WordPress.org

Make WordPress Core

Ticket #30598: 30598.diff

File 30598.diff, 1.5 KB (added by ShinichiN, 5 years ago)

jeremyfelt's method.

  • src/wp-login.php

     
    814814<?php           exit;
    815815                }
    816816
     817                $prevent_safe_redirect = false;
     818
     819                if ( is_subdomain_install() && false == is_user_member_of_blog() ) {
     820
     821                        // prevent wp_safe_redirect to sanitized back to the standard admin URL because of domain unmatch.
     822                        $prevent_safe_redirect = true;
     823                        $all_blogs = get_blogs_of_user( $user->data->ID );
     824                        if ( count( $all_blogs ) > 1 ) {
     825                                $primary_blog = get_user_meta( $user->data->ID, 'primary_blog', true );
     826                                $redirect_to  = get_admin_url( $primary_blog );
     827                        } elseif( count( $all_blogs ) == 1 ) {
     828                                $users_blog  = array_shift( $all_blogs );
     829                                $redirect_to = get_admin_url( $users_blog->userblog_id );
     830                        }
     831
     832                }
     833
     834
    817835                if ( ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) ) {
    818836                        // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
    819837                        if ( is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin( $user->ID ) )
     
    823841                        elseif ( !$user->has_cap('edit_posts') )
    824842                                $redirect_to = $user->has_cap( 'read' ) ? admin_url( 'profile.php' ) : home_url();
    825843                }
    826                 wp_safe_redirect($redirect_to);
     844
     845                if ( true === $prevent_safe_redirect ) {
     846                        wp_redirect( $redirect_to );
     847                } else {
     848                        wp_safe_redirect( $redirect_to );
     849                }
    827850                exit();
    828851        }
    829852