Ticket #3123: improvedlogin.patch
| File improvedlogin.patch, 31.3 KB (added by , 17 years ago) |
|---|
-
wp-admin/wp-admin.css
558 558 559 559 #login { 560 560 position: relative; 561 background: url('images/login-bkg-tile.gif') no-repeat top center #fbfbfb;561 background: url('images/login-bkg-tile.gif') no-repeat top center; 562 562 color: #fff; 563 /* height: 430px; */564 563 margin: 5em auto; 565 padding: 45px 50px 0;564 padding: 20px 50px 0; 566 565 width: 325px; 567 566 } 568 567 … … 576 575 text-align: center; 577 576 } 578 577 578 #login #login_error a { 579 color: #ebcd4e; 580 border-color: #ebcd4e; 581 } 582 579 583 #login #send { 580 584 color: #fff; 581 585 text-align: left; … … 583 587 font-size: 1.1em; 584 588 } 585 589 586 #login h1 {590 #login h1 a { 587 591 margin: 0 auto; 588 padding-bottom: 10px; 589 left: 137px; 590 height: 75px; 591 width: 75px; 592 } 593 594 #login h1 a { 592 height: 88px; 593 width: 320px; 595 594 display: block; 596 text-indent: -9999px;595 /*text-indent: -9999px;*/ 597 596 border-bottom: none; 598 597 } 599 598 599 #login .hide { 600 display: none; 601 } 602 603 #login .message { 604 font-size: 10pt; 605 text-align: center; 606 } 607 608 #login .register { 609 font-size: 20px; 610 } 611 600 612 #login input { 601 613 padding: 4px; 602 614 } … … 605 617 background: url('images/login-bkg-bottom.gif') no-repeat bottom center; 606 618 list-style: none; 607 619 margin: 0 -50px; 608 padding: 0 50px5px;620 padding: 10px 50px 25px; 609 621 } 610 622 611 623 #login ul:after { 612 613 614 615 616 624 content: "."; 625 display: block; 626 height: 0; 627 clear: both; 628 visibility: hidden; 617 629 } 618 630 619 631 #login ul li { 620 632 float: left; 621 font-size: 1 1px;622 padding: 15px 0;633 font-size: 12px; 634 padding: 5px 0; 623 635 text-align: center; 624 636 } 625 637 … … 638 650 color: #fff; 639 651 } 640 652 641 #login #log, #pwd, #user_login, #email{653 #login .input { 642 654 font-size: 1.8em; 643 655 margin-top: 3px; 644 656 width: 97%; … … 650 662 651 663 #login #submit { 652 664 margin: 0; 653 font-size: 1 .2em;665 font-size: 15px; 654 666 } 655 667 668 #login .fullwidth { 669 width: 320px; 670 } 671 672 656 673 #postcustom .updatemeta, #postcustom .deletemeta { 657 674 margin: auto; 658 675 } -
wp-includes/general-template.php
40 40 41 41 if ( ! is_user_logged_in() ) { 42 42 if ( get_option('users_can_register') ) 43 $link = $before . '<a href="' . get_option('siteurl') . '/wp- register.php">' . __('Register') . '</a>' . $after;43 $link = $before . '<a href="' . get_option('siteurl') . '/wp-login.php?action=register">' . __('Register') . '</a>' . $after; 44 44 else 45 45 $link = ''; 46 46 } else { -
wp-includes/pluggable.php
178 178 return false; 179 179 180 180 if ( '' == $password ) { 181 $error = __('<strong>E rror</strong>: The password field is empty.');181 $error = __('<strong>ERROR</strong>: The password field is empty.'); 182 182 return false; 183 183 } 184 184 … … 186 186 //$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'"); 187 187 188 188 if (!$login) { 189 $error = __('<strong>E rror</strong>: Wrongusername.');189 $error = __('<strong>ERROR</strong>: Invalid username.'); 190 190 return false; 191 191 } else { 192 192 // If the password is already_md5, it has been double hashed. … … 194 194 if ( ($already_md5 && md5($login->user_pass) == $password) || ($login->user_login == $username && $login->user_pass == md5($password)) ) { 195 195 return true; 196 196 } else { 197 $error = __('<strong>E rror</strong>: Incorrect password.');197 $error = __('<strong>ERROR</strong>: Incorrect password.'); 198 198 $pwd = ''; 199 199 return false; 200 200 } -
wp-login.php
