commit 06e9441321598fa49519c507b659985cb1c3c741
Author: Varun Agrawal <Varun@VarunAgw.com>
Date: Thu Feb 6 05:23:40 2014 +0530
Fixed bug #25802. Unexpected redirect if you try to visit non-existant wp-admin (Multisite)
diff --git wp-admin/admin.php wp-admin/admin.php
index a617d11..2c5f5da 100644
|
|
|
if ( isset($_GET['import']) && !defined('WP_LOAD_IMPORTERS') ) |
| 29 | 29 | |
| 30 | 30 | require_once(dirname(dirname(__FILE__)) . '/wp-load.php'); |
| 31 | 31 | |
| | 32 | |
| | 33 | if ( $path <> $current_blog->path ) { |
| | 34 | header( 'Location: /', 301); |
| | 35 | die; |
| | 36 | } |
| | 37 | |
| 32 | 38 | nocache_headers(); |
| 33 | 39 | |
| 34 | 40 | if ( get_option('db_upgraded') ) { |
diff --git wp-login.php wp-login.php
index 268d2b3..ddee1b2 100644
|
|
|
function retrieve_password() { |
| 271 | 271 | global $wpdb, $wp_hasher; |
| 272 | 272 | |
| 273 | 273 | $errors = new WP_Error(); |
| | 274 | $current_time = time(); |
| 274 | 275 | |
| 275 | 276 | if ( empty( $_POST['user_login'] ) ) { |
| 276 | 277 | $errors->add('empty_username', __('<strong>ERROR</strong>: Enter a username or e-mail address.')); |
| … |
… |
function retrieve_password() { |
| 283 | 284 | $user_data = get_user_by('login', $login); |
| 284 | 285 | } |
| 285 | 286 | |
| | 287 | // Check if more than 5 password reset requests are made within 24 hours |
| | 288 | $user_pass_requests = get_user_meta($user_data->ID, 'pass_requests', TRUE ); |
| | 289 | |
| | 290 | if ( empty( $user_pass_requests ) || is_null( $user_pass_requests ) || !is_array( $user_pass_requests ) ) |
| | 291 | $user_pass_requests = array( 'count' => 0, 'recent' => 0 ); |
| | 292 | |
| | 293 | if ( ( $user_pass_requests['count'] >= 5 ) && ( $current_time - $user_pass_requests['recent'] < 86400 ) ) |
| | 294 | $errors->add('request_exceeds', __('<strong>ERROR</strong>: You have exceeded password reset requests allowed in a today. Please try again after 24 hours')); |
| | 295 | |
| 286 | 296 | /** |
| 287 | 297 | * Fires before errors are returned from a password reset request. |
| 288 | 298 | * |
| … |
… |
function retrieve_password() { |
| 356 | 366 | $hashed = $wp_hasher->HashPassword( $key ); |
| 357 | 367 | $wpdb->update( $wpdb->users, array( 'user_activation_key' => $hashed ), array( 'user_login' => $user_login ) ); |
| 358 | 368 | |
| | 369 | $user_pass_requests['count'] += 1; |
| | 370 | if ( $user_pass_requests['recent'] == 0 ) |
| | 371 | $user_pass_requests['recent'] = $current_time; |
| | 372 | update_user_meta( $user_data->ID, 'pass_requests', $user_pass_requests ); |
| | 373 | |
| 359 | 374 | $message = __('Someone requested that the password be reset for the following account:') . "\r\n\r\n"; |
| 360 | 375 | $message .= network_home_url( '/' ) . "\r\n\r\n"; |
| 361 | 376 | $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; |
| … |
… |
case 'rp' : |
| 595 | 610 | exit; |
| 596 | 611 | } |
| 597 | 612 | |
| | 613 | update_user_meta( $user->ID, 'pass_requests', array( 'count' => 0, 'recent' => 0 ) ); |
| | 614 | |
| 598 | 615 | wp_enqueue_script('utils'); |
| 599 | 616 | wp_enqueue_script('user-profile'); |
| 600 | 617 | |