Ticket #8938: wp-auth-2.diff

wp-includes/pluggable.php

@@ -426 +426 @@
 
         $user = apply_filters('authenticate', null, $username, $password);
 
-        if ( ($user == null ) ) {
-                // TODO slight hack to handle initial load of wp-login.php
-                if ( empty($username) && empty($password) && ($GLOBALS['pagenow'] == 'wp-login.php' ) ) {
-                        $user = new WP_Error('',''); //No Error
-                } else {
+        if ( $user == null ) {
                 // TODO what should the error message be? (Or would these even happen?)
                 // Only needed if all authentication handlers fail to return anything.
                 $user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
-                }
         }
 
         if (is_wp_error($user)) {

wp-includes/user.php

@@ -50 +50 @@
 
         $user = wp_authenticate($credentials['user_login'], $credentials['user_password']);
 
-        if ( is_wp_error($user) )
+        if ( is_wp_error($user) ) {
+                if ( $user->get_error_codes() == array('empty_username', 'empty_password') ) {
+                        $user = new WP_Error('', '');
+                }
+
                 return $user;
+        }
 
         wp_set_auth_cookie($user->ID, $credentials['remember'], $secure_cookie);
         do_action('wp_login', $credentials['user_login']);
@@ -66 +71 @@
 function wp_authenticate_username_password($user, $username, $password) {
         if ( is_a($user, 'WP_User') ) { return $user; }
 
-        // TODO slight hack to handle initial load of wp-login.php
-        if ( (empty($username) && empty($password)) && $GLOBALS['pagenow'] == 'wp-login.php' ) {
-                return $user;
-        }
-
         if ( empty($username) || empty($password) ) {
                 $error = new WP_Error();