2 2 require( dirname(__FILE__) . '/wp-config.php' ); 3 3 4 4 $action = $_REQUEST['action']; 5 $error = '';5 $errors = array(); 6 6 7 7 if ( isset($_GET['key']) ) 8 8 $action = 'resetpass'; … … 20 20 update_option('siteurl', dirname($schema . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']) ); 21 21 } 22 22 23 switch($action) {24 23 25 case 'logout': 24 // Rather than duplicating this HTML all over the place, we'll stick it in function 25 function login_header($title = 'Login', $message = '') { 26 global $errors, $error; 26 27 28 ?> 29 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 30 <html xmlns="http://www.w3.org/1999/xhtml"> 31 <head> 32 <title><?php bloginfo('name'); ?> › <?php echo $title; ?></title> 33 <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" /> 34 <link rel="stylesheet" href="<?php bloginfo('wpurl'); ?>/wp-admin/wp-admin.css" type="text/css" /> 35 <!--[if IE]><style type="text/css">#login h1 a { margin-top: 35px; } #login ul { padding-bottom: 65px; }</style><![endif]--><!-- Curse you, IE! --> 36 <script type="text/javascript"> 37 function focusit() { 38 document.getElementById('user_login').focus(); 39 } 40 window.onload = focusit; 41 </script> 42 <?php do_action('login_head'); ?> 43 </head> 44 <body> 45 46 <div id="login"> 47 <h1><a href="<?php echo apply_filters('login_headerurl', 'http://wordpress.org/'); ?>" title="<?php echo apply_filters('login_headertitle', __('Powered by WordPress')); ?>"><span class="hide"><?php bloginfo('name'); ?></span></a></h1> 48 <?php 49 if ( !empty( $message ) ) echo apply_filters('login_message', $message) . "\n"; 50 51 // Incase a plugin uses $error rather than the $errors array 52 if ( !empty( $error ) ) { 53 $errors['error'] = $error; 54 unset($error); 55 } 56 57 if ( !empty( $errors ) ) { 58 if ( is_array( $errors ) ) { 59 $newerrors = "\n"; 60 foreach ( $errors as $error ) $newerrors .= ' ' . $error . "<br />\n"; 61 $errors = $newerrors; 62 } 63 64 echo '<div id="login_error">' . apply_filters('login_errors', $errors) . "</div>\n"; 65 } 66 } // End of login_header() 67 68 69 switch ($action) { 70 71 case 'logout' : 72 27 73 wp_clearcookie(); 28 74 do_action('wp_logout'); 29 nocache_headers();30 75 31 $redirect_to = 'wp-login.php ';32 if ( isset( $_REQUEST['redirect_to']) )76 $redirect_to = 'wp-login.php?loggedout=true'; 77 if ( isset( $_REQUEST['redirect_to'] ) ) 33 78 $redirect_to = $_REQUEST['redirect_to']; 34 79 35 80 wp_redirect($redirect_to); … … 37 82 38 83 break; 39 84 40 case 'lostpassword': 41 do_action('lost_password'); 42 ?> 43 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 44 <html xmlns="http://www.w3.org/1999/xhtml"> 45 <head> 46 <title>WordPress » <?php _e('Lost Password') ?></title> 47 <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" /> 48 <link rel="stylesheet" href="<?php echo get_option('siteurl'); ?>/wp-admin/wp-admin.css" type="text/css" /> 49 <script type="text/javascript"> 50 function focusit() { 51 // focus on first input field 52 document.getElementById('user_login').focus(); 85 case 'lostpassword' : 86 case 'retrievepassword' : 87 $user_login = ''; 88 $user_pass = ''; 89 90 if ( $_POST ) { 91 if ( empty( $_POST['user_login'] ) ) 92 $errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.'); 93 if ( empty( $_POST['user_email'] ) ) 94 $errors['user_email'] = __('<strong>ERROR</strong>: The e-mail field is empty.'); 95 96 do_action('lostpassword_post'); 97 98 if ( empty( $errors ) ) { 99 $user_data = get_userdatabylogin(trim($_POST['user_login'])); 100 // redefining user_login ensures we return the right case in the email 101 $user_login = $user_data->user_login; 102 $user_email = $user_data->user_email; 103 104 if (!