Ticket #25393: wp-login-5.diff
| File wp-login-5.diff, 15.9 KB (added by , 13 years ago) |
|---|
-
wp-login.php
52 52 53 53 // Shake it! 54 54 $shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' ); 55 /** 56 * Filter the error codes array for shaking the login form. 57 * 58 * @since 3.0.0 59 * 60 * @param array $shake_error_codes Error codes that shake the login form. 61 */ 55 62 $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes ); 56 63 57 64 if ( $shake_error_codes && $wp_error->get_error_code() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) … … 76 83 <?php 77 84 } 78 85 86 /** 87 * Fires at the time of enqueueing scripts and styles on the login page. 88 * 89 * The proper hook to use when enqueueing scripts and styles that will appear on the login page. 90 * 91 * @since 3.1.0 92 */ 79 93 do_action( 'login_enqueue_scripts' ); 94 /** 95 * Fires before </head> on the login page. 96 * 97 * @since 2.1.0 98 */ 80 99 do_action( 'login_head' ); 81 100 82 101 if ( is_multisite() ) { … … 87 106 $login_header_title = __( 'Powered by WordPress' ); 88 107 } 89 108 90 $login_header_url = apply_filters( 'login_headerurl', $login_header_url ); 109 /** 110 * Filter link URL of the header logo above login form. 111 * 112 * @since 2.1.0 113 * 114 * @param string $login_header_url Default URL. 115 */ 116 $login_header_url = apply_filters( 'login_headerurl', $login_header_url ); 117 /** 118 * Filter the title of the header logo above login form. 119 * 120 * @since 2.1.0 121 * 122 * @param string $login_header_title Default title. 123 */ 91 124 $login_header_title = apply_filters( 'login_headertitle', $login_header_title ); 92 125 93 126 $classes = array( 'login-action-' . $action, 'wp-core-ui' ); … … 105 138 $classes[] = 'interim-login-success'; 106 139 } 107 140 141 /** 142 * Filter the classes of login page <body> tag. 143 * 144 * @since 3.5.0 145 * 146 * @param array $classes Classes to be added to the <body>. 147 * @param string $action The action user took before coming to the login page. 148 */ 108 149 $classes = apply_filters( 'login_body_class', $classes, $action ); 109 150 110 151 ?> … … 116 157 117 158 unset( $login_header_url, $login_header_title ); 118 159 119 $message = apply_filters('login_message', $message); 160 /** 161 * Filter the message to display above the login form. 162 * 163 * @since 2.1.0 164 * 165 * @param string $message Default message text. 166 */ 167 $message = apply_filters( 'login_message', $message ); 120 168 if ( !empty( $message ) ) 121 169 echo $message . "\n"; 122 170 … … 139 187 } 140 188 } 141 189 if ( !empty($errors) ) 142 echo '<div id="login_error">' . apply_filters('login_errors', $errors) . "</div>\n"; 190 /** 191 * Filter the error message above the login form. 192 * 193 * @since 2.1.0 194 * 195 * @param string $errors Error message. 196 */ 197 echo '<div id="login_error">' . apply_filters( 'login_errors', $errors ) . "</div>\n"; 143 198 if ( !empty($messages) ) 144 echo '<p class="message">' . apply_filters('login_messages', $messages) . "</p>\n"; 199 /** 200 * Filter the login message above the login form. 201 * 202 * @since 2.5.0 203 * 204 * @param string $messages Login message. 205 */ 206 echo '<p class="message">' . apply_filters( 'login_messages', $messages ) . "</p>\n"; 145 207 } 146 208 } // End of login_header() 147 209 … … 167 229 </script> 168 230 <?php endif; ?> 169 231 170 <?php do_action('login_footer'); ?> 232 <?php 233 /** 234 * Fires at the end of the login page HTML. 235 * 236 * @since 3.1.0 237 */ 238 do_action( 'login_footer' ); ?> 171 239 <div class="clear"></div> 172 240 </body> 173 241 </html> … … 199 267 * 200 268 * @uses $wpdb WordPress Database object 201 269 * 202 * @return bool|WP_Error True: when finish . WP_Error on error270 * @return bool|WP_Error True: when finished. WP_Error on error. 203 271 */ 204 272 function retrieve_password() { 205 273 global $wpdb, $current_site; … … 217 285 $user_data = get_user_by('login', $login); 218 286 } 219 287 220 do_action('lostpassword_post'); 288 /** 289 * Fires before returning WP Error in password retrieval process. 