Changeset 45757
- Timestamp:
- 08/07/2019 12:03:39 AM (5 years ago)
- Location:
- trunk/src
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/css/login.css
r45673 r45757 132 132 } 133 133 134 135 136 137 138 139 140 141 142 143 144 134 145 .login form .forgetmenot { 135 146 font-weight: 400; … … 140 151 .login .button-primary { 141 152 float: right; 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 142 183 } 143 184 -
trunk/src/wp-admin/includes/upgrade.php
r45747 r45757 816 816 } 817 817 818 819 820 821 818 822 maybe_disable_link_manager(); 819 823 … … 2116 2120 2117 2121 /** 2122 2123 2124 2125 2126 2127 2128 2129 2130 2131 2132 2133 2134 2118 2135 * Executes network-level upgrade routines. 2119 2136 * -
trunk/src/wp-admin/options-general.php
r45737 r45757 109 109 110 110 <tr> 111 <th scope="row"><label for="new_admin_email"><?php _e( ' Email Address' ); ?></label></th>111 <th scope="row"><label for="new_admin_email"><?php _e( 'Email Address' ); ?></label></th> 112 112 <td><input name="new_admin_email" type="email" id="new_admin_email" aria-describedby="new-admin-email-description" value="<?php form_option( 'admin_email' ); ?>" class="regular-text ltr" /> 113 113 <p class="description" id="new-admin-email-description"><?php _e( 'This address is used for admin purposes. If you change this we will send you an email at your new address to confirm it. <strong>The new address will not become active until confirmed.</strong>' ); ?></p> -
trunk/src/wp-includes/version.php
r45316 r45757 21 21 * @global int $wp_db_version 22 22 */ 23 $wp_db_version = 4 4719;23 $wp_db_version = 4; 24 24 25 25 /** -
trunk/src/wp-login.php
r45690 r45757 56 56 $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes ); 57 57 58 if ( $shake_error_codes && $wp_error->has_errors() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) {58 if ( $shake_error_codes && $wp_error->has_errors() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) { 59 59 add_action( 'login_head', 'wp_shake_js', 12 ); 60 60 } … … 99 99 * but maybe better if it's not removable by plugins. 100 100 */ 101 if ( 'loggedout' == $wp_error->get_error_code() ) {101 if ( 'loggedout' == $wp_error->get_error_code() ) { 102 102 ?> 103 103 <script>if("sessionStorage" in window){try{for(var key in sessionStorage){if(key.indexOf("wp-autosave-")!=-1){sessionStorage.removeItem(key)}}}catch(e){}};</script> … … 160 160 161 161 $classes = array( 'login-action-' . $action, 'wp-core-ui' ); 162 162 163 if ( is_rtl() ) { 163 164 $classes[] = 'rtl'; 164 165 } 166 165 167 if ( $interim_login ) { 166 168 $classes[] = 'interim-login'; 169 167 170 ?> 168 171 <style type="text/css">html{background-color: transparent;}</style> … … 173 176 } 174 177 } 178 175 179 $classes[] = ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) ); 176 180 … … 195 199 */ 196 200 do_action( 'login_header' ); 201 197 202 ?> 198 203 <div id="login"> … … 207 212 */ 208 213 $message = apply_filters( 'login_message', $message ); 214 209 215 if ( ! empty( $message ) ) { 210 216 echo $message . "\n"; … … 220 226 $errors = ''; 221 227 $messages = ''; 228 222 229 foreach ( $wp_error->get_error_codes() as $code ) { 223 230 $severity = $wp_error->get_error_data( $code ); 224 231 foreach ( $wp_error->get_error_messages( $code ) as $error_message ) { 225 if ( 'message' == $severity ) {232 if ( 'message' == $severity ) { 226 233 $messages .= ' ' . $error_message . "<br />\n"; 227 234 } else { … … 230 237 } 231 238 } 239 232 240 if ( ! empty( $errors ) ) { 233 241 /** … … 240 248 echo '<div id="login_error">' . apply_filters( 'login_errors', $errors ) . "</div>\n"; 241 249 } 250 242 251 if ( ! empty( $messages ) ) { 243 252 /** … … 264 273 265 274 // Don't allow interim logins to navigate away from the page. 266 if ( ! $interim_login ) :275 if ( ! $interim_login ) 267 276 ?