$user_email || $user_email != $_POST['user_email']) { 105 $errors['invalidcombo'] = __('<strong>ERROR</strong>: Invalid username / e-mail combination.'); 106 } else { 107 do_action('retreive_password', $user_login); // Misspelled and deprecated 108 do_action('retrieve_password', $user_login); 109 110 // Generate something random for a password... md5'ing current time with a rand salt 111 $key = substr( md5( uniqid( microtime() ) ), 0, 8); 112 // Now insert the new pass md5'd into the db 113 $wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'"); 114 $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n"; 115 $message .= get_option('siteurl') . "\r\n\r\n"; 116 $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; 117 $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n"; 118 $message .= get_option('siteurl') . "/wp-login.php?action=rp&key=$key\r\n"; 119 120 if (FALSE == wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message)) { 121 die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>'); 122 } else { 123 wp_redirect('wp-login.php?checkemail=confirm'); 124 exit(); 125 } 126 } 127 } 53 128 } 54 window.onload = focusit; 55 </script> 56 <style type="text/css"> 57 #user_login, #email, #submit { 58 font-size: 1.7em; 59 } 60 </style> 61 </head> 62 <body> 63 <div id="login"> 64 <h1><a href="http://wordpress.org/">WordPress</a></h1> 65 <p><?php _e('Please enter your information here. We will send you a new password.') ?></p> 66 <?php 67 if ($error) 68 echo "<div id='login_error'>$error</div>"; 129 130 if ( 'invalidkey' == $_GET['error'] ) $errors['invalidkey'] = __('Sorry, that key does not appear to be valid.'); 131 132 do_action('lost_password'); 133 login_header(__('Lost Password'), '<p class="message">' . __('Please enter your username and e-mail address. You will recieve a new password via e-mail.') . '</p>'); 69 134 ?> 70 135 71 <form name="lostpass" action="wp-login.php" method="post" id="lostpass"> 72 <p> 73 <input type="hidden" name="action" value="retrievepassword" /> 74 <label><?php _e('Username:') ?><br /> 75 <input type="text" name="user_login" id="user_login" value="" size="20" tabindex="1" /></label></p> 76 <p><label><?php _e('E-mail:') ?><br /> 77 <input type="text" name="email" id="email" value="" size="25" tabindex="2" /></label><br /> 78 </p> 79 <p class="submit"><input type="submit" name="submit" id="submit" value="<?php _e('Retrieve Password »'); ?>" tabindex="3" /></p> 136 <form name="lostpasswordform" id="lostpasswordform" action="wp-login.php?action=lostpassword" method="post"> 137 <p> 138 <label><?php _e('Username:') ?><br /> 139 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo wp_specialchars(stripslashes($_POST['user_login']), 1); ?>" size="20" tabindex="10" /></label> 140 </p> 141 <p> 142 <label><?php _e('E-mail:') ?><br /> 143 <input type="text" name="user_email" id="user_email" class="input" value="<?php echo wp_specialchars(stripslashes($_POST['user_email']), 1); ?>" size="25" tabindex="20" /></label> 144 </p> 145 <?php do_action('lostpassword_form'); ?> 146 <p class="submit"><input type="submit" name="submit" id="submit" value="<?php _e('Get New Password »'); ?>" tabindex="100" /></p> 80 147 </form> 81 148 <ul> 149 <?php if (get_option('users_can_register')) : ?> 150 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li> 151 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li> 152 <li><a href="<?php bloginfo('home'); ?>/" title="<?php _e('Are you lost?') ?>" class="fullwidth">« <?php _e('Back to blog') ?></a></li> 153 <?php else : ?> 82 154 <li><a href="<?php bloginfo('home'); ?>/" title="<?php _e('Are you lost?') ?>">« <?php _e('Back to blog') ?></a></li> 83 <?php if (get_option('users_can_register')) : ?> 84 <li><a href="<?php bloginfo('wpurl'); ?>/wp-register.php"><?php _e('Register') ?></a></li> 155 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li> 85 156 <?php endif; ?