290 * 291 * @since 2.1.0 292 */ 293 do_action( 'lostpassword_post' ); 221 294 222 295 if ( $errors->get_error_code() ) 223 296 return $errors; … … 231 304 $user_login = $user_data->user_login; 232 305 $user_email = $user_data->user_email; 233 306 234 do_action('retreive_password', $user_login); // Misspelled and deprecated 235 do_action('retrieve_password', $user_login); 307 /** 308 * Fires within the password retrieval process. 309 * 310 * Misspelled and deprecated 311 * 312 * @since 1.5.2 313 * 314 * @param string $user_login User name to login. 315 */ 316 do_action( 'retreive_password', $user_login ); 317 /** 318 * Fires within the password retrieval process. 319 * 320 * @since 1.5.2 321 * 322 * @param string $user_login User name to login. 323 */ 324 do_action( 'retrieve_password', $user_login ); 236 325 237 $allow = apply_filters('allow_password_reset', true, $user_data->ID); 326 /** 327 * Filter password reset restriction condition boolean to disallow password reset. 328 * 329 * @since 2.7.0 330 * 331 * @param boolean Allow/Disallow user to reset password, true as default. 332 * @param int $user_data->ID The ID of the user who is retrieving new password. 333 */ 334 $allow = apply_filters( 'allow_password_reset', true, $user_data->ID ); 238 335 239 336 if ( ! $allow ) 240 337 return new WP_Error('no_password_reset', __('Password reset is not allowed for this user')); … … 245 342 if ( empty($key) ) { 246 343 // Generate something random for a key... 247 344 $key = wp_generate_password(20, false); 248 do_action('retrieve_password_key', $user_login, $key); 345 /** 346 * Fires before inserting the activation key into database. 347 * 348 * @since 2.5.0 349 * 350 * @param string $user_login User name to login. 351 * @param string $key Activation key. 352 */ 353 do_action( 'retrieve_password_key', $user_login, $key ); 249 354 // Now insert the new md5 key into the db 250 355 $wpdb->update($wpdb->users, array('user_activation_key' => $key), array('user_login' => $user_login)); 251 356 } … … 265 370 266 371 $title = sprintf( __('[%s] Password Reset'), $blogname ); 267 372 268 $title = apply_filters('retrieve_password_title', $title); 269 $message = apply_filters('retrieve_password_message', $message, $key); 373 /** 374 * Filter title of the password reset email. 375 * 376 * @since 2.8.0 377 * 378 * @param string $title Default email title. 379 */ 380 $title = apply_filters( 'retrieve_password_title', $title ); 381 /** 382 * Filter body message of the password reset mail. 383 * 384 * @since 2.8.0 385 * 386 * @param string $message Default mail message. 387 * @param string $key The activation key. 388 */ 389 $message = apply_filters( 'retrieve_password_message', $message, $key ); 270 390 271 391 if ( $message && !wp_mail($user_email, $title, $message) ) 272 392 wp_die( __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function.') ); … … 306 426 if ( SITECOOKIEPATH != COOKIEPATH ) 307 427 setcookie(TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN); 308 428 309 // allow plugins to override the default actions, and to add extra actions if they want 429 /** 430 * Fires before running the actions such as showing forms and logout etc. 431 * 432 * Allow plugins to override the default actions, and add extra actions if they want. 433 * 434 * @since 3.2.0 435 * 436 */ 310 437 do_action( 'login_init' ); 438 /** 439 * Fires before running the actions such as showing forms and logout etc. depending on the $action. 440 * 441 * @since 2.8.0 442 * 443 */ 311 444 do_action( 'login_form_' . $action ); 312 445 313 446 $http_post = ('POST' == $_SERVER['REQUEST_METHOD']); … … 326 459 * To turn this into a session cookie, return 0. 327 460 * 328 461 * @since 3.7.0 462 * 329 463 * @param int $expires The expiry time, as passed to setcookie(). 