Changeset 36617
- Timestamp:
- 02/22/2016 11:14:27 PM (9 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/default-filters.php
r36341 r36617 343 343 // Default authentication filters 344 344 add_filter( 'authenticate', 'wp_authenticate_username_password', 20, 3 ); 345 add_filter( 'authenticate', 'wp_authenticate_email_password', 20, 3 ); 345 346 add_filter( 'authenticate', 'wp_authenticate_spam_check', 99 ); 346 347 add_filter( 'determine_current_user', 'wp_validate_auth_cookie' ); -
trunk/src/wp-includes/pluggable.php
r36588 r36617 549 549 * @since 2.5.0 550 550 * 551 * @param string $username User's username .551 * @param string $username User's username or email address. 552 552 * @param string $password User's password. 553 553 * @return WP_User|WP_Error WP_User object if the credentials are valid, … … 576 576 // TODO what should the error message be? (Or would these even happen?) 577 577 // Only needed if all authentication handlers fail to return anything. 578 $user = new WP_Error( 'authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));578 $user = new WP_Error( 'authentication_failed', __( '<strong>ERROR</strong>: Invalid username, email address or incorrect password.' ) ); 579 579 } 580 580 -
trunk/src/wp-includes/user.php
r36501 r36617 164 164 __( '<strong>ERROR</strong>: The password you entered for the username %s is incorrect.' ), 165 165 '<strong>' . $username . '</strong>' 166 ) . 167 ' <a href="' . wp_lostpassword_url() . '">' . 168 __( 'Lost your password?' ) . 169 '</a>' 170 ); 171 } 172 173 return $user; 174 } 175 176 /** 177 * Authenticate the user using the email and password. 178 * 179 * @since 4.5.0 180 * 181 * @param WP_User|WP_Error|null $user WP_User or WP_Error object if a previous 182 * callback failed authentication. 183 * @param string $email Email address for authentication. 184 * @param string $password Password for authentication. 185 * @return WP_User|WP_Error WP_User on success, WP_Error on failure. 186 */ 187 function wp_authenticate_email_password( $user, $email, $password ) { 188 if ( $user instanceof WP_User ) { 189 return $user; 190 } 191 192 if ( empty( $email ) || empty( $password ) ) { 193 if ( is_wp_error( $user ) ) { 194 return $user; 195 } 196 197 $error = new WP_Error(); 198 199 if ( empty( $email ) ) { 200 $error->add( 'empty_username', __( '<strong>ERROR</strong>: The email field is empty.' ) ); // Uses 'empty_username' for back-compat with wp_signon() 201 } 202 203 if ( empty( $password ) ) { 204 $error->add( 'empty_password', __( '<strong>ERROR</strong>: The password field is empty.' ) ); 205 } 206 207 return $error; 208 } 209 210 if ( ! is_email( $email ) ) { 211 return $user; 212 } 213 214 $user = get_user_by( 'email', $email ); 215 216 if ( ! $user ) { 217 return new WP_Error( 'invalid_email', 218 __( '<strong>ERROR</strong>: Invalid email address.' ) . 219 ' <a href="' . wp_lostpassword_url() . '">' . 220 __( 'Lost your password?' ) . 221 '</a>' 222 ); 223 } 224 225 /** This filter is documented in wp-includes/user.php */ 226 $user = apply_filters( 'wp_authenticate_user', $user, $password ); 227 228 if ( is_wp_error( $user ) ) { 229 return $user; 230 } 231 232 if ( ! wp_check_password( $password, $user->user_pass, $user->ID ) ) { 233 return new WP_Error( 'incorrect_password', 234 sprintf( 235 /* translators: %s: email address */ 236 __( '<strong>ERROR</strong>: The password you entered for the email address %s is incorrect.' ), 237 '<strong>' . $email . '</strong>' 166 238 ) . 167 239 ' <a href="' . wp_lostpassword_url() . '">' . -
trunk/src/wp-login.php
r36487 r36617 530 530 <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post"> 531 531 <p> 532 <label for="user_login" ><?php _e('Username or Email :') ?><br />532 <label for="user_login" ><?php _e('Username or Email') ?><br /> 533 533 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label> 534 534 </p> … … 757 757 if ( !empty($_POST['log']) && !force_ssl_admin() ) { 758 758 $user_name = sanitize_user($_POST['log']); 759 if ( $user = get_user_by('login', $user_name) ) { 759 $user = get_user_by( 'login', $user_name ); 760 761 if ( ! $user && strpos( $user_name, '@' ) ) { 762 $user = get_user_by( 'email', $user_name ); 763 } 764 765 if ( $user ) { 760 766 if ( get_user_option('use_ssl', $user->ID) ) { 761 767 $secure_cookie = true; … … 883 889 <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"> 884 890 <p> 885 <label for="user_login"><?php _e('Username ') ?><br />891 <label for="user_login"><?php _e('Username or Email') ?><br /> 886 892 <input type="text" name="log" id="user_login"<?php echo $aria_describedby_error; ?> class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" /></label> 887 893 </p> -
trunk/tests/phpunit/tests/auth.php
r35224 r36617 312 312 $this->assertInstanceOf( 'WP_Error', $check ); 313 313 } 314 315 /** 316 * Ensure users can log in using both their username and their email address. 317 * 318 * @ticket 9568 319 */ 320 function test_log_in_using_email() { 321 $user_args = array( 322 'user_login' => 'johndoe', 323 'user_email' => 'mail@example.com', 324 'user_pass' => 'password', 325 ); 326 $this->factory->user->create( $user_args ); 327 328 $this->assertInstanceOf( 'WP_User', wp_authenticate( $user_args['user_email'], $user_args['user_pass'] ) ); 329 $this->assertInstanceOf( 'WP_User', wp_authenticate( $user_args['user_login'], $user_args['user_pass'] ) ); 330 } 314 331 }
Note: See TracChangeset
for help on using the changeset viewer.