> 268 <p id="backtoblog"><a href="<?php echo esc_url( home_url( '/' ) ); ?>">277 <p id="backtoblog"><a href="<?php echo esc_url( home_url( '/' ) ); ?>"> 269 278 <?php 279 270 280 /* translators: %s: site title */ 271 281 printf( _x( '← Back to %s', 'site' ), get_bloginfo( 'title', 'display' ) ); 282 272 283 ?> 273 </a></p> 274 <?php the_privacy_policy_link( '<div class="privacy-policy-page-link">', '</div>' ); ?> 275 <?php endif; ?> 276 277 </div> 278 279 <?php if ( ! empty( $input_id ) ) : ?> 280 <script type="text/javascript"> 281 try{document.getElementById('<?php echo $input_id; ?>').focus();}catch(e){} 282 if(typeof wpOnload=='function')wpOnload(); 283 </script> 284 <?php endif; ?> 284 </a></p> 285 <?php 286 287 the_privacy_policy_link( '<div class="privacy-policy-page-link">', '</div>' ); 288 } 289 290 ?> 291 </div><?php // End of <div id="login"> ?> 285 292 286 293 <?php 294 295 296 297 298 299 300 301 302 303 287 304 /** 288 305 * Fires in the login page footer. … … 291 308 */ 292 309 do_action( 'login_footer' ); 310 293 311 ?> 294 312 <div class="clear"></div> … … 305 323 function wp_shake_js() { 306 324 ?> 307 <script type="text/javascript">308 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};309 function s(id,pos){g(id).left=pos+'px';}310 function g(id){return document.getElementById(id).style;}311 function shake(id,a,d){c=a.shift();s(id,c);if(a.length>0){setTimeout(function(){shake(id,a,d);},d);}else{try{g(id).position='static';wp_attempt_focus();}catch(e){}}}312 addLoadEvent(function(){ var p=new Array(15,30,15,0,-15,-30,-15,0);p=p.concat(p.concat(p));var i=document.forms[0].id;g(i).position='relative';shake(i,p,20);});313 </script>325 <script type="text/javascript"> 326 addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}}; 327 function s(id,pos){g(id).left=pos+'px';} 328 function g(id){return document.getElementById(id).style;} 329 function shake(id,a,d){c=a.shift();s(id,c);if(a.length>0){setTimeout(function(){shake(id,a,d);},d);}else{try{g(id).position='static';wp_attempt_focus();}catch(e){}}} 330 addLoadEvent(function(){ var p=new Array(15,30,15,0,-15,-30,-15,0);p=p.concat(p.concat(p));var i=document.forms[0].id;g(i).position='relative';shake(i,p,20);}); 331 </script> 314 332 <?php 315 333 } … … 453 471 } 454 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 455 487 // Validate action so as to default to the login screen. 456 if ( ! in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login', 'confirmaction', WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED ), true ) && false === has_filter( 'login_form_' . $action ) ) {488 if ( ! in_array( $action, , true ) && false === has_filter( 'login_form_' . $action ) ) { 457 489 $action = 'login'; 458 490 } … … 463 495 464 496 if ( defined( 'RELOCATE' ) && RELOCATE ) { // Move flag is set 465 if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF'] ) ) {497 if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF'] ) ) { 466 498 $_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] ); 467 499 } 468 500 469 501 $url = dirname( set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) ); 470 if ( $url != get_option( 'siteurl' ) ) { 502 503 if ( $url !