> 86 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li>87 157 </ul> 88 158 </div> 89 159 </body> … … 91 161 <?php 92 162 break; 93 163 94 case 'retrievepassword':95 $user_data = get_userdatabylogin(trim($_POST['user_login']));96 // redefining user_login ensures we return the right case in the email97 $user_login = $user_data->user_login;98 $user_email = $user_data->user_email;99 100 if (!$user_email || $user_email != $_POST['email'])101 wp_die(sprintf(__('Sorry, that user does not seem to exist in our database. Perhaps you have the wrong username or e-mail address? <a href="%s">Try again</a>.'), 'wp-login.php?action=lostpassword'));102 103 do_action('retreive_password', $user_login); // Misspelled and deprecated.104 do_action('retrieve_password', $user_login);105 106 // Generate something random for a password... md5'ing current time with a rand salt107 $key = substr( md5( uniqid( microtime() ) ), 0, 8);108 // now insert the new pass md5'd into the db109 $wpdb->query("UPDATE $wpdb->users SET user_activation_key = '$key' WHERE user_login = '$user_login'");110 $message = __('Someone has asked to reset the password for the following site and username.') . "\r\n\r\n";111 $message .= get_option('siteurl') . "\r\n\r\n";112 $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";113 $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";114 $message .= get_option('siteurl') . "/wp-login.php?action=rp&key=$key\r\n";115 116 $m = wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message);117 118 if ($m == false) {119 echo '<p>' . __('The e-mail could not be sent.') . "<br />\n";120 echo __('Possible reason: your host may have disabled the mail() function...') . "</p>";121 die();122 } else {123 echo '<p>' . sprintf(__("The e-mail was sent successfully to %s's e-mail address."), $user_login) . '<br />';124 echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>';125 die();126 }127 128 break;129 130 164 case 'resetpass' : 131 165 case 'rp' : 132 // Generate something random for a password... md5'ing current time with a rand salt133 166 $key = preg_replace('/a-z0-9/i', '', $_GET['key']); 134 if ( empty($key) ) 135 wp_die( __('Sorry, that key does not appear to be valid.') ); 167 if ( empty( $key ) ) { 168 wp_redirect('wp-login.php?action=lostpassword&error=invalidkey'); 169 exit(); 170 } 171 136 172 $user = $wpdb->get_row("SELECT * FROM $wpdb->users WHERE user_activation_key = '$key'"); 137 if ( !$user ) 138 wp_die( __('Sorry, that key does not appear to be valid.') ); 173 if ( empty( $user ) ) { 174 wp_redirect('wp-login.php?action=lostpassword&error=invalidkey'); 175 exit(); 176 } 139 177 140 178 do_action('password_reset'); 141 179 180 // Generate something random for a password... md5'ing current time with a rand salt 142 181 $new_pass = substr( md5( uniqid( microtime() ) ), 0, 7); 143 182 $wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$new_pass'), user_activation_key = '' WHERE user_login = '$user->user_login'"); 144 183 wp_cache_delete($user->ID, 'users'); 145 184 wp_cache_delete($user->user_login, 'userlogins'); 146 185 $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n"; 147 186 $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; 148 187 $message .