Ticket #12142: 12142.diff
File 12142.diff, 3.0 KB (added by , 15 years ago) |
---|
-
wp-login.php
520 520 $redirect_to = admin_url(); 521 521 } 522 522 523 $reauth = empty($_REQUEST['reauth']) ? false : true; 524 523 525 // If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure 524 526 // cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting 525 527 // the admin via http or https. … … 530 532 531 533 $redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user); 532 534 533 if ( !is_wp_error($user) ) {535 if ( !is_wp_error($user) && !$reauth ) { 534 536 if ( $interim_login ) { 535 537 $message = '<p class="message">' . __('You have logged in successfully.') . '</p>'; 536 538 login_header( '', $message ); ?> … … 549 551 550 552 $errors = $user; 551 553 // Clear errors if loggedout is set. 552 if ( !empty($_GET['loggedout']) )554 if ( !empty($_GET['loggedout']) || $reauth ) 553 555 $errors = new WP_Error(); 554 556 555 557 // If cookies are disabled we can't log in even with a valid user+pass … … 570 572 elseif ( $interim_login ) 571 573 $errors->add('expired', __('Your session has expired. Please log-in again.'), 'message'); 572 574 575 // Clear any stale cookies. 576 if ( $reauth ) 577 wp_clear_auth_cookie(); 578 573 579 login_header(__('Log In'), '', $errors); 574 580 575 581 if ( isset($_POST['log']) ) -
wp-includes/general-template.php
228 228 * @uses apply_filters() calls 'login_url' hook on final login url 229 229 * 230 230 * @param string $redirect Path to redirect to on login. 231 * @param bool $force_reauth Whether to force reauthorization, even if a cookie is present. Default is false. 232 * @return string A log in url 231 233 */ 232 function wp_login_url($redirect = '' ) {234 function wp_login_url($redirect = '', $force_reauth = false) { 233 235 $login_url = site_url('wp-login.php', 'login'); 234 236 235 if ( !empty($redirect) ) {237 if ( !empty($redirect) ) 236 238 $login_url = add_query_arg('redirect_to', urlencode($redirect), $login_url); 237 }238 239 240 if ( $force_reauth ) 241 $login_url = add_query_arg('reauth', '1', $login_url); 242 239 243 return apply_filters('login_url', $login_url, $redirect); 240 244 } 241 245 -
wp-includes/pluggable.php
799 799 800 800 $redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 801 801 802 $login_url = wp_login_url($redirect );802 $login_url = wp_login_url($redirect, true); 803 803 804 804 wp_redirect($login_url); 805 805 exit();