Make WordPress Core

Ticket #25921: 25921(1).patch

File 25921(1).patch, 1.2 KB (added by jbkkd, 11 years ago)

Also fixed comment

  • src/wp-login.php

    IDEA additional info:
    Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
    <+>UTF-8
     
    740740
    741741        $reauth = empty($_REQUEST['reauth']) ? false : true;
    742742
    743         // If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
     743
     744        // If the user was redirected to a secure login form from a non-secure admin page, and secure admin is not required, then don't use a secure
    744745        // cookie and redirect back to the referring non-secure admin page. This allows logins to always be POSTed over SSL while allowing the user to choose visiting
    745746        // the admin via http or https.
    746         if ( !$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
     747        if ( !$secure_cookie && is_ssl() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
    747748                $secure_cookie = false;
    748749
    749750        // If cookies are disabled we can't log in even with a valid user+pass