330 464 */ 331 465 $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS ); … … 359 493 } 360 494 361 495 if ( isset($_GET['error']) && 'invalidkey' == $_GET['error'] ) $errors->add('invalidkey', __('Sorry, that key does not appear to be valid.')); 362 $redirect_to = apply_filters( 'lostpassword_redirect', !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '' ); 496 497 $lostpassword_redirect = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; 498 /** 499 * Filter the redirect URL after submitting the lostpassword/retrievepassword form. 500 * 501 * @since 3.0.0 502 * 503 * @param string $lostpassword_redirect The redirect destination URL. 504 */ 505 $redirect_to = apply_filters( 'lostpassword_redirect', $lostpassword_redirect ); 363 506 364 do_action('lost_password'); 507 /** 508 * Fires before the lost password and retrieve password form. 509 * 510 * @since 1.5.2 511 */ 512 do_action( 'lost_password' ); 365 513 login_header(__('Lost Password'), '<p class="message">' . __('Please enter your username or email address. You will receive a link to create a new password via email.') . '</p>', $errors); 366 514 367 515 $user_login = isset($_POST['user_login']) ? wp_unslash($_POST['user_login']) : ''; … … 373 521 <label for="user_login" ><?php _e('Username or E-mail:') ?><br /> 374 522 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label> 375 523 </p> 376 <?php do_action('lostpassword_form'); ?> 524 <?php 525 /** 526 * Fires in the lostpassword form before the hidden fields. 527 * 528 * @since 2.1.0 529 */ 530 do_action( 'lostpassword_form' ); ?> 377 531 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 378 532 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e('Get New Password'); ?>" /></p> 379 533 </form> … … 380 534 381 535 <p id="nav"> 382 536 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e('Log in') ?></a> 383 <?php if ( get_option( 'users_can_register' ) ) : ?> 384 | <?php echo apply_filters( 'register', sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ) ); ?> 385 <?php endif; ?> 537 <?php if ( get_option( 'users_can_register' ) ) : 538 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 539 /** 540 * Filter the register link text below the login form. 541 * 542 * @since 1.5.2 543 * 544 * @param string $registration_url Register link text. 545 */ 546 echo ' | ' . apply_filters( 'register', $registration_url ); 547 endif; ?> 386 548 </p> 387 549 388 550 <?php … … 403 565 if ( isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2'] ) 404 566 $errors->add( 'password_reset_mismatch', __( 'The passwords do not match.' ) ); 405 567 568 /** 569 * Fires before the validation in the password reset procedure. 570 * 571 * @since 3.5.0 572 * 573 * @param object $errors WP Error object. 574 * @param string $user User data. 575 */ 406 576 do_action( 'validate_password_reset', $errors, $user ); 407 577 408 578 if ( ( ! $errors->get_error_code() ) && isset( $_POST['pass1'] ) && !empty( $_POST['pass1'] ) ) { … … 439 609 440 610 <p id="nav"> 441 611 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 442 <?php if ( get_option( 'users_can_register' ) ) : ?> 443 | <?php echo apply_filters( 'register', sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ) ); ?> 444 <?php endif; ?> 612 <?php if ( get_option( 'users_can_register' ) ) : 613 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 614 //duplicate_hook 615 echo ' | ' . apply_filters( 'register', $registration_url ); 616 endif; ?> 445 617 </p> 446 618 447 619 <?php … … 450 622 451 623 case 'register' : 452 624 if ( is_multisite() ) { 453 // Multisite uses wp-signup.php 625 /** 626 * Filter the redirect destination URL for Multisite. 627 * 628 * @since 3.0.0 629 * 630 * @param string Signup URL for Multisite. 631 */ 454 632 wp_redirect( apply_filters( 'wp_signup_location', network_site_url('wp-signup.php') ) ); 455 633 exit; 456 634 } … … 473 651 } 474 652 } 475 653 654 /** 655 * Filter the redirect destination URL after user registration. 