== get_option( 'siteurl' ) ) { 471 504 update_option( 'siteurl', $url ); 472 505 } … … 476 509 $secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) ); 477 510 setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure ); 511 478 512 if ( SITECOOKIEPATH != COOKIEPATH ) { 479 513 setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure ); … … 498 532 do_action( "login_form_{$action}" ); 499 533 500 $http_post = ( 'POST' == $_SERVER['REQUEST_METHOD'] );534 $http_post = ( 'POST' == $_SERVER['REQUEST_METHOD'] ); 501 535 $interim_login = isset( $_REQUEST['interim-login'] ); 502 536 … … 512 546 switch ( $action ) { 513 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 514 709 case 'postpass': 515 710 if ( ! array_key_exists( 'post_password', $_POST ) ) { 516 711 wp_safe_redirect( wp_get_referer() ); 517 exit ();712 exit; 518 713 } 519 714 … … 533 728 $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS ); 534 729 $referer = wp_get_referer(); 730 535 731 if ( $referer ) { 536 732 $secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) ); … … 538 734 $secure = false; 539 735 } 736 540 737 setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure ); 541 738 … … 554 751 $requested_redirect_to = $redirect_to; 555 752 } else { 556 $redirect_to 753 $redirect_to = add_query_arg( 557 754 array( 558 755 'loggedout' => 'true', … … 561 758 wp_login_url() 562 759 ); 760 563 761 $requested_redirect_to = ''; 564 762 } … … 574 772 */ 575 773 $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $requested_redirect_to, $user ); 774 576 775 wp_safe_redirect( $redirect_to ); 577 776 exit(); … … 581 780 if ( $http_post ) { 582 781 $errors = retrieve_password(); 782 583 783 if ( ! is_wp_error( $errors ) ) { 584 784 $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm'; … … 589 789 590 790 if ( isset( $_GET['error'] ) ) { 591 if ( 'invalidkey' == $_GET['error'] ) {791 if ( 'invalidkey' == $_GET['error'] ) { 592 792 $errors->add( 'invalidkey', __( 'Your password reset link appears to be invalid. Please request a new link below.' ) ); 593 } elseif ( 'expiredkey' == $_GET['error'] ) {793 } elseif ( 'expiredkey' == $_GET['error'] ) { 594 794 $errors->add( 'expiredkey', __( 'Your password reset link has expired. Please request a new link below.' ) ); 595 795 } … … 627 827 ?> 628 828 629 <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post"> 630 <p> 631 <label for="user_login" ><?php _e( 'Username or Email Address' ); ?><br /> 632 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label> 633 </p> 829 <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post"> 830 <p> 831 <label for="user_login" ><?php _e( 'Username or Email Address' ); ?><br /> 832 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label> 833 </p> 834 <?php 835 836 /** 837 * Fires inside the lostpassword form tags, before the hidden fields. 838 * 839 * @since 2.1.0 840 */ 841 do_action( 'lostpassword_form' ); 842 843 ?> 844 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 845 <p class="submit"> 846 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Get New Password' ); ?>" /> 847 </p> 848 </form> 849 850 <p id="nav"> 851 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 852 <?php 853 854 if ( get_option( 'users_can_register' ) ) { 855 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 856 857 echo esc_html( $login_link_separator ); 858 859 /** This filter is documented in wp-includes/general-template.php */ 860 echo apply_filters( 'register', $registration_url ); 861 } 862 863 ?> 864 </p> 634 865 <?php 635 /** 636 * Fires inside the lostpassword form tags, before the hidden fields. 637 * 638 * @since 2.1.0 639 */ 640 do_action( 'lostpassword_form' ); 641 ?> 642 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 643 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Get New Password' ); ?>" /></p> 644 </form> 645 646 <p id="nav"> 647 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 648 <?php 649 if ( get_option( 'users_can_register' ) ) : 650 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 651 652 echo esc_html( $login_link_separator ); 653 654 /** This filter is documented in wp-includes/general-template.php */ 655 echo apply_filters( 'register', $registration_url ); 656 endif; 657 ?