Make WordPress Core

Changeset 8069 for trunk/wp-login.php


Ignore:
Timestamp:
06/11/2008 05:25:55 PM (17 years ago)
Author:
ryan
Message:

Introduce logged_in cookie. Deliver auth cookies only to wp-admin. see #7001

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-login.php

    r8061 r8069  
    1111/** Make sure that the WordPress bootstrap has ran before continuing. */
    1212require( dirname(__FILE__) . '/wp-load.php' );
     13
     14// Redirect to https login if forced to use SSL
     15if ( (force_ssl_admin() || force_ssl_login()) && !is_ssl() ) {
     16    if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) {
     17        wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI']));
     18        exit();
     19    } else {
     20        wp_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
     21        exit();         
     22    }
     23}
    1324
    1425/**
     
    138149    $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
    139150    $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n";
    140     $message .= site_url("wp-login.php?action=rp&key=$key") . "\r\n";
     151    $message .= site_url("wp-login.php?action=rp&key=$key", 'login') . "\r\n";
    141152
    142153    if ( !wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message) )
     
    175186    $message  = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
    176187    $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
    177     $message .= site_url('wp-login.php') . "\r\n";
     188    $message .= site_url('wp-login.php', 'login') . "\r\n";
    178189
    179190    if (  !wp_mail($user->user_email, sprintf(__('[%s] Your new password'), get_option('blogname')), $message) )
     
    313324<p id="nav">
    314325<?php if (get_option('users_can_register')) : ?>
    315 <a href="<?php echo site_url('wp-login.php', 'forceable') ?>"><?php _e('Log in') ?></a> |
    316 <a href="<?php echo site_url('wp-login.php?action=register') ?>"><?php _e('Register') ?></a>
     326<a href="<?php echo site_url('wp-login.php', 'login') ?>"><?php _e('Log in') ?></a> |
     327<a href="<?php echo site_url('wp-login.php?action=register', 'login') ?>"><?php _e('Register') ?></a>
    317328<?php else : ?>
    318 <a href="<?php echo site_url('wp-login.php', 'forceable') ?>"><?php _e('Log in') ?></a>
     329<a href="<?php echo site_url('wp-login.php', 'login') ?>"><?php _e('Log in') ?></a>
    319330<?php endif; ?>
    320331</p>
     
    381392
    382393<p id="nav">
    383 <a href="<?php echo site_url('wp-login.php', 'forceable') ?>"><?php _e('Log in') ?></a> |
    384 <a href="<?php echo site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
     394<a href="<?php echo site_url('wp-login.php', 'login') ?>"><?php _e('Log in') ?></a> |
     395<a href="<?php echo site_url('wp-login.php?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
    385396</p>
    386397
     
    396407case 'login' :
    397408default:
    398     $user = wp_signon();
    399 
    400409    if ( isset( $_REQUEST['redirect_to'] ) )
    401410        $redirect_to = $_REQUEST['redirect_to'];
    402411    else
    403412        $redirect_to = 'wp-admin/';
     413
     414    if ( is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) )
     415        $secure_cookie = false;
     416    else
     417        $secure_cookie = '';
     418
     419    $user = wp_signon('', $secure_cookie);
    404420
    405421    if ( !is_wp_error($user) ) {
     
    455471<?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
    456472<?php elseif (get_option('users_can_register')) : ?>
    457 <a href="<?php echo site_url('wp-login.php?action=register') ?>"><?php _e('Register') ?></a> |
    458 <a href="<?php echo site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
     473<a href="<?php echo site_url('wp-login.php?action=register', 'login') ?>"><?php _e('Register') ?></a> |
     474<a href="<?php echo site_url('wp-login.php?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
    459475<?php else : ?>
    460 <a href="<?php echo site_url('wp-login.php?action=lostpassword') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
     476<a href="<?php echo site_url('wp-login.php?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found') ?>"><?php _e('Lost your password?') ?></a>
    461477<?php endif; ?>
    462478</p>
Note: See TracChangeset for help on using the changeset viewer.