= get_option('siteurl') . "/wp-login.php\r\n"; 149 188 150 $m = wp_mail($user->user_email, sprintf(__('[%s] Your new password'), get_option('blogname')), $message); 151 152 if ($m == false) { 153 echo '<p>' . __('The e-mail could not be sent.') . "<br />\n"; 154 echo __('Possible reason: your host may have disabled the mail() function...') . '</p>'; 155 die(); 189 if (FALSE == wp_mail($user->user_email, sprintf(__('[%s] Your new password'), get_option('blogname')), $message)) { 190 die('<p>' . __('The e-mail could not be sent.') . "<br />\n" . __('Possible reason: your host may have disabled the mail() function...') . '</p>'); 156 191 } else { 157 echo '<p>' . sprintf(__('Your new password is in the mail.'), $user_login) . '<br />';158 echo "<a href='wp-login.php' title='" . __('Check your e-mail first, of course') . "'>" . __('Click here to login!') . '</a></p>';159 192 // send a copy of password change notification to the admin 160 193 $message = sprintf(__('Password Lost and Changed for user: %s'), $user->user_login) . "\r\n"; 161 194 wp_mail(get_option('admin_email'), sprintf(__('[%s] Password Lost/Changed'), get_option('blogname')), $message); 162 die(); 195 196 wp_redirect('wp-login.php?checkemail=newpass'); 197 exit(); 163 198 } 164 199 break; 165 200 201 case 'register' : 202 if ( FALSE == get_option('users_can_register') ) { 203 wp_redirect('wp-login.php?registration=disabled'); 204 exit(); 205 } 206 207 if ( $_POST ) { 208 require_once( ABSPATH . WPINC . '/registration.php'); 209 210 $user_login = sanitize_user( $_POST['user_login'] ); 211 $user_email = $_POST['user_email']; 212 213 // Check the username 214 if ( $user_login == '' ) 215 $errors['user_login'] = __('<strong>ERROR</strong>: Please enter a username.'); 216 elseif ( !validate_username( $user_login ) ) { 217 $errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.'); 218 $user_login = ''; 219 } elseif ( username_exists( $user_login ) ) 220 $errors['user_login'] = __('<strong>ERROR</strong>: This username is already registered, please choose another one.'); 221 222 // Check the e-mail address 223 if ($user_email == '') { 224 $errors['user_email'] = __('<strong>ERROR</strong>: Please type your e-mail address.'); 225 } elseif ( !is_email( $user_email ) ) { 226 $errors['user_email'] = __('<strong>ERROR</strong>: The email address isn’t correct.'); 227 $user_email = ''; 228 } elseif ( email_exists( $user_email ) ) 229 $errors['user_email'] = __('<strong>ERROR</strong>: This email is already registered, please choose another one.'); 230 231 do_action('register_post'); 232 233 if ( empty( $errors ) ) { 234 $user_pass = substr( md5( uniqid( microtime() ) ), 0, 7); 235 236 $user_id = wp_create_user( $user_login, $user_pass, $user_email ); 237 if ( !$user_id ) 238 $errors['registerfail'] = sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email')); 239 else { 240 wp_new_user_notification($user_id, $user_pass); 241 242 wp_redirect('wp-login.php?checkemail=registered'); 243 exit(); 244 } 245 } 246 } 247 248 login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>'); 249 ?> 250 251 <form name="registerform" id="registerform" action="wp-login.php?action=register" method="post"> 252 <p> 253 <label><?php _e('Username:') ?><br /> 254 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo wp_specialchars(stripslashes($user_login), 1); ?>" size="20" tabindex="10" /></label> 255 </p> 256 <p> 257 <label><?php _e('E-mail:') ?><br /> 258 <input type="text" name="user_email" id="user_email" class="input" value="<?php echo wp_specialchars(stripslashes($user_email), 1); ?>" size="25" tabindex="20" /></label> 259 </p> 260 <?php do_action('register_form'); ?> 261 <p id="reg_passmail"><?php _e('A password will be e-mailed to you.') ?></p> 262 <p class="submit"><input type="submit" name="submit" id="submit" value="<?php _e('Register »'); ?>" tabindex="100" /></p> 263 </form> 264 <ul> 265 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li> 266 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li> 267 <li><a href="<?php bloginfo('home'); ?>/" title="<?php _e('Are you lost?') ?>" class="fullwidth">« <?php _e('Back to blog') ?