From 08eaf4e3dcf08341650e88f8cc6ab807d4269ce8 Mon Sep 17 00:00:00 2001
From: Andrew Ozz <azaozz@git.wordpress.org>
Date: Sat, 17 Aug 2013 01:00:25 +0000
Subject: [PATCH] In wp-login.php check if cookies are enabled before
 attempting to log the user in with wp_signon(), fixes #24961.

git-svn-id: https://develop.svn.wordpress.org/trunk@25045 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-login.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/wp-login.php b/src/wp-login.php
index 532ffd970d..e4153e2562 100644
--- a/src/wp-login.php
+++ b/src/wp-login.php
@@ -619,7 +619,11 @@ default:
 	if ( !$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
 		$secure_cookie = false;
 
-	$user = wp_signon('', $secure_cookie);
+	// If cookies are disabled we can't log in even with a valid user+pass
+	if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
+		$user = new WP_Error('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
+	else
+		$user = wp_signon('', $secure_cookie);
 
 	$redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
 
@@ -655,10 +659,6 @@ default:
 	if ( !empty($_GET['loggedout']) || $reauth )
 		$errors = new WP_Error();
 
-	// If cookies are disabled we can't log in even with a valid user+pass
-	if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
-		$errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
-
 	if ( $interim_login ) {
 		if ( ! $errors->get_error_code() )
 			$errors->add('expired', __('Session expired. Please log in again. You will not move away from this page.'), 'message');