<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"

"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />

<title>[33023] trunk/src: New password change/set UI.</title>

</head>

<body>

<style type="text/css"><!--

#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }

#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }

#msg dt:after { content:':';}

#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }

#msg dl a { font-weight: bold}

#msg dl a:link    { color:#fc3; }

#msg dl a:active  { color:#ff0; }

#msg dl a:visited { color:#cc6; }

h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }

#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }

#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }

#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }

#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }

#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }

#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }

#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }

#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }

#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }

#logmsg pre { background: #eee; padding: 1em; }

#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}

#logmsg dl { margin: 0; }

#logmsg dt { font-weight: bold; }

#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }

#logmsg dd:before { content:'\00bb';}

#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }

#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }

#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }

#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }

#logmsg table th.Corner { text-align: left; }

#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }

#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }

#patch { width: 100%; }

#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}

#patch .propset h4, #patch .binary h4 {margin:0;}

#patch pre {padding:0;line-height:1.2em;margin:0;}

#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}

#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}

#patch span {display:block;padding:0 10px;}

#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}

#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}

#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}

#patch .lines, .info {color:#888;background:#fff;}

--></style>

<div id="msg">

<dl class="meta" style="font-size: 105%">

<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="https://core.trac.wordpress.org/changeset/33023">33023</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"https://core.trac.wordpress.org/changeset/33023","name":"Review Commit"}}</script></dd>

<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>markjaquith</dd>

<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2015-07-01 14:47:24 +0000 (Wed, 01 Jul 2015)</dd>

</dl>

<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>New password change/set UI.

* Generate the password for the user

* More tightly integrate password strength meter

* Warn on weak passwords

see <a href="https://core.trac.wordpress.org/ticket/32589">#32589</a>

props MikeHansenMe, adamsilverstein, binarykitten</pre>

<h3>Modified Paths</h3>

<ul>

<li><a href="#trunksrcwpadmincssformscss">trunk/src/wp-admin/css/forms.css</a></li>

<li><a href="#trunksrcwpadminincludesuserphp">trunk/src/wp-admin/includes/user.php</a></li>

<li><a href="#trunksrcwpadminjsuserprofilejs">trunk/src/wp-admin/js/user-profile.js</a></li>

<li><a href="#trunksrcwpadminusereditphp">trunk/src/wp-admin/user-edit.php</a></li>

<li><a href="#trunksrcwpadminusernewphp">trunk/src/wp-admin/user-new.php</a></li>

<li><a href="#trunksrcwpincludesdefaultconstantsphp">trunk/src/wp-includes/default-constants.php</a></li>

<li><a href="#trunksrcwpincludespluggablephp">trunk/src/wp-includes/pluggable.php</a></li>

<li><a href="#trunksrcwpincludesscriptloaderphp">trunk/src/wp-includes/script-loader.php</a></li>

<li><a href="#trunksrcwpincludesuserphp">trunk/src/wp-includes/user.php</a></li>

<li><a href="#trunksrcwploginphp">trunk/src/wp-login.php</a></li>

</ul>

</div>

<div id="patch">

<h3>Diff</h3>

<a id="trunksrcwpadmincssformscss"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/css/forms.css</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/css/forms.css  2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-admin/css/forms.css    2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -401,6 +401,11 @@

</span><span class="cx" style="display: block; padding: 0 10px">        color: #777;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+button.wp-hide-pw > .dashicons {

+       position: relative;

+       top: 3px;

+}

+

</ins><span class="cx" style="display: block; padding: 0 10px"> label,

</span><span class="cx" style="display: block; padding: 0 10px"> #your-profile label + a {

</span><span class="cx" style="display: block; padding: 0 10px">        vertical-align: middle;

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -434,34 +439,58 @@

</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result {

</span><span class="cx" style="display: block; padding: 0 10px">        background-color: #eee;

</span><span class="cx" style="display: block; padding: 0 10px">        border: 1px solid #ddd;

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        float: left;