></a></li> 268 </ul> 269 </div> 270 </body> 271 </html> 272 <?php 273 break; 274 166 275 case 'login' : 167 276 default: 168 169 277 $user_login = ''; 170 278 $user_pass = ''; 171 $using_cookie = false; 279 $using_cookie = FALSE; 280 172 281 if ( !isset( $_REQUEST['redirect_to'] ) ) 173 282 $redirect_to = 'wp-admin/'; 174 283 else 175 284 $redirect_to = $_REQUEST['redirect_to']; 176 285 177 if ( $_POST ) {178 $user_login = $_POST[' log'];286 if ( $_POST ) { 287 $user_login = $_POST['user_login']; 179 288 $user_login = sanitize_user( $user_login ); 180 $user_pass = $_POST[' pwd'];289 $user_pass = $_POST['user_pass']; 181 290 $rememberme = $_POST['rememberme']; 182 291 } else { 183 292 $cookie_login = wp_get_cookie_login(); … … 190 299 191 300 do_action('wp_authenticate', array(&$user_login, &$user_pass)); 192 301 193 if ( $user_login && $user_pass ) {302 if ( $user_login && $user_pass && empty( $errors ) ) { 194 303 $user = new WP_User(0, $user_login); 195 304 196 305 // If the user can't edit posts, send them to their profile. … … 202 311 wp_setcookie($user_login, $user_pass, false, '', '', $rememberme); 203 312 do_action('wp_login', $user_login); 204 313 wp_redirect($redirect_to); 205 exit ;314 exit(); 206 315 } else { 207 316 if ( $using_cookie ) 208 $error = __('Your session has expired.');317 $errors['expiredsession'] = __('Your session has expired.'); 209 318 } 210 } else if ( $user_login || $user_pass ) {211 $error = __('<strong>Error</strong>: The password field is empty.');212 319 } 213 ?> 214 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 215 <html xmlns="http://www.w3.org/1999/xhtml"> 216 <head> 217 <title>WordPress › <?php _e('Login') ?></title> 218 <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php bloginfo('charset'); ?>" /> 219 <link rel="stylesheet" href="<?php bloginfo('wpurl'); ?>/wp-admin/wp-admin.css" type="text/css" /> 220 <script type="text/javascript"> 221 function focusit() { 222 document.getElementById('log').focus(); 223 } 224 window.onload = focusit; 225 </script> 226 </head> 227 <body> 320 321 if ( $_POST && empty( $user_login ) ) 322 $errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.'); 323 if ( $_POST && empty( $user_pass ) ) 324 $errors['user_pass'] = __('<strong>ERROR</strong>: The password field is empty.'); 228 325 229 <div id="login"> 230 <h1><a href="http://wordpress.org/">WordPress</a></h1> 231 <?php 232 if ( $error ) 233 echo "<div id='login_error'>$error</div>"; 326 // Some parts of this script use the main login form to display a message 327 if ( TRUE == $_GET['loggedout'] ) $errors['loggedout'] = __('Successfully logged you out.'); 328 elseif ( 'disabled' == $_GET['registration'] ) $errors['registerdiabled'] = __('User registration is currently not allowed.'); 329 elseif ( 'confirm' == $_GET['checkemail'] ) $errors['confirm'] = __('Check your e-mail for the confirmation link.'); 330 elseif ( 'newpass' == $_GET['checkemail'] ) $errors['newpass'] = __('Check your e-mail for your new password.'); 331 elseif ( 'registered' == $_GET['checkemail'] ) $errors['registered'] = __('Registration complete. Please check your e-mail.'); 332 333 login_header(__('Login')); 234 334 ?> 235 335 236 336 <form name="loginform" id="loginform" action="wp-login.php" method="post"> 237 <p><label><?php _e('Username:') ?><br /><input type="text" name="log" id="log" value="<?php echo wp_specialchars(stripslashes($user_login), 1); ?>" size="20" tabindex="1" /></label></p> 238 <p><label><?php _e('Password:') ?><br /> <input type="password" name="pwd" id="pwd" value="" size="20" tabindex="2" /></label></p> 239 <p> 240 <label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="3" /> 241 <?php _e('Remember me'); ?></label></p> 242 <p class="submit"> 243 <input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> »" tabindex="4" /> 244 <input type="hidden" name="redirect_to" value="<?php echo wp_specialchars($redirect_to); ?