Opened 18 years ago
Closed 18 years ago
#4188 closed defect (bug) (worksforme)
redirect_to within wp-login.php breaks with an authentication failure
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 2.1.3 |
| Component: | General | Keywords: | |
| Focuses: | Cc: |
Description
When submitting from an external form to wp-login.php:
<form action="/wp-login.php?redirect_to=%2F" method="post">
everything operates normally if the user is authenticated on the first try. He is properly redirected to the redirect_to URL, which is "/" in this case.
However, if the login attempt failed on the first try, and a user is passed to the Wordpress login page, redirect_to seems to be lost in the new form, and the user will be redirected to his profile page.
Change History (5)
#2
in reply to:
↑ description
@
18 years ago
#4
@
18 years ago
- Resolution fixed deleted
- Status changed from closed to reopened
Oops, committed to wrong bug. Ignore that commit message.
#5
@
18 years ago
- Milestone 2.4 deleted
- Resolution set to worksforme
- Status changed from reopened to closed
Cannot recreate, either with "Subscriber" or "Admin" account. Both types carry the redirect_to value on invalid logins and redirect to that URL after a successful login (following an indefinitely long chain of unsuccessful logins).
I'm unable to replicate this bug. ENV:2.1.3
After the first request the form gets a hidden input with the value.
It's carryed on to every time the page loads