> 658 </p> 659 660 <?php 866 661 867 login_footer( 'user_login' ); 662 663 868 break; 664 869 … … 667 872 list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) ); 668 873 $rp_cookie = 'wp-resetpass-' . COOKIEHASH; 874 669 875 if ( isset( $_GET['key'] ) ) { 670 876 $value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['key'] ) ); 671 877 setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 878 672 879 wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) ); 673 880 exit; … … 676 883 if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) { 677 884 list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 ); 678 $user = check_password_reset_key( $rp_key, $rp_login ); 885 886 $user = check_password_reset_key( $rp_key, $rp_login ); 887 679 888 if ( isset( $_POST['pass1'] ) && ! hash_equals( $rp_key, $_POST['rp_key'] ) ) { 680 889 $user = false; … … 686 895 if ( ! $user || is_wp_error( $user ) ) { 687 896 setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true ); 897 688 898 if ( $user && $user->get_error_code() === 'expired_key' ) { 689 899 wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) ); … … 691 901 wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) ); 692 902 } 903 693 904 exit; 694 905 } … … 724 935 725 936 ?> 726 <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off"> 727 <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" /> 728 729 <div class="user-pass1-wrap"> 730 <p> 731 <label for="pass1"><?php _e( 'New password' ); ?></label> 937 <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off"> 938 <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" /> 939 940 <div class="user-pass1-wrap"> 941 <p> 942 <label for="pass1"><?php _e( 'New password' ); ?></label> 943 </p> 944 945 <div class="wp-pwd"> 946 <div class="password-input-wrapper"> 947 <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 16 ) ); ?>" name="pass1" id="pass1" class="input password-input" size="24" value="" autocomplete="off" aria-describedby="pass-strength-result" /> 948 <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js"> 949 <span class="dashicons dashicons-hidden" aria-hidden="true"></span> 950 </button> 951 </div> 952 <div id="pass-strength-result" class="hide-if-no-js" aria-live="polite"><?php _e( 'Strength indicator' ); ?></div> 953 </div> 954 <div class="pw-weak"> 955 <label> 956 <input type="checkbox" name="pw_weak" class="pw-checkbox" /> 957 <?php _e( 'Confirm use of weak password' ); ?> 958 </label> 959 </div> 960 </div> 961 962 <p class="user-pass2-wrap"> 963 <label for="pass2"><?php _e( 'Confirm new password' ); ?></label><br /> 964 <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" /> 965 </p> 966 967 <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p> 968 <br class="clear" /> 969 970 <?php 971 972 /** 973 * Fires following the 'Strength indicator' meter in the user password reset form. 974 * 975 * @since 3.9.0 976 * 977 * @param WP_User $user User object of the user whose password is being reset. 978 */ 979 do_action( 'resetpass_form', $user ); 980 981 ?> 982 <input type="hidden" name="rp_key" value="<?php echo esc_attr( $rp_key ); ?>" /> 983 <p class="submit"> 984 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Reset Password' ); ?>" /> 985 </p> 986 </form> 987 988 <p id="nav"> 989 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 990 <?php 991 992 if ( get_option( 'users_can_register' ) ) { 993 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 994 995 echo esc_html( $login_link_separator ); 996 997 /** This filter is documented in wp-includes/general-template.php */ 998 echo apply_filters( 'register', $registration_url ); 999 } 1000 1001 ?> 732 1002 </p> 733 734 <div class="wp-pwd">735 <div class="password-input-wrapper">736 <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 16 ) ); ?