diff -r 3d4e9c994f10 -r a86126ab1dd4 wp/wp-login.php --- a/wp/wp-login.php Tue Oct 22 16:11:46 2019 +0200 +++ b/wp/wp-login.php Tue Dec 15 13:49:49 2020 +0100 @@ -9,16 +9,16 @@ */ /** Make sure that the WordPress bootstrap has run before continuing. */ -require( dirname( __FILE__ ) . '/wp-load.php' ); +require __DIR__ . '/wp-load.php'; // Redirect to HTTPS login if forced to use SSL. if ( force_ssl_admin() && ! is_ssl() ) { if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) { wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) ); - exit(); + exit; } else { wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ); - exit(); + exit; } } @@ -27,6 +27,12 @@ * * @since 2.1.0 * + * @global string $error Login error message set by deprecated pluggable wp_login() function + * or plugins replacing it. + * @global bool|string $interim_login Whether interim login modal is being displayed. String 'success' + * upon successful login. + * @global string $action The action that brought the visitor to the login page. + * * @param string $title Optional. WordPress login Page title to display in the `` element. * Default 'Log In'. * @param string $message Optional. Message to display in header. Default empty. @@ -35,7 +41,7 @@ function login_header( $title = 'Log In', $message = '', $wp_error = null ) { global $error, $interim_login, $action; - // Don't index any of these forms + // Don't index any of these forms. add_action( 'login_head', 'wp_sensitive_page_meta' ); add_action( 'login_head', 'wp_login_viewport_meta' ); @@ -45,7 +51,7 @@ } // Shake it! - $shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password' ); + $shake_error_codes = array( 'empty_password', 'empty_email', 'invalid_email', 'invalidcombo', 'empty_username', 'invalid_username', 'incorrect_password', 'retrieve_password_email_failure' ); /** * Filters the error codes array for shaking the login form. * @@ -55,13 +61,13 @@ */ $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes ); - if ( $shake_error_codes && $wp_error->has_errors() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) { - add_action( 'login_head', 'wp_shake_js', 12 ); + if ( $shake_error_codes && $wp_error->has_errors() && in_array( $wp_error->get_error_code(), $shake_error_codes, true ) ) { + add_action( 'login_footer', 'wp_shake_js', 12 ); } $login_title = get_bloginfo( 'name', 'display' ); - /* translators: Login screen title. 1: Login screen name, 2: Network or site name */ + /* translators: Login screen title. 1: Login screen name, 2: Network or site name. */ $login_title = sprintf( __( '%1$s ‹ %2$s — WordPress' ), $title, $login_title ); if ( wp_is_recovery_mode() ) { @@ -80,12 +86,7 @@ $login_title = apply_filters( 'login_title', $login_title, $title ); ?><!DOCTYPE html> - <!--[if IE 8]> - <html xmlns="http://www.w3.org/1999/xhtml" class="ie8" <?php language_attributes(); ?>> - <![endif]--> - <!--[if !(IE 8) ]><!--> - <html xmlns="http://www.w3.org/1999/xhtml" <?php language_attributes(); ?>> - <!--<![endif]--> + <html <?php language_attributes(); ?>> <head> <meta http-equiv="Content-Type" content="<?php bloginfo( 'html_type' ); ?>; charset=<?php bloginfo( 'charset' ); ?>" /> <title><?php echo $login_title; ?> @@ -98,7 +99,7 @@ * This could be added by add_action('login_head'...) like wp_shake_js(), * but maybe better if it's not removable by plugins. */ - if ( 'loggedout' == $wp_error->get_error_code() ) { + if ( 'loggedout' === $wp_error->get_error_code() ) { ?> - + +

@@ -206,6 +215,7 @@ * @param string $message Login message text. */ $message = apply_filters( 'login_message', $message ); + if ( ! empty( $message ) ) { echo $message . "\n"; } @@ -219,16 +229,18 @@ if ( $wp_error->has_errors() ) { $errors = ''; $messages = ''; + foreach ( $wp_error->get_error_codes() as $code ) { $severity = $wp_error->get_error_data( $code ); foreach ( $wp_error->get_error_messages( $code ) as $error_message ) { - if ( 'message' == $severity ) { + if ( 'message' === $severity ) { $messages .= ' ' . $error_message . "
\n"; } else { $errors .= ' ' . $error_message . "
\n"; } } } + if ( ! empty( $errors ) ) { /** * Filters the error messages displayed above the login form. @@ -239,6 +251,7 @@ */ echo '
' . apply_filters( 'login_errors', $errors ) . "
\n"; } + if ( ! empty( $messages ) ) { /** * Filters instructional messages displayed above the login form. @@ -250,46 +263,58 @@ echo '

