Ticket #26148: 26148.2.patch

src/wp-includes/user.php

@@ -20 +20 @@
  *
  * @param array $credentials Optional. User info in order to sign on.
  * @param bool $secure_cookie Optional. Whether to use secure cookie.
- * @return object Either WP_Error on failure, or WP_User on success.
+ * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
  */
-function wp_signon( $credentials = '', $secure_cookie = '' ) {
+function wp_signon( $credentials = array(), $secure_cookie = '' ) {
         if ( empty($credentials) ) {
                 if ( ! empty($_POST['log']) )
                         $credentials['user_login'] = $_POST['log'];
@@ -37 +37 @@
         else
                 $credentials['remember'] = false;
 
-        // TODO do we deprecate the wp_authentication action?
         /**
          * Fires before the user is authenticated.
          *
@@ -101 +100 @@
 
 /**
  * Authenticate the user using the username and password.
+ *
+ * @since 2.8.0
+ *
+ * @param WP_User|WP_Error|null $user     WP_User or WP_Error object from a previous callback. Default null.
+ * @param string                $username Username for authentication.
+ * @param string                $password Password for authentication.
+ * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
  */
-add_filter('authenticate', 'wp_authenticate_username_password', 20, 3);
-function wp_authenticate_username_password($user, $username, $password) {
-        if ( is_a($user, 'WP_User') ) { return $user; }
+function wp_authenticate_username_password( $user, $username, $password ) {
+        if ( is_a( $user, 'WP_User' ) ) {
+                return $user;
+        }
 
         if ( empty($username) || empty($password) ) {
                 if ( is_wp_error( $user ) )
@@ -148 +155 @@
 
 /**
  * Authenticate the user using the WordPress auth cookie.
+ *
+ * @since 2.8.0
+ *
+ * @param WP_User|WP_Error|null $user     WP_User or WP_Error object from a previous callback. Default null.
+ * @param string                $username Username. If passed, cancels the cookie authentication.
+ * @param string                $password Password. If passed, cancels the cookie authentication.
+ * @return WP_User|WP_Error WP_User on success, WP_Error on failure.
  */
-function wp_authenticate_cookie($user, $username, $password) {
-        if ( is_a($user, 'WP_User') ) { return $user; }
+function wp_authenticate_cookie( $user, $username, $password ) {
+        if ( is_a( $user, 'WP_User' ) ) {
+                return $user;
+        }
 
         if ( empty($username) && empty($password) ) {
                 $user_id = wp_validate_auth_cookie();
@@ -178 +194 @@
  * spammer, or if the user's primary blog has been marked as spam.
  *
  * @since 3.7.0
+ *
+ * @param WP_User|WP_Error|null $user WP_User or WP_Error object from a previous callback. Default null.
+ * @return WP_User|WP_Error WP_User on success, WP_Error if the user is considered a spammer.
  */
 function wp_authenticate_spam_check( $user ) {
         if ( $user && is_a( $user, 'WP_User' ) && is_multisite() ) {
@@ -201 +220 @@
  * Number of posts user has written.
  *
  * @since 3.0.0
- * @uses $wpdb WordPress database object for queries.
+ * @global $wpdb WordPress database object for queries.
  *
  * @param int $userid User ID.
  * @return int Amount of posts user has written.
@@ -288 +307 @@
  * The option will first check for the per site name and then the per Network name.
  *
  * @since 2.0.0
- * @uses $wpdb WordPress database object for queries.
+ * @global $wpdb WordPress database object for queries.
  * @uses apply_filters() Calls 'get_user_option_$option' hook with result,
  *              option parameter, and user data object.
  *
@@ -295 +314 @@
  * @param string $option User option name.
  * @param int $user Optional. User ID.
  * @param bool $deprecated Use get_option() to check for an option in the options table.
- * @return mixed
+ * @return mixed User option value on success, false on failure.
  */
 function get_user_option( $option, $user = 0, $deprecated = '' ) {
         global $wpdb;
@@ -341 +360 @@
  * Deletes the user option if $newvalue is empty.
  *
  * @since 2.0.0
- * @uses $wpdb WordPress database object for queries
+ * @global $wpdb WordPress database object for queries.
  *
- * @param int $user_id User ID
+ * @param int $user_id User ID.
  * @param string $option_name User option name.
  * @param mixed $newvalue User option value.
  * @param bool $global Optional. Whether option name is global or blog specific. Default false (blog specific).
- * @return unknown
+ * @return int|bool User meta ID if the key didn't exist, true on successful update, false on failure.
  */
 function update_user_option( $user_id, $option_name, $newvalue, $global = false ) {
         global $wpdb;
@@ -366 +385 @@
  * it will prepend the WordPress table prefix to the option name.
  *
  * @since 3.0.0
- * @uses $wpdb WordPress database object for queries
+ * @global $wpdb WordPress database object for queries
  *
  * @param int $user_id User ID
  * @param string $option_name User option name.
  * @param bool $global Optional. Whether option name is global or blog specific. Default false (blog specific).
- * @return unknown
+ * @return bool True on success, false on failure.
  */
 function delete_user_option( $user_id, $option_name, $global = false ) {
         global $wpdb;
@@ -423 +442 @@
         var $query_limit;
 