>" name="pass1" id="pass1" class="input password-input" size="24" value="" autocomplete="off" aria-describedby="pass-strength-result" />737 <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js">738 <span class="dashicons dashicons-hidden" aria-hidden="true"></span>739 </button>740 </div>741 <div id="pass-strength-result" class="hide-if-no-js" aria-live="polite"><?php _e( 'Strength indicator' ); ?></div>742 </div>743 <div class="pw-weak">744 <label>745 <input type="checkbox" name="pw_weak" class="pw-checkbox" />746 <?php _e( 'Confirm use of weak password' ); ?>747 </label>748 </div>749 </div>750 751 <p class="user-pass2-wrap">752 <label for="pass2"><?php _e( 'Confirm new password' ); ?></label><br />753 <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" />754 </p>755 756 <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p>757 <br class="clear" />758 759 1003 <?php 760 /** 761 * Fires following the 'Strength indicator' meter in the user password reset form. 762 * 763 * @since 3.9.0 764 * 765 * @param WP_User $user User object of the user whose password is being reset. 766 */ 767 do_action( 'resetpass_form', $user ); 768 ?> 769 <input type="hidden" name="rp_key" value="<?php echo esc_attr( $rp_key ); ?>" /> 770 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Reset Password' ); ?>" /></p> 771 </form> 772 773 <p id="nav"> 774 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 775 <?php 776 if ( get_option( 'users_can_register' ) ) : 777 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 778 779 echo esc_html( $login_link_separator ); 780 781 /** This filter is documented in wp-includes/general-template.php */ 782 echo apply_filters( 'register', $registration_url ); 783 endif; 784 ?> 785 </p> 786 787 <?php 1004 788 1005 login_footer( 'user_pass' ); 789 790 1006 break; 791 1007 … … 821 1037 822 1038 $errors = register_new_user( $user_login, $user_email ); 1039 823 1040 if ( ! is_wp_error( $errors ) ) { 824 1041 $redirect_to = ! empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'wp-login.php?checkemail=registered'; … … 829 1046 830 1047 $registration_redirect = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : ''; 1048 831 1049 /** 832 1050 * Filters the registration redirect URL. … … 837 1055 */ 838 1056 $redirect_to = apply_filters( 'registration_redirect', $registration_redirect ); 1057 839 1058 login_header( __( 'Registration Form' ), '<p class="message register">' . __( 'Register For This Site' ) . '</p>', $errors ); 1059 840 1060 ?> 841 <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate"> 842 <p> 843 <label for="user_login"><?php _e( 'Username' ); ?><br /> 844 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( wp_unslash( $user_login ) ); ?>" size="20" autocapitalize="off" /></label> 845 </p> 846 <p> 847 <label for="user_email"><?php _e( 'Email' ); ?><br /> 848 <input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( wp_unslash( $user_email ) ); ?>" size="25" /></label> 849 </p> 1061 <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate"> 1062 <p> 1063 <label for="user_login"><?php _e( 'Username' ); ?><br /> 1064 <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( wp_unslash( $user_login ) ); ?>" size="20" autocapitalize="off" /></label> 1065 </p> 1066 <p> 1067 <label for="user_email"><?php _e( 'Email' ); ?><br /> 1068 <input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( wp_unslash( $user_email ) ); ?>" size="25" /></label> 1069 </p> 1070 <?php 1071 1072 /** 1073 * Fires following the 'Email' field in the user registration form. 1074 * 1075 * @since 2.1.0 1076 */ 1077 do_action( 'register_form' ); 1078 1079 ?> 1080 <p id="reg_passmail"> 1081 <?php _e( 'Registration confirmation will be emailed to you.' ); ?