WordPress.org

Make WordPress Core

Ticket #1239: wp-login.php.diff

File wp-login.php.diff, 1.2 KB (added by error, 9 years ago)
  • wp-login.php

     
    2323case 'logout': 
    2424 
    2525        wp_clearcookie(); 
    26         do_action('wp_logout'); 
     26        // do_action('wp_logout');       No plugins are loaded... so this is absolutely useless 
    2727        header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); 
    2828        header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); 
    2929        header('Cache-Control: no-cache, must-revalidate, max-age=0'); 
    3030        header('Pragma: no-cache'); 
    31         wp_redirect('wp-login.php'); 
     31         
     32        $redirect_to = 'wp-login.php'; 
     33        if ( isset($_REQUEST['redirect_to']) ) 
     34                $redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_REQUEST['redirect_to']); 
     35                         
     36        wp_redirect($redirect_to); 
    3237        exit(); 
    3338 
    3439break; 
     
    182187 
    183188        if ($user_login && $user_pass) { 
    184189                $user = get_userdatabylogin($user_login); 
    185                 if ( 0 == $user->user_level ) 
     190                if ( 0 == $user->user_level && (empty($_REQUEST['redirect_to']) || $_REQUEST['redirect_to'] == 'wp-admin/') ) 
    186191                        $redirect_to = get_settings('siteurl') . '/wp-admin/profile.php'; 
    187192 
    188193                if ( wp_login($user_login, $user_pass, $using_cookie) ) {