Ticket #40605: 40605.2.patch

wp-login.php

@@ -406 +406 @@
 if ( !in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login' ), true ) && false === has_filter( 'login_form_' . $action ) )
         $action = 'login';
 
+if ( isset($_GET['checkemail']) && $_GET['checkemail'] )
+        $action = 'check-email';
+
 nocache_headers();
 
 header('Content-Type: '.get_bloginfo('html_type').'; charset='.get_bloginfo('charset'));
@@ -828 +831 @@
 
 break;
 
+case 'check-email' :
+        $secure_cookie = '';
+
+        $redirect_to = admin_url();
+
+
+
+        $reauth = empty($_REQUEST['reauth']) ? false : true;
+
+        $user = wp_signon( array(), $secure_cookie );
+        $errors = $user;
+        // Clear errors if loggedout is set.
+        if ( !empty($_GET['loggedout']) || $reauth ) {
+                $errors = new WP_Error();
+        }
+
+        if ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) {
+                $errors->add('confirm', __('Check your email for the confirmation link. Then go to <a href="'.wp_login_url().'">Login Page</a>'), 'message');
+        }
+
+        /**
+         * Filters the login page errors.
+         *
+         * @since 3.6.0
+         *
+         * @param object $errors      WP Error object.
+         * @param string $redirect_to Redirect destination URL.
+         */
+        $errors = apply_filters( 'wp_login_errors', $errors, $redirect_to );
+        login_header(__('Log In'), '', $errors);
+
+login_footer();
+break;
+    
 case 'login' :
 default:
         $secure_cookie = '';