> 1082 </p> 1083 <br class="clear" /> 1084 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 1085 <p class="submit"> 1086 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Register' ); ?>" /> 1087 </p> 1088 </form> 1089 1090 <p id="nav"> 1091 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 1092 <?php echo esc_html( $login_link_separator ); ?> 1093 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a> 1094 </p> 850 1095 <?php 851 /** 852 * Fires following the 'Email' field in the user registration form. 853 * 854 * @since 2.1.0 855 */ 856 do_action( 'register_form' ); 857 ?> 858 <p id="reg_passmail"><?php _e( 'Registration confirmation will be emailed to you.' ); ?></p> 859 <br class="clear" /> 860 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 861 <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Register' ); ?>" /></p> 862 </form> 863 864 <p id="nav"> 865 <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a> 866 <?php echo esc_html( $login_link_separator ); ?> 867 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a> 868 </p> 869 870 <?php 1096 871 1097 login_footer( 'user_login' ); 872 873 1098 break; 874 1099 … … 915 1140 $secure_cookie = ''; 916 1141 $customize_login = isset( $_REQUEST['customize-login'] ); 1142 917 1143 if ( $customize_login ) { 918 1144 wp_enqueue_script( 'customize-base' ); … … 991 1217 $interim_login = 'success'; 992 1218 login_header( '', $message ); 1219 993 1220 ?> 994 1221 </div> 995 1222 <?php 1223 996 1224 /** This action is documented in wp-login.php */ 997 1225 do_action( 'login_footer' ); 1226 1227 1228 1229 1230 1231 1232 998 1233 ?> 999 <?php if ( $customize_login ) : ?>1000 <script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php echo wp_customize_url(); ?>', channel: 'login' }).send('login') }, 1000 );</script>1001 <?php endif; ?>1002 1234 </body></html> 1003 1235 <?php 1236 1004 1237 exit; 1005 1238 } 1006 1239 1007 if ( ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) ) { 1240 // Check if it is time to add a redirect to the admin email confirmation screen. 1241 if ( is_a( $user, 'WP_User' ) && $user->exists() && $user->has_cap( 'manage_options' ) ) { 1242 $admin_email_lifespan = (int) get_option( 'admin_email_lifespan' ); 1243 1244 // If `0` (or anything "falsey" as it is cast to int) is returned, the user will not be redirected 1245 // to the admin email confirmation screen. 1246 /** This filter is documented in wp-login.php */ 1247 $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 180 * DAY_IN_SECONDS ); 1248 1249 if ( $admin_email_check_interval > 0 && time() > $admin_email_lifespan ) { 1250 $redirect_to = add_query_arg( 'action', 'confirm_admin_email', wp_login_url( $redirect_to ) ); 1251 } 1252 } 1253 1254 if ( ( empty( $redirect_to ) || $redirect_to === 'wp-admin/' || $redirect_to == admin_url() ) ) { 1008 1255 // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile. 1009 1256 if ( is_multisite() && ! get_active_blog_for_user( $user->ID ) && ! is_super_admin( $user->ID ) ) { … … 1016 1263 1017 1264 wp_redirect( $redirect_to ); 1018 exit(); 1019 } 1265 exit; 1266 } 1267 1020 1268 wp_safe_redirect( $redirect_to ); 1021 exit ();1269 exit; 1022 1270 } 1023 1271 … … 1038 1286 } else { 1039 1287 // Some parts of this script use the main login form to display a message. 