Opened 11 years ago
Closed 11 years ago
#24961 closed defect (bug) (fixed)
No error message when logging in without cookies enabled
Reported by: | agoranet | Owned by: | azaozz |
---|---|---|---|
Milestone: | 3.7 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Administration | Keywords: | has-patch needs-testing |
Focuses: | Cc: |
Description
Trying to log in with cookies disabled exhibits the following behavior:
- Logging in as admin or user using incorrect username and/or password = error message "Cookies are blocked..." displayed along with error message about login information being incorrect
- Logging in as admin or user using the correct username and password = no error messages at all
In the second case, we would expect that the error message "Cookies are blocked..." would still be displayed. Instead the page just reloads to the login screen with no indication of what went wrong with the login.
We tried deactivating all plugins and using the default theme, but still saw the issue. We can reproduce the issue as far back as Wordpress 3.2 on various sites.
Attachments (1)
Change History (7)
#2
@
11 years ago
- Component changed from General to Administration
- Milestone changed from Awaiting Review to 3.7
#4
@
11 years ago
Patch solves the issue for me.
Just wanted to make sure it was intended, but if I use an existing username and enter an incorrect password pre-patch, it warns me the password is incorrect/or empty, and that I do not have cookies enabled.
After the patch, there is no warning for incorrect passwords, only that cookies are disabled.
#5
@
11 years ago
Just wanted to make sure it was intended, but if I use an existing username and enter an incorrect password pre-patch, it warns me the password is incorrect/or empty, and that I do not have cookies enabled.
I think if cookies are disabled, that's probably the only warning they need. They have to attempt the login again anyway after turning on cookies.
Confirmed. Seems the check for cookies has to be before
wp_signon()
, no point trying to set more cookies.