
+ </div>
</ins><span class="cx" style="display: block; padding: 0 10px"> </p>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p>
- <label for="pass2"><?php _e('Confirm new password') ?><br />
- <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" /></label>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p class="user-pass2-wrap">
+ <label for="pass2"><?php _e('Confirm new password') ?></label><br />
+ <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" />
</ins><span class="cx" style="display: block; padding: 0 10px"> </p>
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> <div id="pass-strength-result" class="hide-if-no-js"><?php _e('Strength indicator'); ?></div>
</span></span></pre>
</div>
</div>
</body>
</html>