' . apply_filters( 'login_messages', $messages ) . "

\n"; } } -} // End of login_header() +} // End of login_header(). /** * Outputs the footer for the login page. * * @since 3.1.0 * + * @global bool|string $interim_login Whether interim login modal is being displayed. String 'success' + * upon successful login. + * * @param string $input_id Which input to auto-focus. */ function login_footer( $input_id = '' ) { global $interim_login; // Don't allow interim logins to navigate away from the page. - if ( ! $interim_login ) : + if ( ! $interim_login ) { ?> -

+

-

- ', '
' ); ?> - - - +

+ - - + the_privacy_policy_link( '
', '
' ); + } + + ?> + . ?> + +
@@ -304,13 +329,9 @@ */ function wp_shake_js() { ?> - + add( 'empty_username', __( 'ERROR: Enter a username or email address.' ) ); + $errors->add( 'empty_username', __( 'Error: Please enter a username or email address.' ) ); } elseif ( strpos( $_POST['user_login'], '@' ) ) { $user_data = get_user_by( 'email', trim( wp_unslash( $_POST['user_login'] ) ) ); if ( empty( $user_data ) ) { - $errors->add( 'invalid_email', __( 'ERROR: There is no account with that username or email address.' ) ); + $errors->add( 'invalid_email', __( 'Error: There is no account with that username or email address.' ) ); } } else { - $login = trim( $_POST['user_login'] ); + $login = trim( wp_unslash( $_POST['user_login'] ) ); $user_data = get_user_by( 'login', $login ); } @@ -352,18 +374,37 @@ * * @since 2.1.0 * @since 4.4.0 Added the `$errors` parameter. + * @since 5.4.0 Added the `$user_data` parameter. * - * @param WP_Error $errors A WP_Error object containing any errors generated - * by using invalid credentials. + * @param WP_Error $errors A WP_Error object containing any errors generated + * by using invalid credentials. + * @param WP_User|false $user_data WP_User object if found, false if the user does not exist. */ - do_action( 'lostpassword_post', $errors ); + do_action( 'lostpassword_post', $errors, $user_data ); + + /** + * Filters the errors encountered on a password reset request. + * + * The filtered WP_Error object may, for example, contain errors for an invalid + * username or email address. A WP_Error object should always be returned, + * but may or may not contain errors. + * + * If any errors are present in $errors, this will abort the password reset request. + * + * @since 5.5.0 + * + * @param WP_Error $errors A WP_Error object containing any errors generated + * by using invalid credentials. + * @param WP_User|false $user_data WP_User object if found, false if the user does not exist. + */ + $errors = apply_filters( 'lostpassword_errors', $errors, $user_data ); if ( $errors->has_errors() ) { return $errors; } if ( ! $user_data ) { - $errors->add( 'invalidcombo', __( 'ERROR: There is no account with that username or email address.' ) ); + $errors->add( 'invalidcombo', __( 'Error: There is no account with that username or email address.' ) ); return $errors; } @@ -387,15 +428,15 @@ } $message = __( 'Someone has requested a password reset for the following account:' ) . "\r\n\r\n"; - /* translators: %s: site name */ + /* translators: %s: Site name. */ $message .= sprintf( __( 'Site Name: %s' ), $site_name ) . "\r\n\r\n"; - /* translators: %s: user login */ + /* translators: %s: User login. */ $message .= sprintf( __( 'Username: %s' ), $user_login ) . "\r\n\r\n"; $message .= __( 'If this was a mistake, just ignore this email and nothing will happen.' ) . "\r\n\r\n"; $message .= __( 'To reset your password, visit the following address:' ) . "\r\n\r\n"; - $message .= '<' . network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . ">\r\n"; + $message .= network_site_url( "wp-login.php?action=rp&key=$key&login=" . rawurlencode( $user_login ), 'login' ) . "\r\n"; - /* translators: Password reset notification email subject. %s: Site title */ + /* translators: Password reset notification email subject. %s: Site title. */ $title = sprintf( __( '[%s] Password Reset' ), $site_name ); /** @@ -426,7 +467,15 @@ $message = apply_filters( 'retrieve_password_message', $message, $key, $user_login, $user_data ); if ( $message && ! wp_mail( $user_email, wp_specialchars_decode( $title ), $message ) ) { - wp_die( __( 'The email could not be sent. Possible reason: your host may have disabled the mail() function.' ) ); + $errors->add( + 'retrieve_password_email_failure', + sprintf( + /* translators: %s: Documentation URL. */ + __( 'Error: The email could not be sent. Your site may not be correctly configured to send emails. Get support for resetting your password.' ), + esc_url( __( 'https://wordpress.org/support/article/resetting-your-password/' ) ) + ) + ); + return $errors; } return true; @@ -443,8 +492,27 @@ $action = 'resetpass'; } +if ( isset( $_GET['checkemail'] ) ) { + $action = 'checkemail'; +} + +$default_actions = array( + 'confirm_admin_email', + 'postpass', + 'logout', + 'lostpassword', + 'retrievepassword', + 'resetpass', + 'rp', + 'register', + 'checkemail', + 'confirmaction', + 'login', + WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED, +); + // Validate action so as to default to the login screen. -if ( ! in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login', 'confirmaction', WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED ), true ) && false === has_filter( 'login_form_' . $action ) ) { +if ( ! in_array( $action, $default_actions, true ) && false === has_filter( 'login_form_' . $action ) ) { $action = 'login'; } @@ -452,21 +520,23 @@ header( 'Content-Type: ' . get_bloginfo( 'html_type' ) . '; charset=' . get_bloginfo( 'charset' ) ); -if ( defined( 'RELOCATE' ) && RELOCATE ) { // Move flag is set - if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF'] ) ) { +if ( defined( 'RELOCATE' ) && RELOCATE ) { // Move flag is set. + if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] !== $_SERVER['PHP_SELF'] ) ) { $_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] ); } $url = dirname( set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) ); - if ( $url != get_option( 'siteurl' ) ) { + + if ( get_option( 'siteurl' ) !== $url ) { update_option( 'siteurl', $url ); } } -//Set a cookie now to see if they are supported by the browser. +// Set a cookie now to see if they are supported by the browser. $secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) ); setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure ); -if ( SITECOOKIEPATH != COOKIEPATH ) { + +if ( SITECOOKIEPATH !== COOKIEPATH ) { setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure ); } @@ -488,7 +558,7 @@ */ do_action( "login_form_{$action}" ); -$http_post = ( 'POST' == $_SERVER['REQUEST_METHOD'] ); +$http_post = ( 'POST' === $_SERVER['REQUEST_METHOD'] ); $interim_login = isset( $_REQUEST['interim-login'] ); /** @@ -502,10 +572,186 @@ switch ( $action ) { + case 'confirm_admin_email': + /* + * Note that `is_user_logged_in()` will return false immediately after logging in + * as the current user is not set, see wp-includes/pluggable.php. + * However this action runs on a redirect after logging in. + */ + if ( ! is_user_logged_in() ) { + wp_safe_redirect( wp_login_url() ); + exit; + } + + if ( ! empty( $_REQUEST['redirect_to'] ) ) { + $redirect_to = $_REQUEST['redirect_to']; + } else { + $redirect_to = admin_url(); + } + + if ( current_user_can( 'manage_options' ) ) { + $admin_email = get_option( 'admin_email' ); + } else { + wp_safe_redirect( $redirect_to ); + exit; + } + + /** + * Filters the interval for dismissing the admin email confirmation screen. + * + * If `0` (zero) is returned, the "Remind me later" link will not be displayed. + * + * @since 5.3.1 + * + * @param int $interval Interval time (in seconds). Default is 3 days. + */ + $remind_interval = (int) apply_filters( 'admin_email_remind_interval', 3 * DAY_IN_SECONDS ); + + if ( ! empty( $_GET['remind_me_later'] ) ) { + if ( ! wp_verify_nonce( $_GET['remind_me_later'], 'remind_me_later_nonce' ) ) { + wp_safe_redirect( wp_login_url() ); + exit; + } + + if ( $remind_interval > 0 ) { + update_option( 'admin_email_lifespan', time() + $remind_interval ); + } + + $redirect_to = add_query_arg( 'admin_email_remind_later', 1, $redirect_to ); + wp_safe_redirect( $redirect_to ); + exit; + } + + if ( ! empty( $_POST['correct-admin-email'] ) ) { + if ( ! check_admin_referer( 'confirm_admin_email', 'confirm_admin_email_nonce' ) ) { + wp_safe_redirect( wp_login_url() ); + exit; + } + + /** + * Filters the interval for redirecting the user to the admin email confirmation screen. + * + * If `0` (zero) is returned, the user will not be redirected. + * + * @since 5.3.0 + * + * @param int $interval Interval time (in seconds). Default is 6 months. + */ + $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 6 * MONTH_IN_SECONDS ); + + if ( $admin_email_check_interval > 0 ) { + update_option( 'admin_email_lifespan', time() + $admin_email_check_interval ); + } + + wp_safe_redirect( $redirect_to ); + exit; + } + + login_header( __( 'Confirm your administration email' ), '', $errors ); + + /** + * Fires before the admin email confirm form. + * + * @since 5.3.0 + * + * @param WP_Error $errors A `WP_Error` object containing any errors generated by using invalid + * credentials. Note that the error object may not contain any errors. + */ + do_action( 'admin_email_confirm', $errors ); + + ?> + +
+ + + +