1040 if ( isset( $_GET['loggedout'] ) && true ==$_GET['loggedout'] ) {1288 if ( isset( $_GET['loggedout'] ) && $_GET['loggedout'] ) { 1041 1289 $errors->add( 'loggedout', __( 'You are now logged out.' ), 'message' ); 1042 } elseif ( isset( $_GET['registration'] ) && 'disabled' == $_GET['registration'] ) {1290 } elseif ( isset( $_GET['registration'] ) && 'disabled' == $_GET['registration'] ) { 1043 1291 $errors->add( 'registerdisabled', __( 'User registration is currently not allowed.' ) ); 1044 } elseif ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) {1292 } elseif ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) { 1045 1293 $errors->add( 'confirm', __( 'Check your email for the confirmation link.' ), 'message' ); 1046 } elseif ( isset( $_GET['checkemail'] ) && 'newpass' == $_GET['checkemail'] ) {1294 } elseif ( isset( $_GET['checkemail'] ) && 'newpass' == $_GET['checkemail'] ) { 1047 1295 $errors->add( 'newpass', __( 'Check your email for your new password.' ), 'message' ); 1048 } elseif ( isset( $_GET['checkemail'] ) && 'registered' == $_GET['checkemail'] ) {1296 } elseif ( isset( $_GET['checkemail'] ) && 'registered' == $_GET['checkemail'] ) { 1049 1297 $errors->add( 'registered', __( 'Registration complete. Please check your email.' ), 'message' ); 1050 1298 } elseif ( strpos( $redirect_to, 'about.php?updated' ) ) { … … 1073 1321 1074 1322 if ( isset( $_POST['log'] ) ) { 1075 $user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : ''; 1076 } 1323 $user_login = ( 'incorrect_password' === $errors->get_error_code() || 'empty_password' === $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : ''; 1324 } 1325 1077 1326 $rememberme = ! empty( $_POST['rememberme'] ); 1078 1327 … … 1082 1331 $aria_describedby_error = ''; 1083 1332 } 1333 1084 1334 ?> 1085 1335 1086 <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"> 1087 <p> 1088 <label for="user_login"><?php _e( 'Username or Email Address' ); ?><br /> 1089 <input type="text" name="log" id="user_login"<?php echo $aria_describedby_error; ?> class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label> 1090 </p> 1091 <p> 1092 <label for="user_pass"><?php _e( 'Password' ); ?><br /> 1093 <input type="password" name="pwd" id="user_pass"<?php echo $aria_describedby_error; ?> class="input" value="" size="20" /></label> 1094 </p> 1336 <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"> 1337 <p> 1338 <label for="user_login"><?php _e( 'Username or Email Address' ); ?><br /> 1339 <input type="text" name="log" id="user_login"<?php echo $aria_describedby_error; ?> class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label> 1340 </p> 1341 <p> 1342 <label for="user_pass"><?php _e( 'Password' ); ?><br /> 1343 <input type="password" name="pwd" id="user_pass"<?php echo $aria_describedby_error; ?> class="input" value="" size="20" /></label> 1344 </p> 1345 <?php 1346 1347 /** 1348 * Fires following the 'Password' field in the login form. 1349 * 1350 * @since 2.1.0 1351 */ 1352 do_action( 'login_form' ); 1353 1354 ?> 1355 <p class="forgetmenot"><label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever" <?php checked( $rememberme ); ?> /> <?php esc_html_e( 'Remember Me' ); ?></label></p> 1356 <p class="submit"> 1357 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Log In' ); ?>" /> 1358 <?php 1359 1360 if ( $interim_login ) { 1361 ?> 1362 <input type="hidden" name="interim-login" value="1" /> 1363 <?php 1364 } else { 1365 ?> 1366 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 1367 <?php 1368 } 1369 1370 if ( $customize_login ) { 1371 ?> 1372 <input type="hidden" name="customize-login" value="1" /> 1373 <?php 1374 } 1375 1376 ?> 1377 <input type="hidden" name="testcookie" value="1" /> 1378 </p> 1379 </form> 1380 1095 1381 <?php 1096 /** 1097 * Fires following the 'Password' field in the login form. 1098 * 1099 * @since 2.1.0 1100 */ 1101 do_action( 'login_form' ); 1102 ?> 1103 <p class="forgetmenot"><label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever" <?php checked( $rememberme ); ?> /> <?php esc_html_e( 'Remember Me' ); ?></label></p> 1104 <p class="submit"> 1105 <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Log In' ); ?>" /> 1106 <?php if ( $interim_login ) { ?> 1107 <input type="hidden" name="interim-login" value="1" /> 1108 <?php } else { ?