-       margin: 13px 5px 5px 1px;

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ margin: -2px 5px 5px 1px;

</ins><span class="cx" style="display: block; padding: 0 10px">         padding: 3px 5px;

</span><span class="cx" style="display: block; padding: 0 10px">        text-align: center;

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        width: 200px;

-       display: none;

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ width: 25em;

+       box-sizing: border-box;

+       opacity: 0;

</ins><span class="cx" style="display: block; padding: 0 10px"> }

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.short {

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+        opacity: 1;

</ins><span class="cx" style="display: block; padding: 0 10px">         background-color: #ffa0a0;

</span><span class="cx" style="display: block; padding: 0 10px">        border-color: #f04040;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.bad {

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+        opacity: 1;

</ins><span class="cx" style="display: block; padding: 0 10px">         background-color: #ffb78c;

</span><span class="cx" style="display: block; padding: 0 10px">        border-color: #ff853c;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.good {

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+        opacity: 1;

</ins><span class="cx" style="display: block; padding: 0 10px">         background-color: #ffec8b;

</span><span class="cx" style="display: block; padding: 0 10px">        border-color: #fc0;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> #pass-strength-result.strong {

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+        opacity: 1;

</ins><span class="cx" style="display: block; padding: 0 10px">         background-color: #c3ff88;

</span><span class="cx" style="display: block; padding: 0 10px">        border-color: #8dff1c;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+#pass1.short {

+       border-color: #f04040;

+}

+

+#pass1.bad {

+       border-color: #ff853c;

+}

+

+#pass1.good {

+       border-color: #fc0;

+}

+

+#pass1.strong {

+       border-color: #8dff1c;

+}

+

+.pw-weak{

+       display:none;

+}

+

</ins><span class="cx" style="display: block; padding: 0 10px"> .indicator-hint {

</span><span class="cx" style="display: block; padding: 0 10px">        padding-top: 8px;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span></span></pre></div>

<a id="trunksrcwpadminincludesuserphp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/includes/user.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/includes/user.php      2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-admin/includes/user.php        2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -176,7 +176,7 @@

</span><span class="cx" style="display: block; padding: 0 10px">                $user_id = wp_update_user( $user );

</span><span class="cx" style="display: block; padding: 0 10px">        } else {

</span><span class="cx" style="display: block; padding: 0 10px">                $user_id = wp_insert_user( $user );

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                wp_new_user_notification( $user_id, isset( $_POST['send_password'] ) ? wp_unslash( $pass1 ) : '' );

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+         wp_new_user_notification( $user_id );

</ins><span class="cx" style="display: block; padding: 0 10px">         }

</span><span class="cx" style="display: block; padding: 0 10px">        return $user_id;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span></span></pre></div>

<a id="trunksrcwpadminjsuserprofilejs"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/js/user-profile.js</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/js/user-profile.js     2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-admin/js/user-profile.js       2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1,6 +1,111 @@

</span><span class="cx" style="display: block; padding: 0 10px"> /* global ajaxurl, pwsL10n */

</span><span class="cx" style="display: block; padding: 0 10px"> (function($){

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+        $(function(){

+               var pw_new = $('.user-pass1-wrap'),

+                       pw_line = pw_new.find('.wp-pwd'),

+                       pw_field = $('#pass1'),

+                       pw_field2 = $('#pass2'),

+                       pw_togglebtn = pw_new.find('.wp-hide-pw'),

+                       pw_generatebtn = pw_new.find('button.wp-generate-pw'),

+                       pw_2 = $('.user-pass2-wrap'),

+                       parentform = pw_new.closest('form'),

+                       pw_strength = $('#pass-strength-result'),

+                       pw_submitbtn_edit = $('#submit'),

+                       pw_submitbtn_new = $( '#createusersub' ),

+                       pw_checkbox = $('.pw-checkbox'),

+                       pw_weak = $('.pw-weak')

+               ;

</ins><span class="cx" style="display: block; padding: 0 10px"> 

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+                generatePassword = function() {

