Index: /trunk/wp-admin/wp-admin.css =================================================================== --- /trunk/wp-admin/wp-admin.css (revision 1730) +++ /trunk/wp-admin/wp-admin.css (revision 1731) @@ -326,25 +326,46 @@ #login { - background: url(../wp-images/wp-small.png) #fff no-repeat top center; - border: 2px solid #333; - color: #333; - height: 170px; - left: 50%; - margin-left: -120px; /* half of width and height */ - margin-top: -85px; - padding: 40px 5px 5px 5px; - position: absolute; + background: #fff; + border: 2px solid #a2a2a2; + width: 25em; + margin: 5em auto; + padding: 1.5em; +} + +#login form { text-align: right; - top: 45%; - width: 240px; -} - -#login textarea, #login input, #login select { - background: #f0f0f0; - border-color: #ccc; - border-style: solid; - border-width: 1px; - margin: 1px; - padding: 2px; +} +#login #login_error { + background: #c00; + color: #fff; + padding: .5em; + border: 1px solid #a40000; + text-align: center; + font-weight: bold; + font-size: 16px; +} +#login h1 { + background: url(../wp-images/wp-small.png) no-repeat; + margin-top: 0; +} +#login h1 a { + display: block; + text-indent: -1000px; +} + +#login ul { + list-style: none; + margin: 0; + padding: 0; + +} +#login ul li { + display: inline; + text-align: center; + margin-left: 1.4em; +} + +#login input { + padding: 3px; } Index: /trunk/wp-includes/template-functions-general.php =================================================================== --- /trunk/wp-includes/template-functions-general.php (revision 1730) +++ /trunk/wp-includes/template-functions-general.php (revision 1731) @@ -53,7 +53,11 @@ switch($show) { - case 'url': - case 'siteurl': + case 'url' : + case 'home' : + case 'siteurl' : $output = get_settings('home'); + break; + case 'wpurl' : + $output = get_settings('siteurl'); break; case 'description': Index: /trunk/wp-login.php =================================================================== --- /trunk/wp-login.php (revision 1730) +++ /trunk/wp-login.php (revision 1731) @@ -2,49 +2,32 @@ require('./wp-config.php'); -function login() { - global $wpdb, $log, $pwd, $error, $user_ID; - global $pass_is_md5; - $user_login = &$log; - $pwd = md5($pwd); - $password = &$pwd; - if (!$user_login) { - $error = __('Error: the login field is empty.'); +function login($username, $password, $already_md5 = false) { + global $wpdb, $error; + if ( !$already_md5 ) + $pwd = md5($password); + + if ( !$username ) return false; - } - - if (!$password) { - $error = __('Error: the password field is empty.'); + + if ( !$password ) { + $error = __('Error: The password field is empty.'); return false; } - $query = "SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$user_login' AND user_pass = '$password'"; - - $login = $wpdb->get_row($query); + $login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'"); if (!$login) { - $error = __('Error: wrong login or password.'); + $error = __('Error: Wrong login.'); $pwd = ''; return false; } else { - $user_ID = $login->ID; - if (($pass_is_md5 == 0 && $login->user_login == $user_login && $login->user_pass == $password) || ($pass_is_md5 == 1 && $login->user_login == $user_login && $login->user_pass == md5($password))) { + + if ( $login->user_login == $username && $login->user_pass == $pwd ) { return true; } else { - $error = __('Error: wrong login or password.'); + $error = __('Error: Incorrect password.'); $pwd = ''; - return false; + return false; } - } -} - -function checklogin() { - global $user_login, $user_pass_md5, $user_ID; - - $userdata = get_userdatabylogin($user_login); - - if ($user_pass_md5 != md5($userdata->user_pass)) { - return false; - } else { - return true; } } @@ -69,5 +52,5 @@ } -$wpvarstoreset = array('action','mode','error','text','popupurl','popuptitle'); +$wpvarstoreset = array('action'); for ($i = 0; $i < count($wpvarstoreset); $i = $i + 1) { @@ -85,5 +68,5 @@ } } - +$error = ''; // If someone has moved WordPress let's try to detect it if ( dirname('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']) != get_settings('siteurl') ) @@ -94,15 +77,14 @@ case 'logout': - setcookie('wordpressuser_'.$cookiehash, " ", time() - 31536000, COOKIEPATH); - setcookie('wordpresspass_'.$cookiehash, " ", time() - 31536000, COOKIEPATH); + setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH); + setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH); header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); - if ($is_IIS) { + if ($is_IIS) header('Refresh: 0;url=wp-login.php'); - } else { + else header('Location: wp-login.php'); - } exit(); @@ -111,8 +93,8 @@ case 'login': - if(!empty($_POST)) { + if( !empty($_POST) ) { $log = $_POST['log']; - $pwd = stripslashes($_POST['pwd']); - $redirect_to = $_POST['redirect_to']; + $pwd = $_POST['pwd']; + $redirect_to = preg_replace('|[^a-z/.:_-]|i', '', $_POST['redirect_to']); } @@ -123,18 +105,17 @@ } - if (!login()) { + if ( !login($log, $pwd) ) { header('Expires: Wed, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate'); header('Pragma: no-cache'); - if ($is_IIS) { - header('Refresh: 0;url=wp-login.php'); - } else { - header('Location: wp-login.php'); - } + if ($is_IIS) + header('Refresh: 0;url=wp-login.php'); + else + header('Location: wp-login.php'); exit(); } else { $user_login = $log; - $user_pass = $pwd; + $user_pass = md5($pwd); setcookie('wordpressuser_'.$cookiehash, $user_login, time() + 31536000, COOKIEPATH); setcookie('wordpresspass_'.$cookiehash, md5($user_pass), time() + 31536000, COOKIEPATH); @@ -145,24 +126,8 @@ header('Pragma: no-cache'); - switch($mode) { - case 'bookmarklet': - $location = "wp-admin/bookmarklet.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; - break; - case 'sidebar': - $location = "wp-admin/sidebar.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; - break; - case 'profile': - $location = "wp-admin/profile.php?text=$text&popupurl=$popupurl&popuptitle=$popuptitle"; - break; - default: - $location = "$redirect_to"; - break; - } - - if ($is_IIS) { - header("Refresh: 0;url=$location"); - } else { - header("Location: $location"); - } + if ($is_IIS) + header("Refresh: 0;url=$redirect_to"); + else + header("Location: $redirect_to"); } @@ -176,6 +141,6 @@
-