Ticket #2244: 2244.casesensitive.diff
File 2244.casesensitive.diff, 1.2 KB (added by , 16 years ago) |
---|
-
wp-includes/pluggable.php
281 281 282 282 $username = sanitize_user($username); 283 283 284 if ( '' == $username)284 if ( empty($username) || empty($password) ) 285 285 return false; 286 286 287 if ( '' == $password ) {288 $error = __('<strong>ERROR</strong>: The password field is empty.');289 return false;290 }291 292 287 $login = get_userdatabylogin($username); 293 //$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'");294 288 295 if ( !$login) {289 if ( ! $login || $login->user_login != $username) { 296 290 $error = __('<strong>ERROR</strong>: Invalid username.'); 297 291 return false; 298 292 } else { 299 293 // If the password is already_md5, it has been double hashed. 300 294 // Otherwise, it is plain text. 301 if ( ($already_md5 && md5($login->user_pass) == $password) || ($login->user_login == $username && $login->user_pass == md5($password)) ) {295 if ( ($already_md5 && md5($login->user_pass) == $password) || $login->user_pass == md5($password) ) { 302 296 return true; 303 297 } else { 304 298 $error = __('<strong>ERROR</strong>: Incorrect password.'); 305 $pwd = '';306 299 return false; 307 300 } 308 301 }