>" /> 245 </p> 337 <p> 338 <label><?php _e('Username:') ?><br /> 339 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo wp_specialchars(stripslashes($user_login), 1); ?>" size="20" tabindex="10" /></label> 340 </p> 341 <p> 342 <label><?php _e('Password:') ?><br /> 343 <input type="password" name="user_pass" id="user_pass" class="input" value="" size="20" tabindex="20" /></label> 344 </p> 345 <?php do_action('login_form'); ?> 346 <p><label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" /> <?php _e('Remember me'); ?></label></p> 347 <p class="submit"> 348 <input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> »" tabindex="100" /> 349 <input type="hidden" name="redirect_to" value="<?php echo wp_specialchars($redirect_to); ?>" /> 350 </p> 246 351 </form> 247 352 <ul> 353 <?php if (get_option('users_can_register')) : ?> 354 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=register"><?php _e('Register') ?></a></li> 355 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li> 356 <li><a href="<?php bloginfo('home'); ?>/" title="<?php _e('Are you lost?') ?>" class="fullwidth">« <?php _e('Back to blog') ?></a></li> 357 <?php else : ?> 248 358 <li><a href="<?php bloginfo('home'); ?>/" title="<?php _e('Are you lost?') ?>">« <?php _e('Back to blog') ?></a></li> 249 <?php if (get_option('users_can_register')) : ?> 250 <li><a href="<?php bloginfo('wpurl'); ?>/wp-register.php"><?php _e('Register') ?></a></li> 359 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li> 251 360 <?php endif; ?> 252 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li>253 361 </ul> 254 362 </div> 255 363 … … 259 367 260 368 break; 261 369 } // end action switch 262 ?> 370 ?> 371 No newline at end of file -
wp-register.php
1 1 <?php 2 require('./wp-config.php');3 require_once( ABSPATH . WPINC . '/registration.php');4 2 5 $action = $_REQUEST['action']; 6 if ( !get_option('users_can_register') ) 7 $action = 'disabled'; 3 # This file is deprecated, but you shouldn't have been linking to it directly anyway :P 4 # Use wp_register() instead, it's much better ;) 8 5 9 header( 'Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset') ); 6 require('./wp-config.php'); 7 wp_redirect('wp-login.php?action=register'); 8 exit(); 10 9 11 switch( $action ) { 12 13 case 'register': 14 15 $user_login = sanitize_user( $_POST['user_login'] ); 16 $user_email = $_POST['user_email']; 17 18 $errors = array(); 19 20 if ( $user_login == '' ) 21 $errors['user_login'] = __('<strong>ERROR</strong>: Please enter a username.'); 22 23 /* checking e-mail address */ 24 if ($user_email == '') { 25 $errors['user_email'] = __('<strong>ERROR</strong>: Please type your e-mail address.'); 26 } else if (!is_email($user_email)) { 27 $errors['user_email'] = __('<strong>ERROR</strong>: The email address isn’t correct.'); 28 $user_email = ''; 29 } 30 31 if ( ! validate_username($user_login) ) { 32 $errors['user_login'] = __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.'); 33 $user_login = ''; 34 } 35 36 if ( username_exists( $user_login ) ) 37 $errors['user_login'] = __('<strong>ERROR</strong>: This username is already registered, please choose another one.'); 38 39 if ( email_exists( $user_email ) ) 40 $errors['user_email'] = __('<strong>ERROR</strong>: This email is already registered, please choose another one.'); 41 42 if ( 0 == count($errors) ) { 43 $password = substr( md5( uniqid( microtime() ) ), 0, 7); 44 45 $user_id = wp_create_user( $user_login, $password, $user_email ); 46 if ( !$user_id ) 47 $errors['user_id'] = sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_option('admin_email')); 48 else 49 wp_new_user_notification($user_id, $password); 50 } 51 52 if ( 0 == count($errors) ) { 53 54 ?