WordPress.org

Make WordPress Core

Ticket #1239: wp-login.php.diff

File wp-login.php.diff, 1.2 KB (added by error, 13 years ago)
  • wp-login.php

     
    2323case 'logout':
    2424
    2525        wp_clearcookie();
    26         do_action('wp_logout');
     26        // do_action('wp_logout');       No plugins are loaded... so this is absolutely useless
    2727        header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
    2828        header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
    2929        header('Cache-Control: no-cache, must-revalidate, max-age=0');
    3030        header('Pragma: no-cache');
    31         wp_redirect('wp-login.php');
     31       
     32        $redirect_to = 'wp-login.php';
     33        if ( isset($_REQUEST['redirect_to']) )
     34                $redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_REQUEST['redirect_to']);
     35                       
     36        wp_redirect($redirect_to);
    3237        exit();
    3338
    3439break;
     
    182187
    183188        if ($user_login && $user_pass) {
    184189                $user = get_userdatabylogin($user_login);
    185                 if ( 0 == $user->user_level )
     190                if ( 0 == $user->user_level && (empty($_REQUEST['redirect_to']) || $_REQUEST['redirect_to'] == 'wp-admin/') )
    186191                        $redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
    187192
    188193                if ( wp_login($user_login, $user_pass, $using_cookie) ) {