+ +

+

+ administration email for this website is still correct.' ); ?> + %s', __( '(opens in a new tab)' ) ); + + printf( + '%s%s', + esc_url( $admin_email_help_url ), + __( 'Why is this important?' ), + $accessibility_text + ); + + ?> +

+

+ ' . esc_html( $admin_email ) . '' + ); + + ?> +

+

+ +

+ +
+
+ + + +
+ 0 ) : ?> +
+ 'confirm_admin_email', + 'remind_me_later' => wp_create_nonce( 'remind_me_later_nonce' ), + ), + $remind_me_link + ); + + ?> + +
+ +
+
+ + HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure ); wp_safe_redirect( wp_get_referer() ); - exit(); + exit; case 'logout': check_admin_referer( 'log-out' ); @@ -541,9 +789,17 @@ wp_logout(); if ( ! empty( $_REQUEST['redirect_to'] ) ) { - $redirect_to = $requested_redirect_to = $_REQUEST['redirect_to']; + $redirect_to = $_REQUEST['redirect_to']; + $requested_redirect_to = $redirect_to; } else { - $redirect_to = 'wp-login.php?loggedout=true'; + $redirect_to = add_query_arg( + array( + 'loggedout' => 'true', + 'wp_lang' => get_user_locale( $user ), + ), + wp_login_url() + ); + $requested_redirect_to = ''; } @@ -557,24 +813,26 @@ * @param WP_User $user The WP_User object for the user that's logging out. */ $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $requested_redirect_to, $user ); + wp_safe_redirect( $redirect_to ); - exit(); + exit; case 'lostpassword': case 'retrievepassword': if ( $http_post ) { $errors = retrieve_password(); + if ( ! is_wp_error( $errors ) ) { $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm'; wp_safe_redirect( $redirect_to ); - exit(); + exit; } } if ( isset( $_GET['error'] ) ) { - if ( 'invalidkey' == $_GET['error'] ) { + if ( 'invalidkey' === $_GET['error'] ) { $errors->add( 'invalidkey', __( 'Your password reset link appears to be invalid. Please request a new link below.' ) ); - } elseif ( 'expiredkey' == $_GET['error'] ) { + } elseif ( 'expiredkey' === $_GET['error'] ) { $errors->add( 'expiredkey', __( 'Your password reset link has expired. Please request a new link below.' ) ); } } @@ -600,7 +858,7 @@ */ do_action( 'lost_password', $errors ); - login_header( __( 'Lost Password' ), '

' . __( 'Please enter your username or email address. You will receive a link to create a new password via email.' ) . '

', $errors ); + login_header( __( 'Lost Password' ), '

' . __( 'Please enter your username or email address. You will receive an email message with instructions on how to reset your password.' ) . '

