sergiotarxz
/
Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check if REQUEST_METHOD is POST rather than cheecking if _POST is empty to determine if we were called via POST. Props xknown. fixes #5365 

git-svn-id: https://develop.svn.wordpress.org/trunk@6345 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2007-11-27 08:03:33 +00:00
parent b88b2b507d
commit b3543211aa
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
wp-login.php
View File

@ -68,7 +68,7 @@ function login_header($title = 'Login', $message = '') {
} }
} // End of login_header() } // End of login_header()
$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
switch ($action) { switch ($action) {
case 'logout' : case 'logout' :
@ -90,7 +90,7 @@ case 'retrievepassword' :
$user_login = ''; $user_login = '';
$user_pass = ''; $user_pass = '';
if ( $_POST ) { if ( $http_post ) {
if ( empty( $_POST['user_login'] ) ) if ( empty( $_POST['user_login'] ) )
$errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.'); $errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.');
if ( empty( $_POST['user_email'] ) ) if ( empty( $_POST['user_email'] ) )
@ -212,7 +212,7 @@ case 'register' :
exit(); exit();
} }
if ( $_POST ) { if ( $http_post ) {
require_once( ABSPATH . WPINC . '/registration.php'); require_once( ABSPATH . WPINC . '/registration.php');
$user_login = sanitize_user( $_POST['user_login'] ); $user_login = sanitize_user( $_POST['user_login'] );
@ -295,7 +295,7 @@ default:
else else
$redirect_to = $_REQUEST['redirect_to']; $redirect_to = $_REQUEST['redirect_to'];
if ( $_POST ) { if ( $http_post ) {
$user_login = $_POST['log']; $user_login = $_POST['log'];
$user_login = sanitize_user( $user_login ); $user_login = sanitize_user( $user_login );
$user_pass = $_POST['pwd']; $user_pass = $_POST['pwd'];
@ -312,7 +312,7 @@ default:
do_action_ref_array('wp_authenticate', array(&$user_login, &$user_pass)); do_action_ref_array('wp_authenticate', array(&$user_login, &$user_pass));
// If cookies are disabled we can't log in even with a valid user+pass // If cookies are disabled we can't log in even with a valid user+pass
if ( $_POST && empty($_COOKIE[TEST_COOKIE]) ) if ( $http_post && empty($_COOKIE[TEST_COOKIE]) )
$errors['test_cookie'] = __('<strong>ERROR</strong>: WordPress requires Cookies but your browser does not support them or they are blocked.'); $errors['test_cookie'] = __('<strong>ERROR</strong>: WordPress requires Cookies but your browser does not support them or they are blocked.');
if ( $user_login && $user_pass && empty( $errors ) ) { if ( $user_login && $user_pass && empty( $errors ) ) {
@ -334,9 +334,9 @@ default:
} }
} }
if ( $_POST && empty( $user_login ) ) if ( $http_post && empty( $user_login ) )
$errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.'); $errors['user_login'] = __('<strong>ERROR</strong>: The username field is empty.');
if ( $_POST && empty( $user_pass ) ) if ( $http_post && empty( $user_pass ) )
$errors['user_pass'] = __('<strong>ERROR</strong>: The password field is empty.'); $errors['user_pass'] = __('<strong>ERROR</strong>: The password field is empty.');
// Some parts of this script use the main login form to display a message // Some parts of this script use the main login form to display a message