+                       pw_field.val( pw_field.data( 'pw' ) );

+                       pw_field.trigger( 'propertychange' );

+                       pw_field.attr( 'type', 'text' ).focus();

+                       pw_field[0].setSelectionRange(100, 100);

+               };

+

+               pw_2.hide();

+               pw_line.hide();

+               pw_togglebtn.show();

+               pw_generatebtn.show();

+

+               if ( pw_field.data( 'reveal' ) == 1 ) {

+                       generatePassword();

+               }

+

+               parentform.on('submit', function(){

+                       pw_field2.val( pw_field.val() );

+                       pw_field.attr('type', 'password');

+               });

+

+

+               pw_field.on('input propertychange', function(){

+                       setTimeout( function(){

+                               var cssClass = pw_strength.attr('class');

+                               pw_field.removeClass( 'short bad good strong' );

+                               if ( 'undefined' !== typeof cssClass ) {

+                                       pw_field.addClass( cssClass );

+                                       if ( cssClass == 'short' || cssClass == 'bad' ) {

+                                               if ( ! pw_checkbox.attr( 'checked' ) ) {

+                                                       pw_submitbtn_new.attr( 'disabled','disabled' );

+                                                       pw_submitbtn_edit.attr( 'disabled','disabled' );

+                                               }

+                                               pw_weak.show();

+                                       } else {

+                                               pw_submitbtn_new.removeAttr( 'disabled' );

+                                               pw_submitbtn_edit.removeAttr( 'disabled' );

+                                               pw_weak.hide();

+                                       }

+                               }

+                       }, 1 );

+               } );

+

+               pw_checkbox.change( function() {

+                       if ( pw_checkbox.attr( 'checked' ) ) {

+                               pw_submitbtn_new.removeAttr( 'disabled' );

+                               pw_submitbtn_edit.removeAttr( 'disabled' );

+                       } else {

+                               pw_submitbtn_new.attr( 'disabled','disabled' );

+                               pw_submitbtn_edit.attr( 'disabled','disabled' );

+                       }

+               } );

+

+               /**

+                * Fix a LastPass mismatch issue, LastPass only changes pass2.

+                *

+                * This fixes the issue by copying any changes from the hidden

+                * pass2 field to the pass1 field.

+                */

+               pw_field2.on( 'input propertychange', function() {

+                       pw_field.val( pw_field2.val() );

+                       pw_field.trigger( 'propertychange' );

+               } );

+

+               pw_new.on( 'click', 'button.wp-generate-pw', function(){

+                       pw_generatebtn.hide();

+                       pw_line.show();

+                       generatePassword();

+               });

+

+               pw_togglebtn.on( 'click', function() {

+                       var show = pw_togglebtn.attr( 'data-toggle' );

+                       if ( show == 1 ) {

+                               pw_field.attr( 'type', 'text' );

+                               pw_togglebtn.attr( 'data-toggle', 0 )

+                                       .find( '.text' )

+                                               .text( 'hide' )

+                               ;

+                       } else {

+                               pw_field.attr( 'type', 'password' );

+                               pw_togglebtn.attr( 'data-toggle', 1 )

+                                       .find( '.text' )

+                                               .text( 'show' )

+                               ;

+                       }

+                       pw_field.focus();

+                       pw_field[0].setSelectionRange(100, 100);

+               });

+       });

+

</ins><span class="cx" style="display: block; padding: 0 10px">         function check_pass_strength() {

</span><span class="cx" style="display: block; padding: 0 10px">                var pass1 = $('#pass1').val(), pass2 = $('#pass2').val(), strength;

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span></span></pre></div>

<a id="trunksrcwpadminusereditphp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/user-edit.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/user-edit.php  2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-admin/user-edit.php    2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -462,28 +462,34 @@

</span><span class="cx" style="display: block; padding: 0 10px">        <th><label for="pass1"><?php _e( 'New Password' ); ?></label></th>

