208 * Fires in the login page header after the body tag is opened. |
208 * Fires in the login page header after the body tag is opened. |
209 * |
209 * |
210 * @since 4.6.0 |
210 * @since 4.6.0 |
211 */ |
211 */ |
212 do_action( 'login_header' ); |
212 do_action( 'login_header' ); |
213 |
213 ?> |
|
214 <?php |
|
215 if ( 'confirm_admin_email' !== $action && ! empty( $title ) ) : |
|
216 ?> |
|
217 <h1 class="screen-reader-text"><?php echo $title; ?></h1> |
|
218 <?php |
|
219 endif; |
214 ?> |
220 ?> |
215 <div id="login"> |
221 <div id="login"> |
216 <h1><a href="<?php echo esc_url( $login_header_url ); ?>"><?php echo $login_header_text; ?></a></h1> |
222 <h1 role="presentation" class="wp-login-logo"><a href="<?php echo esc_url( $login_header_url ); ?>"><?php echo $login_header_text; ?></a></h1> |
217 <?php |
223 <?php |
218 /** |
224 /** |
219 * Filters the message to display above the login form. |
225 * Filters the message to display above the login form. |
220 * |
226 * |
221 * @since 2.1.0 |
227 * @since 2.1.0 |
519 } |
526 } |
520 } |
527 } |
521 |
528 |
522 // Set a cookie now to see if they are supported by the browser. |
529 // Set a cookie now to see if they are supported by the browser. |
523 $secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) ); |
530 $secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) ); |
524 setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure ); |
531 setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure, true ); |
525 |
532 |
526 if ( SITECOOKIEPATH !== COOKIEPATH ) { |
533 if ( SITECOOKIEPATH !== COOKIEPATH ) { |
527 setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure ); |
534 setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure, true ); |
528 } |
535 } |
529 |
536 |
530 if ( isset( $_GET['wp_lang'] ) ) { |
537 if ( isset( $_GET['wp_lang'] ) ) { |
531 setcookie( 'wp_lang', sanitize_text_field( $_GET['wp_lang'] ), 0, COOKIEPATH, COOKIE_DOMAIN, $secure ); |
538 setcookie( 'wp_lang', sanitize_text_field( $_GET['wp_lang'] ), 0, COOKIEPATH, COOKIE_DOMAIN, $secure, true ); |
532 } |
539 } |
533 |
540 |
534 /** |
541 /** |
535 * Fires when the login form is initialized. |
542 * Fires when the login form is initialized. |
536 * |
543 * |
695 /* translators: Hidden accessibility text. */ |
702 /* translators: Hidden accessibility text. */ |
696 __( '(opens in a new tab)' ) |
703 __( '(opens in a new tab)' ) |
697 ); |
704 ); |
698 |
705 |
699 printf( |
706 printf( |
700 '<a href="%s" rel="noopener" target="_blank">%s%s</a>', |
707 '<a href="%s" target="_blank">%s%s</a>', |
701 esc_url( $admin_email_help_url ), |
708 esc_url( $admin_email_help_url ), |
702 __( 'Why is this important?' ), |
709 __( 'Why is this important?' ), |
703 $accessibility_text |
710 $accessibility_text |
704 ); |
711 ); |
705 |
712 |
755 |
762 |
756 login_footer(); |
763 login_footer(); |
757 break; |
764 break; |
758 |
765 |
759 case 'postpass': |
766 case 'postpass': |
|
767 $redirect_to = $_POST['redirect_to'] ?? wp_get_referer(); |
|
768 |
760 if ( ! isset( $_POST['post_password'] ) || ! is_string( $_POST['post_password'] ) ) { |
769 if ( ! isset( $_POST['post_password'] ) || ! is_string( $_POST['post_password'] ) ) { |
761 wp_safe_redirect( wp_get_referer() ); |
770 wp_safe_redirect( $redirect_to ); |
762 exit; |
771 exit; |
763 } |
772 } |
764 |
773 |
765 require_once ABSPATH . WPINC . '/class-phpass.php'; |
774 require_once ABSPATH . WPINC . '/class-phpass.php'; |
766 $hasher = new PasswordHash( 8, true ); |
775 $hasher = new PasswordHash( 8, true ); |
773 * |
782 * |
774 * @since 3.7.0 |
783 * @since 3.7.0 |
775 * |
784 * |
776 * @param int $expires The expiry time, as passed to setcookie(). |
785 * @param int $expires The expiry time, as passed to setcookie(). |
777 */ |
786 */ |
778 $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS ); |
787 $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS ); |
779 $referer = wp_get_referer(); |
788 |
780 |
789 if ( $redirect_to ) { |
781 if ( $referer ) { |
790 $secure = ( 'https' === parse_url( $redirect_to, PHP_URL_SCHEME ) ); |
782 $secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) ); |
|
783 } else { |
791 } else { |
784 $secure = false; |
792 $secure = false; |
785 } |
793 } |
786 |
794 |
787 setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure ); |
795 setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure ); |
788 |
796 |
789 wp_safe_redirect( wp_get_referer() ); |
797 wp_safe_redirect( $redirect_to ); |
790 exit; |
798 exit; |
791 |
799 |
792 case 'logout': |
800 case 'logout': |
793 check_admin_referer( 'log-out' ); |
801 check_admin_referer( 'log-out' ); |
794 |
802 |
1158 |
1166 |
1159 ?> |
1167 ?> |
1160 <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate"> |
1168 <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate"> |
1161 <p> |
1169 <p> |
1162 <label for="user_login"><?php _e( 'Username' ); ?></label> |
1170 <label for="user_login"><?php _e( 'Username' ); ?></label> |
1163 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( wp_unslash( $user_login ) ); ?>" size="20" autocapitalize="off" autocomplete="username" required="required" /> |
1171 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" autocomplete="username" required="required" /> |
1164 </p> |
1172 </p> |
1165 <p> |
1173 <p> |
1166 <label for="user_email"><?php _e( 'Email' ); ?></label> |
1174 <label for="user_email"><?php _e( 'Email' ); ?></label> |
1167 <input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( wp_unslash( $user_email ) ); ?>" size="25" autocomplete="email" required="required" /> |
1175 <input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( $user_email ); ?>" size="25" autocomplete="email" required="required" /> |
1168 </p> |
1176 </p> |
1169 <?php |
1177 <?php |
1170 |
1178 |
1171 /** |
1179 /** |
1172 * Fires following the 'Email' field in the user registration form. |
1180 * Fires following the 'Email' field in the user registration form. |
1480 } |
1488 } |
1481 |
1489 |
1482 login_header( __( 'Log In' ), '', $errors ); |
1490 login_header( __( 'Log In' ), '', $errors ); |
1483 |
1491 |
1484 if ( isset( $_POST['log'] ) ) { |
1492 if ( isset( $_POST['log'] ) ) { |
1485 $user_login = ( 'incorrect_password' === $errors->get_error_code() || 'empty_password' === $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : ''; |
1493 $user_login = ( 'incorrect_password' === $errors->get_error_code() || 'empty_password' === $errors->get_error_code() ) ? wp_unslash( $_POST['log'] ) : ''; |
1486 } |
1494 } |
1487 |
1495 |
1488 $rememberme = ! empty( $_POST['rememberme'] ); |
1496 $rememberme = ! empty( $_POST['rememberme'] ); |
1489 |
1497 |
1490 $aria_describedby = ''; |
1498 $aria_describedby = ''; |