Login fixes.

git-svn-id: https://develop.svn.wordpress.org/trunk@1774 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2004-10-11 07:00:22 +00:00
parent 04301ee56a
commit 18585460f5
3 changed files with 28 additions and 24 deletions

View File

@ -1,7 +1,7 @@
<?php <?php
require_once('../wp-config.php'); require_once('../wp-config.php');
if ( !empty($_COOKIE['wordpressuser_' . COOKIEHASH]) && !wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH]) ) { if ( !empty($_COOKIE['wordpressuser_' . COOKIEHASH]) && !wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH], true) ) {
header('Expires: Wed, 5 Jun 1979 23:41:00 GMT'); // Michel's birthday header('Expires: Wed, 5 Jun 1979 23:41:00 GMT'); // Michel's birthday
header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-cache, must-revalidate'); header('Cache-Control: no-cache, must-revalidate');

View File

@ -1907,8 +1907,7 @@ function wp_login($username, $password, $already_md5 = false) {
$error = __('<strong>Error</strong>: Wrong login.'); $error = __('<strong>Error</strong>: Wrong login.');
return false; return false;
} else { } else {
if ( ($already_md5 && $login->user_login == $username && $login->user_pass == $password) || ($login->user_login == $username && $login->user_pass == md5($password)) ) {
if ( ($login->user_login == $username && $login->user_pass == $password) || ($already_md5 && $login->user_login == $username && md5($login->user_pass) == $password) ) {
return true; return true;
} else { } else {
$error = __('<strong>Error</strong>: Incorrect password.'); $error = __('<strong>Error</strong>: Incorrect password.');

View File

@ -142,8 +142,12 @@ default:
if( !empty($_POST) ) { if( !empty($_POST) ) {
$log = $_POST['log']; $log = $_POST['log'];
$pwd = md5($_POST['pwd']); $pwd = $_POST['pwd'];
$redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_POST['redirect_to']); $redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_POST['redirect_to']);
} else {
$log = '';
$pwd = '';
$redirect_to = '';
} }
$user = get_userdatabylogin($log); $user = get_userdatabylogin($log);
@ -152,22 +156,21 @@ default:
$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php'; $redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
} }
if ($log && $pwd) {
if ( wp_login($log, $pwd) ) { if ( wp_login($log, $pwd) ) {
$user_login = $log; $user_login = $log;
$user_pass = $pwd; $user_pass = md5($pwd);
setcookie('wordpressuser_'. COOKIEHASH, $user_login, time() + 31536000, COOKIEPATH); setcookie('wordpressuser_'. COOKIEHASH, $user_login, time() + 31536000, COOKIEPATH);
setcookie('wordpresspass_'. COOKIEHASH, md5($user_pass), time() + 31536000, COOKIEPATH); setcookie('wordpresspass_'. COOKIEHASH, $user_pass, time() + 31536000, COOKIEPATH);
if ($is_IIS) if ($is_IIS)
header("Refresh: 0;url=$redirect_to"); header("Refresh: 0;url=$redirect_to");
else else
header("Location: $redirect_to"); header("Location: $redirect_to");
} }
} else if ( !empty($_COOKIE['wordpressuser_' . COOKIEHASH]) && !empty($_COOKIE['wordpresspass_' . COOKIEHASH]) ) {
if( !empty($_COOKIE['wordpressuser_' . COOKIEHASH]) && !empty($_COOKIE['wordpresspass_' . COOKIEHASH]) ) {
$user_login = $_COOKIE['wordpressuser_' . COOKIEHASH]; $user_login = $_COOKIE['wordpressuser_' . COOKIEHASH];
$user_pass_md5 = $_COOKIE['wordpresspass_' . COOKIEHASH]; $user_pass_md5 = $_COOKIE['wordpresspass_' . COOKIEHASH];
}
if ( wp_login($user_login, $user_pass_md5, true) ) { if ( wp_login($user_login, $user_pass_md5, true) ) {
header('Location: wp-admin/'); header('Location: wp-admin/');
@ -176,6 +179,8 @@ default:
if ( !empty($_COOKIE['wordpressuser_' . COOKIEHASH]) ) if ( !empty($_COOKIE['wordpressuser_' . COOKIEHASH]) )
$error = 'Your session has expired.'; $error = 'Your session has expired.';
} }
}
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"> <html xmlns="http://www.w3.org/1999/xhtml">