', $errors ); $user_login = ''; @@ -610,56 +868,65 @@ ?> -
-

- -

- - -

-
+
+

+ + +

+ - - %s', esc_url( wp_registration_url() ), __( 'Register' ) ); + ?> + +

+ +

+
- echo esc_html( $login_link_separator ); + + if ( get_option( 'users_can_register' ) ) { + $registration_url = sprintf( '%s', esc_url( wp_registration_url() ), __( 'Register' ) ); + + echo esc_html( $login_link_separator ); + /** This filter is documented in wp-includes/general-template.php */ + echo apply_filters( 'register', $registration_url ); + } + + ?> +

get_error_code() === 'expired_key' ) { wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) ); } else { wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) ); } + exit; } $errors = new WP_Error(); - if ( isset( $_POST['pass1'] ) && $_POST['pass1'] != $_POST['pass2'] ) { + if ( isset( $_POST['pass1'] ) && $_POST['pass1'] !== $_POST['pass2'] ) { $errors->add( 'password_reset_mismatch', __( 'The passwords do not match.' ) ); } @@ -688,7 +957,7 @@ * * @since 3.5.0 * - * @param object $errors WP Error object. + * @param WP_Error $errors WP Error object. * @param WP_User|WP_Error $user WP_User object if the login and reset key match. WP_Error object otherwise. */ do_action( 'validate_password_reset', $errors, $user ); @@ -707,70 +976,72 @@ login_header( __( 'Reset Password' ), '

' . __( 'Enter your new password below.' ) . '

', $errors ); ?> -
- + + + +
+

+ +

-
-

- -

+
+ -
-
- - + +
+
+
+ + +
-
-
-
- -
-
-

-
- -

+

+ + +

+ +

+
+ +

-
+ /** + * Fires following the 'Strength indicator' meter in the user password reset form. + * + * @since 3.9.0 + * + * @param WP_User $user User object of the user whose password is being reset. + */ + do_action( 'resetpass_form', $user ); - - -

- + ?> + +

+ +

+ - + /** This filter is documented in wp-includes/general-template.php */ + echo apply_filters( 'register', $registration_url ); + } + ?> +

' . __( 'Register For This Site' ) . '

', $errors ); + ?> -
-

- -

-

- -

+ +

+ + +

+

+ + +

+ +

+ +

+
+ +

+ +

+
+ + -

-
- -

- + + login_footer( 'user_login' ); + break; + + case 'checkemail': + $redirect_to = admin_url(); + $errors = new WP_Error(); - + if ( 'confirm' === $_GET['checkemail'] ) { + $errors->add( + 'confirm', + sprintf( + /* translators: %s: Link to the login page. */ + __( 'Check your email for the confirmation link, then visit the login page.' ), + wp_login_url() + ), + 'message' + ); + } elseif ( 'registered' === $_GET['checkemail'] ) { + $errors->add( + 'registered', + sprintf( + /* translators: %s: Link to the login page. */ + __( 'Registration complete. Please check your email, then visit the login page.' ), + wp_login_url() + ), + 'message' + ); + } - ERROR: Cookies are blocked due to unexpected output. For help, please see this documentation or try the support forums.' ), + /* translators: 1: Browser cookie documentation URL, 2: Support forums URL. */ + __( 'Error: Cookies are blocked due to unexpected output. For help, please see this documentation or try the support forums.' ), __( 'https://wordpress.org/support/article/cookies/' ), - __( 'https://wordpress.org/support/' ) + __( 'https://wordpress.org/support/forums/' ) ) ); } elseif ( isset( $_POST['testcookie'] ) && empty( $_COOKIE[ TEST_COOKIE ] ) ) { - // If cookies are disabled we can't log in even with a valid user+pass + // If cookies are disabled, we can't log in even with a valid user and password. $user = new WP_Error( 'test_cookie', sprintf( - /* translators: %s: Browser cookie documentation URL */ - __( 'ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.' ), + /* translators: %s: Browser cookie documentation URL. */ + __( 'Error: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress.' ), __( 'https://wordpress.org/support/article/cookies/#enable-cookies-in-your-browser' ) ) ); @@ -974,21 +1288,48 @@ $message = '

' . __( 'You have logged in successfully.' ) . '