> 1109 <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" /> 1110 <?php } ?> 1111 <?php if ( $customize_login ) : ?> 1112 <input type="hidden" name="customize-login" value="1" /> 1113 <?php endif; ?> 1114 <input type="hidden" name="testcookie" value="1" /> 1115 </p> 1116 </form> 1117 1118 <?php if ( ! $interim_login ) { ?> 1119 <p id="nav"> 1382 1383 if ( ! $interim_login ) { 1384 ?> 1385 <p id="nav"> 1386 <?php 1387 1388 if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ), true ) ) { 1389 if ( get_option( 'users_can_register' ) ) { 1390 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 1391 1392 /** This filter is documented in wp-includes/general-template.php */ 1393 echo apply_filters( 'register', $registration_url ); 1394 1395 echo esc_html( $login_link_separator ); 1396 } 1397 1398 ?> 1399 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a> 1400 <?php 1401 } 1402 1403 ?> 1404 </p> 1120 1405 <?php 1121 if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ) ) ) : 1122 if ( get_option( 'users_can_register' ) ) : 1123 $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) ); 1124 1125 /** This filter is documented in wp-includes/general-template.php */ 1126 echo apply_filters( 'register', $registration_url ); 1127 1128 echo esc_html( $login_link_separator ); 1129 endif; 1130 ?> 1131 <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a> 1132 <?php endif; ?> 1133 </p> 1134 <?php } ?> 1135 1136 <script type="text/javascript"> 1137 function wp_attempt_focus(){ 1138 setTimeout( function(){ try{ 1139 <?php if ( $user_login ) { ?> 1140 d = document.getElementById('user_pass'); 1141 d.value = ''; 1142 <?php } else { ?> 1143 d = document.getElementById('user_login'); 1144 <?php if ( 'invalid_username' == $errors->get_error_code() ) { ?> 1145 if( d.value != '' ) 1146 d.value = ''; 1147 <?php 1148 } 1149 } 1150 ?> 1151 d.focus(); 1152 d.select(); 1153 } catch(e){} 1154 }, 200); 1155 } 1156 1157 <?php 1406 } 1407 1408 $login_script = 'function wp_attempt_focus() {'; 1409 $login_script .= 'setTimeout( function() {'; 1410 $login_script .= 'try {'; 1411 1412 if ( $user_login ) { 1413 $login_script .= 'd = document.getElementById( "user_pass" ); d.value = "";'; 1414 } else { 1415 $login_script .= 'd = document.getElementById( "user_login" );'; 1416 1417 if ( $errors->get_error_code() === 'invalid_username' ) { 1418 $login_script .= 'd.value = "";'; 1419 } 1420 } 1421 1422 $login_script .= 'd.focus(); d.select();'; 1423 $login_script .= '} catch( er ) {}'; 1424 $login_script .= '}, 200);'; 1425 $login_script .= "}\n"; // End of wp_attempt_focus(). 1426 1158 1427 /** 1159 1428 * Filters whether to print the call to `wp_attempt_focus()` on the login screen. … … 1164 1433 */ 1165 1434 if ( apply_filters( 'enable_login_autofocus', true ) && ! $error ) { 1435 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1166 1448 ?> 1167 wp_attempt_focus(); 1168 <?php } ?> 1169 if(typeof wpOnload=='function')wpOnload(); 1170 <?php if ( $interim_login ) { ?> 1171 (function(){ 1172 try { 1173 var i, links = document.getElementsByTagName('a'); 1174 for ( i in links ) { 1175 if ( links[i].href ) 1176 links[i].target = '_blank'; 1177 } 1178 } catch(e){} 1179 }()); 1180 <?php } ?> 1181 </script> 1182 1183 <?php 1449 <script type="text/javascript"> 1450 ( function() { 1451 try { 1452 var i, links = document.getElementsByTagName( 'a' ); 1453 for ( i in links ) { 1454 if ( links[i].href ) { 1455 links[i].target = '_blank'; 1456 links[i].rel = 'noreferrer noopener'; 1457 } 1458 } 1459 } catch( er ) {} 1460 }()); 1461 </script> 1462 <?php 1463 } 1464 1184 1465 login_footer(); 1185 1186 1466 break; 1187 1467 } // End action switch.
Note: See TracChangeset
for help on using the changeset viewer.