</span><span class="cx" style="display: block; padding: 0 10px">        <td>

</span><span class="cx" style="display: block; padding: 0 10px">                <input class="hidden" value=" " /><!-- #24364 workaround -->

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                <input type="password" name="pass1" id="pass1" class="regular-text" size="16" value="" autocomplete="off" />

-               <p class="description"><?php _e( 'If you would like to change the password type a new one. Otherwise leave this blank.' ); ?></p>

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+         <button type="button" class="button button-secondary wp-generate-pw hide-if-no-js"><?php _e( 'Generate new password' ); ?></button>

+               <div class="wp-pwd hide-if-js">

+                       <input type="password" name="pass1" id="pass1" class="regular-text" value="" autocomplete="off" data-pw="<?php echo esc_attr( wp_generate_password( 24 ) ); ?>" />

+                       <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0">

+                               <span class="dashicons dashicons-visibility"></span>

+                               <span class="text">hide</span>

+                       </button>

+                       <div style="display:none" id="pass-strength-result"></div>

+               </div>

</ins><span class="cx" style="display: block; padding: 0 10px">         </td>

</span><span class="cx" style="display: block; padding: 0 10px"> </tr>

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-<tr class="user-pass2-wrap">

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<tr class="user-pass2-wrap hide-if-js">

</ins><span class="cx" style="display: block; padding: 0 10px">         <th scope="row"><label for="pass2"><?php _e( 'Repeat New Password' ); ?></label></th>

</span><span class="cx" style="display: block; padding: 0 10px">        <td>

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        <input name="pass2" type="password" id="pass2" class="regular-text" size="16" value="" autocomplete="off" />

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <input name="pass2" type="password" id="pass2" class="regular-text" value="" autocomplete="off" />

</ins><span class="cx" style="display: block; padding: 0 10px">         <p class="description"><?php _e( 'Type your new password again.' ); ?></p>

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        <br />

-       <div id="pass-strength-result"><?php _e( 'Strength indicator' ); ?></div>

-       <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p>

</del><span class="cx" style="display: block; padding: 0 10px">         </td>

</span><span class="cx" style="display: block; padding: 0 10px"> </tr>

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<tr class="pw-weak">

+       <th><label for="pw-weak"><?php _e( 'Confirm Password' ); ?></label></th>

+       <td>

+       <input type="checkbox" name="pw-weak" class="pw-checkbox" />

+       <?php _e( 'Confirm use of weak password' ); ?>

+       </td>

+</tr>

</ins><span class="cx" style="display: block; padding: 0 10px"> <?php endif; ?>

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> <?php

<del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-// This is a temporary hook for WordPress 4.3 development. Do not use it or document it.

-do_action( '__temp_password_field', $profileuser );

-?>

-

-<?php

</del><span class="cx" style="display: block; padding: 0 10px"> if ( IS_PROFILE_PAGE && count( $sessions->get_all() ) === 1 ) : ?>

</span><span class="cx" style="display: block; padding: 0 10px">        <tr class="user-sessions-wrap hide-if-no-js">

</span><span class="cx" style="display: block; padding: 0 10px">                <th>&nbsp;</th>

</span></span></pre></div>

<a id="trunksrcwpadminusernewphp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/user-new.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/user-new.php   2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-admin/user-new.php     2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -190,7 +190,7 @@

</span><span class="cx" style="display: block; padding: 0 10px"> );

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> wp_enqueue_script('wp-ajax-response');

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-wp_enqueue_script('user-profile');

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+wp_enqueue_script( 'user-profile' );

</ins><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> /**

<span class="cx" style="display: block; padding: 0 10px">  * Filter whether to enable user auto-complete for non-super admins in Multisite.