         /**
-         * PHP5 constructor
+         * PHP5 constructor.
          *
          * @since 3.1.0
          *
-         * @param string|array $args The query variables
+         * @param string|array $args Optional. The query variables.
          * @return WP_User_Query
          */
         function __construct( $query = null ) {
@@ -438 +457 @@
         }
 
         /**
-         * Prepare the query variables
+         * Prepare the query variables.
          *
          * @since 3.1.0
          *
-         * @param string|array $args The query variables
+         * @param string|array $args Optional. The query variables.
          */
         function prepare_query( $query = array() ) {
                 global $wpdb;
@@ -650 +669 @@
         }
 
         /**
-         * Execute the query, with the current variables
+         * Execute the query, with the current variables.
          *
          * @since 3.1.0
+         * @global $wpdb WordPress database object for queries.
          */
         function query() {
                 global $wpdb;
@@ -755 +775 @@
         }
 
         /**
-         * Return the list of users
+         * Return the list of users.
          *
          * @since 3.1.0
          * @access public
@@ -767 +787 @@
         }
 
         /**
-         * Return the total number of users for the current query
+         * Return the total number of users for the current query.
          *
          * @since 3.1.0
          * @access public
@@ -783 +803 @@
  * Retrieve list of users matching criteria.
  *
  * @since 3.1.0
- * @uses $wpdb
  * @uses WP_User_Query See for default arguments and information.
  *
  * @param array $args Optional.
@@ -803 +822 @@
  * Get the blogs a user belongs to.
  *
  * @since 3.0.0
+ * @global $wpdb WordPress database object for queries.
  *
  * @param int $user_id User ID
  * @param bool $all Whether to retrieve all blogs, or only blogs that are not marked as deleted, archived, or spam.
@@ -1151 +1171 @@
  * </ol>
  *
  * @since 2.3.0
- * @uses $wpdb WordPress database object for queries
+ * @global $wpdb WordPress database object for queries.
  *
  * @param string|array $args Optional. Override defaults.
  * @return string|null Null on display. String of HTML content on retrieve.
@@ -1390 +1410 @@
  * Checks whether the given email exists.
  *
  * @since 2.1.0
- * @uses $wpdb
  *
  * @param string $email Email.
  * @return bool|int The user's ID on success, and false on failure.
@@ -1457 +1476 @@
  * 'yim' - User's Yahoo IM account.
  *
  * @since 2.0.0
- * @uses $wpdb WordPress database layer.
+ * @global $wpdb WordPress database object for queries.
  * @uses apply_filters() Calls filters for most of the $userdata fields with the prefix 'pre_user'. See note above.
  * @uses do_action() Calls 'profile_update' hook when updating giving the user's ID
  * @uses do_action() Calls 'user_register' hook when creating a new user giving the user's ID
@@ -1838 +1857 @@
  * hashing process. This field is now hashed; old values are no longer accepted
  * but have a different WP_Error code so good user feedback can be provided.
  *
- * @uses $wpdb WordPress Database object
+ * @global $wpdb WordPress database object for queries.
  *
  * @param string $key       Hash to validate sending user's password.
  * @param string $login     The user login.