WordPress.org

Make WordPress Core

Changeset 24179


Ignore:
Timestamp:
05/06/13 21:35:50 (12 months ago)
Author:
azaozz
Message:

Logged out warnings:

  • Don't remove login error messages coming from wp_signon().
  • When the login form is shown in iframe, open all links in a new tab/window.
  • Add filter for the login form error message.

See #23295

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/js/wp-auth-check.js

    r23805 r24179  
    1212            }); 
    1313 
    14             // Add 'sandbox' for browsers that support it, only restrict access to the top window. 
    15             frame = $('<iframe id="wp-auth-check-frame" sandbox="allow-same-origin allow-forms allow-scripts" frameborder="0">').attr( 'title', noframe.text() ); 
     14            frame = $('<iframe id="wp-auth-check-frame" frameborder="0">').attr( 'title', noframe.text() ); 
    1615            frame.load( function(e) { 
    1716                var height, body; 
     
    2625                    form.remove(); 
    2726                    noframe.focus(); 
     27                    return; 
    2828                } 
    2929 
  • trunk/wp-login.php

    r24053 r24179  
    4949 
    5050    // Shake it! 
    51     $shake_error_codes = array( 'interim_login_error', 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' ); 
     51    $shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' ); 
    5252    $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes ); 
    5353 
     
    9898        $classes[] = 'rtl'; 
    9999    if ( $interim_login ) { 
    100         // Don't allow interim logins to navigate away from the page. 
    101         $login_header_url = '#'; 
    102100        $classes[] = 'interim-login'; 
    103101        ?> 
    104102        <style type="text/css">html{background-color: transparent;}</style> 
     103        <base target="_blank"> 
    105104        <?php 
    106105 
     
    405404 
    406405$http_post = ('POST' == $_SERVER['REQUEST_METHOD']); 
     406$interim_login = isset($_REQUEST['interim-login']); 
     407 
    407408switch ($action) { 
    408409 
     
    591592default: 
    592593    $secure_cookie = ''; 
    593     $interim_login = isset($_REQUEST['interim-login']); 
    594594    $customize_login = isset( $_REQUEST['customize-login'] ); 
    595595    if ( $customize_login ) 
     
    664664        $errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress.")); 
    665665 
    666     // Clear most errors if interim login 
     666    $form_target = ''; 
    667667    if ( $interim_login ) { 
    668         $error_code = $errors->get_error_code(); 
    669         $errors = new WP_Error(); 
    670  
    671         if ( $error_code ) { 
    672             if ( in_array( $error_code, array( 'empty_password', 'empty_username', 'invalid_username', 'incorrect_password' ) ) ) 
    673                 $errors->add('interim_login_error', __('<strong>ERROR</strong>: Invalid username or password.')); 
    674             else 
    675                 $errors->add('interim_login_error_other', sprintf( __( '<strong>ERROR</strong>: Please contact the site administrator or try to <a href="%s" target="_blank">log in from a new window</a>.' ), wp_login_url() ) ); 
    676         } else { 
     668        $form_target = ' target="_self"'; 
     669        if ( ! $errors->get_error_code() ) 
    677670            $errors->add('expired', __('Session expired. Please log in again. You will not move away from this page.'), 'message'); 
    678         } 
    679671    } else { 
    680672        // Some parts of this script use the main login form to display a message 
     
    693685    } 
    694686 
     687    $errors = apply_filters( 'wp_login_errors', $errors, $redirect_to ); 
     688 
    695689    // Clear any stale cookies. 
    696690    if ( $reauth ) 
     
    704698?> 
    705699 
    706 <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"> 
     700<form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"<?php echo $form_target; ?>> 
    707701    <p> 
    708702        <label for="user_login"><?php _e('Username') ?><br /> 
Note: See TracChangeset for help on using the changeset viewer.