656 * 657 * @since 3.0.0 658 * 659 * @param string The redirect destination URL. 660 */ 476 661 $redirect_to = apply_filters( 'registration_redirect', !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '' ); 477 662 login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors); 478 663 ?> … … 486 671 <label for="user_email"><?php _e('E-mail') ?><br /> 487 672 <input type="text" name="user_email" id="user_email" class="input" value="<?php echo esc_attr(wp_unslash($user_email)); ?>" size="25" /></label> 488 673 </p> 489 <?php do_action('register_form'); ?> 674 <?php 675 /** 676 * Fires in the registration form to add extra inputs. 677 * 678 * @since 2.1.0 679 */ 680 do_action( 'register_form' ); ?> 490 681 <p id="reg_passmail"><?php _e('A password will be e-mailed to you.') ?></p> 491 682 <br class="clear" /> 492 683 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> … … 543 734 else 544 735 $user = wp_signon('', $secure_cookie); 545 736 546 $redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user); 737 $requested_redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; 738 /** 739 * Filtering the redirect URL after login. 740 * 741 * @since 3.0.0 742 * 743 * @param string $redirect_to The redirect destination URL. 744 * @param string $requested_redirect_to The redirect destination URL passed as a parameter. 745 * @param object $user User data object. 746 */ 747 $redirect_to = apply_filters( 'login_redirect', $redirect_to, $requested_redirect_to, $user ); 547 748 548 749 if ( !is_wp_error($user) && !$reauth ) { 549 750 if ( $interim_login ) { … … 551 752 $interim_login = 'success'; 552 753 login_header( '', $message ); ?> 553 754 </div> 554 <?php do_action( 'login_footer' ); ?> 755 <?php 756 /** 757 * Fires at the end of the login page HTML. 758 * 759 * @since 3.1.0 760 */ 761 do_action( 'login_footer' ); ?> 555 762 <?php if ( $customize_login ) : ?> 556 763 <script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php echo wp_customize_url(); ?>', channel: 'login' }).send('login') }, 1000 );</script> 557 764 <?php endif; ?> … … 596 803 $errors->add('updated', __( '<strong>You have successfully updated WordPress!</strong> Please log back in to experience the awesomeness.' ), 'message' ); 597 804 } 598 805 806 /** 807 * Filter the WP Error object of the login page. 808 * 809 * @since 3.6.0 810 * 811 * @param object $errors WP Error object. 812 * @param string $redirect_to Redirect destination URL. 813 */ 599 814 $errors = apply_filters( 'wp_login_errors', $errors, $redirect_to ); 600 815 601 816 // Clear any stale cookies. … … 618 833 <label for="user_pass"><?php _e('Password') ?><br /> 619 834 <input type="password" name="pwd" id="user_pass" class="input" value="" size="20" /></label> 620 835 </p> 621 <?php do_action('login_form'); ?> 836 <?php 837 /** 838 * Fires in the login form to add extra input. 839 * 840 * @since 2.1.0 841 */ 842 do_action( 'login_form' ); ?> 622 843 <p class="forgetmenot"><label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever" <?php checked( $rememberme ); ?> /> <?php esc_attr_e('Remember Me'); ?></label></p> 623 844 <p class="submit"> 624 845 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e('Log In'); ?>" /> … … 636 857 637 858 <?php if ( ! $interim_login ) { ?> 638 859 <p id="nav"> 639 <?php if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ) ) ) : ?> 640 <?php if ( get_option( 'users_can_register' ) ) : ?> 641 <?php echo apply_filters( 'register', sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ) ); ?> | 642 <?php endif; ?> 860 <?php if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ) ) ) : 861 if ( get_option( 'users_can_register' ) ) : 862 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 863 //duplicate_hook 864 echo apply_filters( 'register', $registration_url ) . ' | '; 865 endif; 866 ?> 643 867 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>" title="<?php esc_attr_e( 'Password Lost and Found' ); ?>"><?php _e( 'Lost your password?' ); ?></a> 644 868 <?php endif; ?> 645 869 </p>