'; $interim_login = 'success'; login_header( '', $message ); + ?>
+ + - - - exists() && $user->has_cap( 'manage_options' ) ) { + $admin_email_lifespan = (int) get_option( 'admin_email_lifespan' ); + + // If `0` (or anything "falsey" as it is cast to int) is returned, the user will not be redirected + // to the admin email confirmation screen. + /** This filter is documented in wp-login.php */ + $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 6 * MONTH_IN_SECONDS ); + + if ( $admin_email_check_interval > 0 && time() > $admin_email_lifespan ) { + $redirect_to = add_query_arg( + array( + 'action' => 'confirm_admin_email', + 'wp_lang' => get_user_locale( $user ), + ), + wp_login_url( $redirect_to ) + ); + } + } + + if ( ( empty( $redirect_to ) || 'wp-admin/' === $redirect_to || admin_url() === $redirect_to ) ) { // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. if ( is_multisite() && ! get_active_blog_for_user( $user->ID ) && ! is_super_admin( $user->ID ) ) { $redirect_to = user_admin_url(); @@ -999,10 +1340,11 @@ } wp_redirect( $redirect_to ); - exit(); + exit; } + wp_safe_redirect( $redirect_to ); - exit(); + exit; } $errors = $user; @@ -1021,16 +1363,10 @@ } } else { // Some parts of this script use the main login form to display a message. - if ( isset( $_GET['loggedout'] ) && true == $_GET['loggedout'] ) { + if ( isset( $_GET['loggedout'] ) && $_GET['loggedout'] ) { $errors->add( 'loggedout', __( 'You are now logged out.' ), 'message' ); - } elseif ( isset( $_GET['registration'] ) && 'disabled' == $_GET['registration'] ) { + } elseif ( isset( $_GET['registration'] ) && 'disabled' === $_GET['registration'] ) { $errors->add( 'registerdisabled', __( 'User registration is currently not allowed.' ) ); - } elseif ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) { - $errors->add( 'confirm', __( 'Check your email for the confirmation link.' ), 'message' ); - } elseif ( isset( $_GET['checkemail'] ) && 'newpass' == $_GET['checkemail'] ) { - $errors->add( 'newpass', __( 'Check your email for your new password.' ), 'message' ); - } elseif ( isset( $_GET['checkemail'] ) && 'registered' == $_GET['checkemail'] ) { - $errors->add( 'registered', __( 'Registration complete. Please check your email.' ), 'message' ); } elseif ( strpos( $redirect_to, 'about.php?updated' ) ) { $errors->add( 'updated', __( 'You have successfully updated WordPress! Please log back in to see what’s new.' ), 'message' ); } elseif ( WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED === $action ) { @@ -1043,8 +1379,8 @@ * * @since 3.6.0 * - * @param object $errors WP Error object. - * @param string $redirect_to Redirect destination URL. + * @param WP_Error $errors WP Error object. + * @param string $redirect_to Redirect destination URL. */ $errors = apply_filters( 'wp_login_errors', $errors, $redirect_to ); @@ -1056,8 +1392,9 @@ login_header( __( 'Log In' ), '', $errors ); if ( isset( $_POST['log'] ) ) { - $user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : ''; + $user_login = ( 'incorrect_password' === $errors->get_error_code() || 'empty_password' === $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : ''; } + $rememberme = ! empty( $_POST['rememberme'] ); if ( $errors->has_errors() ) { @@ -1065,80 +1402,102 @@ } else { $aria_describedby_error = ''; } + + wp_enqueue_script( 'user-profile' ); ?> -
-

- -

-

- -

+ +

+ + class="input" value="" size="20" autocapitalize="off" /> +

+ +
+ +
+ class="input password-input" value="" size="20" /> + +
+
+ +

/>

+

+ + + + + + + + + +

+
+ -

-

- - - - - - - - - - -

- - - - + +

+ - function wp_attempt_focus(){ - setTimeout( function(){ try{ - - d = document.getElementById('user_pass'); - d.value = ''; - - d = document.getElementById('user_login'); - get_error_code() ) { ?> - if( d.value != '' ) - d.value = ''; - get_error_code() === 'invalid_username' ) { + $login_script .= 'd.value = "";'; } - } - ?> - d.focus(); - d.select(); - } catch(e){} - }, 200); - } + } - + + - wp_attempt_focus(); - - if(typeof wpOnload=='function')wpOnload(); - - (function(){ - try { - var i, links = document.getElementsByTagName('a'); - for ( i in links ) { - if ( links[i].href ) - links[i].target = '_blank'; + + - -