Make WordPress Core

Changeset 27859


Ignore:
Timestamp:
03/30/2014 12:40:43 AM (11 years ago)
Author:
nacin
Message:

Only show test cookie warnings on submit as caching/proxies may intercept the test cookie for GET requests.

Introduce a new string for when headers are sent and link them to http://codex.wordpress.org/Cookies (new page).

props SergeyBiryukov.
fixes #27373.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-login.php

    r27801 r27859  
    756756        $secure_cookie = false;
    757757
    758     // If cookies are disabled we can't log in even with a valid user+pass
    759     if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
    760         $user = new WP_Error('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
    761     else
    762         $user = wp_signon('', $secure_cookie);
     758    $user = wp_signon( '', $secure_cookie );
     759
     760    if ( empty( $_COOKIE[ LOGGED_IN_COOKIE ] ) ) {
     761        if ( headers_sent() ) {
     762            $user = new WP_Error( 'test_cookie', sprintf( __( '<strong>ERROR</strong>: Cookies are blocked due to unexpected output. For help, please see <a href="%1$s">this documentation</a> or try the <a href="%2$s">support forums</a>.' ),
     763                __( 'http://codex.wordpress.org/Cookies' ), __( 'https://wordpress.org/support/' ) ) );
     764        } elseif ( isset( $_POST['testcookie'] ) && empty( $_COOKIE[ TEST_COOKIE ] ) ) {
     765            // If cookies are disabled we can't log in even with a valid user+pass
     766            $user = new WP_Error( 'test_cookie', sprintf( __( '<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href="%s">enable cookies</a> to use WordPress.' ),
     767                __( 'http://codex.wordpress.org/Cookies' ) ) );
     768        }
     769    }
    763770
    764771    $requested_redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
Note: See TracChangeset for help on using the changeset viewer.