Prevent a PHP notice from appearing on wp-login.php?action=postpass when there's no $_POST['post_password'] parameter. Redirects to the referer if there is one (if there isn't one it'll just exit with a blank screen; no need for a user-friendly error message here).

Fixes #34160 Props iamfriendly git-svn-id: https://develop.svn.wordpress.org/trunk@34909 602fd350-edb4-49c9-b593-d223f7449a82
2015-10-07 14:29:29 +00:00 · 2015-10-07 14:29:29 +00:00 · c4dd769f22
commit c4dd769f22
parent 7f292f7ba4
1 changed files with 5 additions and 0 deletions
--- a/src/wp-login.php
+++ b/src/wp-login.php
@ -472,6 +472,11 @@ $interim_login = isset($_REQUEST['interim-login']);
 switch ($action) {

 case 'postpass' :
+	if ( ! array_key_exists( 'post_password', $_POST ) ) {
+		wp_safe_redirect( wp_get_referer() );
+		exit();
+	}
+
 	require_once ABSPATH . WPINC . '/class-phpass.php';
 	$hasher = new PasswordHash( 8, true );