stripslashes() from $pwd before performing the md5. Otherwise, we will not match the database password which had its slashes stripped before the MD5.

git-svn-id: https://develop.svn.wordpress.org/trunk@1510 602fd350-edb4-49c9-b593-d223f7449a82
2004-08-05 15:54:15 +00:00 · 2004-08-05 15:54:15 +00:00 · df2f9960d1
parent b8484cfed9
commit df2f9960d1
1 changed files with 1 additions and 1 deletions
--- a/wp-login.php
+++ b/wp-login.php
@ -60,7 +60,7 @@ case 'login':

 	if(!empty($_POST)) {
 		$log = $_POST['log'];
-		$pwd = $_POST['pwd'];
+		$pwd = stripslashes($_POST['pwd']);
 		$redirect_to = $_POST['redirect_to'];
 	}