diff --git a/wp-content/themes/classic/comments.php b/wp-content/themes/classic/comments.php index c9e64e2976..898763ed6c 100644 --- a/wp-content/themes/classic/comments.php +++ b/wp-content/themes/classic/comments.php @@ -42,7 +42,7 @@ if ( post_password_required() ) : ?>

-

logged in to post a comment.'), get_option('siteurl')."/wp-login.php?redirect_to=".urlencode(get_permalink()));?>

+

logged in to post a comment.'), wp_login_url( get_permalink() ) );?>

diff --git a/wp-content/themes/default/comments.php b/wp-content/themes/default/comments.php index 94a677a92f..2e288e20d7 100644 --- a/wp-content/themes/default/comments.php +++ b/wp-content/themes/default/comments.php @@ -57,7 +57,7 @@ -

You must be logged in to post a comment.

+

You must be logged in to post a comment.

diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php index c295772c66..54d366ffb8 100644 --- a/wp-includes/comment-template.php +++ b/wp-includes/comment-template.php @@ -984,7 +984,7 @@ function get_comment_reply_link($args = array(), $comment = null, $post = null) $link = ''; if ( get_option('comment_registration') && !$user_ID ) - $link = '' . $login_text . ''; + $link = '' . $login_text . ''; else $link = "comment_ID ) ) . "#" . $respond_id . "' onclick='return addComment.moveForm(\"$add_below-$comment->comment_ID\", \"$comment->comment_ID\", \"$respond_id\", \"$post->ID\")'>$reply_text"; return apply_filters('comment_reply_link', $before . $link . $after, $args, $comment, $post); @@ -1035,7 +1035,7 @@ function get_post_reply_link($args = array(), $post = null) { return false; if ( get_option('comment_registration') && !$user_ID ) { - $link = '' . $login_text . ''; + $link = '' . $login_text . ''; } else { $link = "$reply_text"; } diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 9d46e8e425..2e0da46768 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -2317,7 +2317,7 @@ function wp_nonce_ays( $action ) { if ( wp_get_referer() ) $html .= "

" . __( 'Please try again.' ) . ""; elseif ( 'log-out' == $action ) - $html .= "

" . sprintf( __( "Do you really want to log out?"), wp_nonce_url( site_url('wp-login.php?action=logout', 'login'), 'log-out' ) ); + $html .= "

" . sprintf( __( "Do you really want to log out?"), wp_logout_url() ); wp_die( $html, $title); } diff --git a/wp-includes/general-template.php b/wp-includes/general-template.php index 31b85e340a..552d590e0e 100644 --- a/wp-includes/general-template.php +++ b/wp-includes/general-template.php @@ -154,14 +154,20 @@ function wp_loginout() { * @since 2.7 * @uses wp_nonce_url() To protect against CSRF * @uses site_url() To generate the log in URL + * @uses apply_filters() calls 'logout_url' hook on final logout url * * @param string $redirect Path to redirect to on logout. */ function wp_logout_url($redirect = '') { - if ( strlen($redirect) ) - $redirect = "&redirect_to=$redirect"; + $args = array( 'action' => 'logout' ); + if ( !empty($redirect) ) { + $args['redirect_to'] = $redirect; + } - return wp_nonce_url( site_url("wp-login.php?action=logout$redirect", 'login'), 'log-out' ); + $logout_url = add_query_arg($args, site_url('wp-login.php', 'login')); + $logout_url = wp_nonce_url( $logout_url, 'log-out' ); + + return apply_filters('logout_url', $logout_url, $redirect); } /** @@ -171,14 +177,18 @@ function wp_logout_url($redirect = '') { * * @since 2.7 * @uses site_url() To generate the log in URL + * @uses apply_filters() calls 'login_url' hook on final login url * * @param string $redirect Path to redirect to on login. */ function wp_login_url($redirect = '') { - if ( strlen($redirect) ) - $redirect = "?redirect_to=$redirect"; + $login_url = site_url('wp-login.php', 'login'); - return site_url("wp-login.php$redirect", 'login'); + if ( !empty($redirect) ) { + $login_url = add_query_arg('redirect_to', $redirect, $login_url); + } + + return apply_filters('login_url', $login_url, $redirect); } /** diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index cb99ea4585..56d2f0b53e 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -750,7 +750,7 @@ function auth_redirect() { $redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; - $login_url = site_url( 'wp-login.php?redirect_to=' . urlencode( $redirect ), 'login' ); + $login_url = wp_login_url($redirect); wp_redirect($login_url); exit(); @@ -1102,7 +1102,7 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') { $message = sprintf(__('Username: %s'), $user_login) . "\r\n"; $message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n"; - $message .= site_url("wp-login.php", 'login') . "\r\n"; + $message .= wp_login_url() . "\r\n"; wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);