> 55 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 56 <html xmlns="http://www.w3.org/1999/xhtml"> 57 <head> 58 <title>WordPress » <?php _e('Registration Complete') ?></title> 59 <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" /> 60 <link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" /> 61 <style type="text/css"> 62 .submit { 63 font-size: 1.7em; 64 } 65 </style> 66 </head> 67 <body> 68 69 <div id="login"> 70 <h2><?php _e('Registration Complete') ?></h2> 71 <p><?php printf(__('Username: %s'), "<strong>" . wp_specialchars($user_login) . "</strong>") ?><br /> 72 <?php printf(__('Password: %s'), '<strong>' . __('emailed to you') . '</strong>') ?> <br /> 73 <?php printf(__('E-mail: %s'), "<strong>" . wp_specialchars($user_email) . "</strong>") ?></p> 74 <p class="submit"><a href="wp-login.php"><?php _e('Login »'); ?></a></p> 75 </div> 76 </body> 77 </html> 78 79 <?php 80 break; 81 } 82 83 default: 84 85 ?> 86 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 87 <html xmlns="http://www.w3.org/1999/xhtml"> 88 <head> 89 <title>WordPress » <?php _e('Registration Form') ?></title> 90 <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" /> 91 <link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css" /> 92 <style type="text/css"> 93 #user_email, #user_login, #submit { 94 font-size: 1.7em; 95 } 96 </style> 97 </head> 98 99 <body> 100 <div id="login"> 101 <h1><a href="http://wordpress.org/">WordPress</a></h1> 102 <h2><?php _e('Register for this blog') ?></h2> 103 <?php if ( isset($errors) ) : ?> 104 <div class="error"> 105 <p> 106 <?php 107 foreach($errors as $error) echo "$error<br />"; 108 ?> 109 </p> 110 </div> 111 <?php endif; ?> 112 <form method="post" action="wp-register.php" id="registerform"> 113 <p><input type="hidden" name="action" value="register" /> 114 <label for="user_login"><?php _e('Username:') ?></label><br /> <input type="text" name="user_login" id="user_login" size="20" maxlength="20" value="<?php echo wp_specialchars($user_login); ?>" /><br /></p> 115 <p><label for="user_email"><?php _e('E-mail:') ?></label><br /> <input type="text" name="user_email" id="user_email" size="25" maxlength="100" value="<?php echo wp_specialchars($user_email); ?>" /></p> 116 <p><?php _e('A password will be emailed to you.') ?></p> 117 <p class="submit"><input type="submit" value="<?php _e('Register »') ?>" id="submit" name="submit" /></p> 118 </form> 119 <ul> 120 <li><a href="<?php bloginfo('home'); ?>/" title="<?php _e('Are you lost?') ?>">« <?php _e('Back to blog') ?></a></li> 121 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php"><?php _e('Login') ?></a></li> 122 <li><a href="<?php bloginfo('wpurl'); ?>/wp-login.php?action=lostpassword" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a></li> 123 </ul> 124 </div> 125 126 </body> 127 </html> 128 <?php 129 130 break; 131 132 case 'disabled': 133 134 ?> 135 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 136 <html xmlns="http://www.w3.org/1999/xhtml"> 137 <head> 138 <title>WordPress » <?php _e('Registration Currently Disabled') ?></title> 139 <meta http-equiv="Content-Type" content="<?php bloginfo('html_type'); ?>; charset=<?php echo get_option('blog_charset'); ?>" /> 140 <link rel="stylesheet" href="wp-admin/wp-admin.css" type="text/css"> 141 </head> 142 143 <body> 144 145 <div id="login"> 146 <h2><?php _e('Registration Disabled') ?></h2> 147 <p><?php _e('User registration is currently not allowed.') ?><br /> 148 <a href="<?php echo get_option('home'); ?>/" title="<?php _e('Go back to the blog') ?>"><?php _e('Home') ?></a> 149 </p> 150 </div> 151 152 </body> 153 </html> 154 155 <?php 156 break; 157 158 } 159 ?> 10 ?> 11 No newline at end of file