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -355,7 +355,7 @@

</span><span class="cx" style="display: block; padding: 0 10px"> $new_user_email = $creating && isset( $_POST['email'] ) ? wp_unslash( $_POST['email'] ) : '';

</span><span class="cx" style="display: block; padding: 0 10px"> $new_user_uri = $creating && isset( $_POST['url'] ) ? wp_unslash( $_POST['url'] ) : '';

</span><span class="cx" style="display: block; padding: 0 10px"> $new_user_role = $creating && isset( $_POST['role'] ) ? wp_unslash( $_POST['role'] ) : '';

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-$new_user_send_password = $creating && isset( $_POST['send_password'] ) ? wp_unslash( $_POST['send_password'] ) : '';

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+$new_user_send_password = $creating && isset( $_POST['send_password'] ) ? wp_unslash( $_POST['send_password'] ) : true;

</ins><span class="cx" style="display: block; padding: 0 10px"> $new_user_ignore_pass = $creating && isset( $_POST['noconfirmation'] ) ? wp_unslash( $_POST['noconfirmation'] ) : '';

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> ?>

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -390,25 +390,40 @@

<span class="cx" style="display: block; padding: 0 10px">  * @param bool $show Whether to show the password fields. Default true.

</span><span class="cx" style="display: block; padding: 0 10px">  */

</span><span class="cx" style="display: block; padding: 0 10px"> if ( apply_filters( 'show_password_fields', true ) ) : ?>

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        <tr class="form-field form-required">

-               <th scope="row"><label for="pass1"><?php _e('Password'); ?> <span class="description"><?php /* translators: password input field */_e('(required)'); ?></span></label></th>

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <tr class="form-field form-required user-pass1-wrap">

+               <th scope="row">

+                       <label for="pass1">

+                               <?php _e( 'Password' ); ?>

+                               <span class="description hide-if-js"><?php /* translators: password input field */_e( '(required)' ); ?></span>

+                       </label>

+               </th>

</ins><span class="cx" style="display: block; padding: 0 10px">                 <td>

</span><span class="cx" style="display: block; padding: 0 10px">                        <input class="hidden" value=" " /><!-- #24364 workaround -->

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                        <input name="pass1" type="password" id="pass1" autocomplete="off" />

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+                 <button type="button" class="button button-secondary wp-generate-pw hide-if-no-js"><?php _e( 'Show password' ); ?></button>

+                       <div class="wp-pwd hide-if-js">

+                               <?php $initial_password = wp_generate_password( 24 ); ?>

+                               <input type="password" name="pass1" id="pass1" class="regular-text" value="<?php echo esc_attr( $initial_password ); ?>" autocomplete="off" data-reveal="1" data-pw="<?php echo esc_attr( $initial_password ); ?>" />

+                               <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js" data-toggle="0">

+                                       <span class="dashicons dashicons-visibility"></span>

+                                       <span class="text">hide</span>

+                               </button>

+                               <div style="display:none" id="pass-strength-result"></div>

+                       </div>

+                       <p><span class="description"><?php _e( 'A password reset link will be sent to the user via email' ); ?></span></p>

</ins><span class="cx" style="display: block; padding: 0 10px">                 </td>

</span><span class="cx" style="display: block; padding: 0 10px">        </tr>

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        <tr class="form-field form-required">

-               <th scope="row"><label for="pass2"><?php _e('Repeat Password'); ?> <span class="description"><?php /* translators: password input field */_e('(required)'); ?></span></label></th>

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <tr class="form-field form-required user-pass2-wrap hide-if-js">

+               <th scope="row"><label for="pass2"><?php _e( 'Repeat Password' ); ?> <span class="description"><?php /* translators: password input field */_e('(required)'); ?></span></label></th>

</ins><span class="cx" style="display: block; padding: 0 10px">                 <td>

</span><span class="cx" style="display: block; padding: 0 10px">                <input name="pass2" type="password" id="pass2" autocomplete="off" />

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                <br />

-               <div id="pass-strength-result"><?php _e('Strength indicator'); ?></div>

-               <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p>

</del><span class="cx" style="display: block; padding: 0 10px">                 </td>

