Index: wp-login.php
===================================================================
--- wp-login.php (revision 6341)
+++ wp-login.php (working copy)
@@ -295,7 +295,8 @@
else
$redirect_to = $_REQUEST['redirect_to'];
- if ( $_POST ) {
+ $http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
+ if ( $http_post ) {
$user_login = $_POST['log'];
$user_login = sanitize_user( $user_login );
$user_pass = $_POST['pwd'];
@@ -312,7 +313,7 @@
do_action_ref_array('wp_authenticate', array(&$user_login, &$user_pass));
// If cookies are disabled we can't log in even with a valid user+pass
- if ( $_POST && empty($_COOKIE[TEST_COOKIE]) )
+ if ( $http_post && empty($_COOKIE[TEST_COOKIE]) )
$errors['test_cookie'] = __('ERROR: WordPress requires Cookies but your browser does not support them or they are blocked.');
if ( $user_login && $user_pass && empty( $errors ) ) {
@@ -334,9 +335,9 @@
}
}
- if ( $_POST && empty( $user_login ) )
+ if ( $http_post && empty( $user_login ) )
$errors['user_login'] = __('ERROR: The username field is empty.');
- if ( $_POST && empty( $user_pass ) )
+ if ( $http_post && empty( $user_pass ) )
$errors['user_pass'] = __('ERROR: The password field is empty.');
// Some parts of this script use the main login form to display a message