</span><span class="cx" style="display: block; padding: 0 10px">        </tr>

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        <tr>

-               <th scope="row"><?php _e('Send Password?') ?></th>

-               <td><label for="send_password"><input type="checkbox" name="send_password" id="send_password" value="1" <?php checked( $new_user_send_password ); ?> /> <?php _e('Send this password to the new user by email.'); ?></label></td>

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <tr class="pw-weak">

+               <th><label for="pw-weak"><?php _e( 'Confirm Password' ); ?></label></th>

+               <td>

+                       <input type="checkbox" name="pw-weak" class="pw-checkbox" />

+                       <?php _e( 'Confirm use of weak password' ); ?>

+               </td>

</ins><span class="cx" style="display: block; padding: 0 10px">         </tr>

</span><span class="cx" style="display: block; padding: 0 10px"> <?php endif; ?>

</span><span class="cx" style="display: block; padding: 0 10px"> <?php } // !is_multisite ?>

</span></span></pre></div>

<a id="trunksrcwpincludesdefaultconstantsphp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/default-constants.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/default-constants.php       2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-includes/default-constants.php 2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -92,6 +92,9 @@

</span><span class="cx" style="display: block; padding: 0 10px">        if ( !defined('SHORTINIT') )

</span><span class="cx" style="display: block; padding: 0 10px">                define('SHORTINIT', false);

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+        // Constants for features added to WP that should short-circuit their plugin implementations

+       define( 'WP_FEATURE_BETTER_PASSWORDS', true );

+

</ins><span class="cx" style="display: block; padding: 0 10px">         // Constants for expressing human-readable intervals

<span class="cx" style="display: block; padding: 0 10px">        // in their respective number of seconds.

</span><span class="cx" style="display: block; padding: 0 10px">        define( 'MINUTE_IN_SECONDS', 60 );

</span></span></pre></div>

<a id="trunksrcwpincludespluggablephp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/pluggable.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/pluggable.php       2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-includes/pluggable.php 2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1690,9 +1690,9 @@

</span><span class="cx" style="display: block; padding: 0 10px">  * @since 2.0.0

</span><span class="cx" style="display: block; padding: 0 10px">  *

<span class="cx" style="display: block; padding: 0 10px">  * @param int    $user_id        User ID.

<del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- * @param string $plaintext_pass Optional. The user's plaintext password. Default empty.

</del><span class="cx" style="display: block; padding: 0 10px">  */

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-function wp_new_user_notification($user_id, $plaintext_pass = '') {

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+function wp_new_user_notification($user_id) {

+       global $wpdb;

</ins><span class="cx" style="display: block; padding: 0 10px">         $user = get_userdata( $user_id );

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px">        // The blogname option is escaped with esc_html on the way into the database in sanitize_option

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1705,14 +1705,26 @@

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px">        @wp_mail(get_option('admin_email'), sprintf(__('[%s] New User Registration'), $blogname), $message);

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        if ( empty($plaintext_pass) )

-               return;

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ // Generate something random for a password reset key.

+       $key = wp_generate_password( 20, false );

</ins><span class="cx" style="display: block; padding: 0 10px"> 

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        $message  = sprintf(__('Username: %s'), $user->user_login) . "\r\n";

-       $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ do_action( 'retrieve_password_key', $user->user_login, $key );

+

+       // Now insert the key, hashed, into the DB.

+       if ( empty( $wp_hasher ) ) {

+               require_once ABSPATH . WPINC . '/class-phpass.php';

+               $wp_hasher = new PasswordHash( 8, true );

+       }

+       $hashed = time() . ':' . $wp_hasher->HashPassword( $key );

+       $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user->user_login ) );

+

+       $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n\r\n";

+       $message .= __('To set your password, visit the following address:') . "\r\n\r\n";

+       $message .= '<' . network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user->user_login), 'login') . ">\r\n\r\n";

+

</ins><span class="cx" style="display: block; padding: 0 10px">         $message .= wp_login_url() . "\r\n";

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        wp_mail($user->user_email, sprintf(__('[%s] Your username and password'), $blogname), $message);

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ wp_mail($user->user_email, sprintf(__('[%s] Your username and password info'), $blogname), $message);

</ins><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span><span class="cx" style="display: block; padding: 0 10px"> endif;

</span></span></pre></div>

<a id="trunksrcwpincludesscriptloaderphp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/script-loader.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/script-loader.php   2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-includes/script-loader.php     2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -365,7 +365,7 @@

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px">        $scripts->add( 'password-strength-meter', "/wp-admin/js/password-strength-meter$suffix.js", array( 'jquery', 'zxcvbn-async' ), false, 1 );

</span><span class="cx" style="display: block; padding: 0 10px">        did_action( 'init' ) && $scripts->localize( 'password-strength-meter', 'pwsL10n', array(

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-                'empty' => __('Strength indicator'),

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+         'empty' => __('&nbsp;'),

</ins><span class="cx" style="display: block; padding: 0 10px">                 'short' => __('Very weak'),

</span><span class="cx" style="display: block; padding: 0 10px">                'bad' => __('Weak'),

</span><span class="cx" style="display: block; padding: 0 10px">                /* translators: password strength */

</span></span></pre></div>

<a id="trunksrcwpincludesuserphp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/user.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/user.php    2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-includes/user.php      2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2409,7 +2409,7 @@

<span class="cx" style="display: block; padding: 0 10px">  * @return string The password hint text.

</span><span class="cx" style="display: block; padding: 0 10px">  */

</span><span class="cx" style="display: block; padding: 0 10px"> function wp_get_password_hint() {

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        $hint = __( 'Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ &amp; ).' );

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $hint = __( 'Hint: The password should be at least twelve characters long. To make it stronger, use upper and lower case letters, numbers, and symbols like ! " ? $ % ^ &amp; ).' );

</ins><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px">        /**

<span class="cx" style="display: block; padding: 0 10px">         * Filter the text describing the site's password complexity policy.

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2615,7 +2615,7 @@

</span><span class="cx" style="display: block; padding: 0 10px"> 

<span class="cx" style="display: block; padding: 0 10px">        update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        wp_new_user_notification( $user_id, $user_pass );

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ wp_new_user_notification( $user_id );

</ins><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px">        return $user_id;

</span><span class="cx" style="display: block; padding: 0 10px"> }

</span></span></pre></div>

<a id="trunksrcwploginphp"></a>

<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-login.php</h4>

<pre class="diff"><span>

<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-login.php    2015-07-01 12:53:05 UTC (rev 33022)

+++ trunk/src/wp-login.php      2015-07-01 14:47:24 UTC (rev 33023)

</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -652,13 +652,15 @@

</span><span class="cx" style="display: block; padding: 0 10px"> <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off">

</span><span class="cx" style="display: block; padding: 0 10px">        <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" />

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        <p>

-               <label for="pass1"><?php _e('New password') ?><br />

-               <input type="password" name="pass1" id="pass1" class="input" size="20" value="" autocomplete="off" /></label>

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p class="user-pass1-wrap">

+               <label for="pass1"><?php _e('New password') ?></label><br />

+               <div class="wp-pwd">

+                       <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 24 ) ); ?>" name="pass1" id="pass1" class="input" size="20" value="" autocomplete="off" />

+               </div>

</ins><span class="cx" style="display: block; padding: 0 10px">         </p>

</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-        <p>

-               <label for="pass2"><?php _e('Confirm new password') ?><br />

-               <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" /></label>

</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p class="user-pass2-wrap">

+               <label for="pass2"><?php _e('Confirm new password') ?></label><br />

+               <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" />

</ins><span class="cx" style="display: block; padding: 0 10px">         </p>

</span><span class="cx" style="display: block; padding: 0 10px"> 

</span><span class="cx" style="display: block; padding: 0 10px">        <div id="pass-strength-result" class="hide-if-no-js"><?php _e('Strength indicator'); ?></div>

</span></span></pre>

</div>

</div>

</body>

</html>