WordPress-C/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-02-16 19:46:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Logged out warnings:

Browse Source 
- Don't use <base> tag to set target="_blank". It can break form submission. Instead, set target only on links with JS.
- Fix same domain comparison in wp_auth_check_html() when FORCE_SSL_LOGIN == true.
- Properly show/hide the "Close" button when the dialog is shown multiple times.
See #23295

git-svn-id: http://core.svn.wordpress.org/trunk@24208 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Ozz 2013-05-08 22:45:58 +00:00
parent 57c10eadbb
commit 19c3b4bfdc
3 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/functions.php
View File

@ -3921,7 +3921,7 @@ function wp_auth_check_load() {
* Output the HTML that shows the wp-login dialog when the user is no longer logged in
*/
function wp_auth_check_html() {
$login_url = wp_login_url();
$login_url = site_url( 'wp-login.php', 'login_post' );
$current_domain = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'];
$same_domain = ( strpos( $login_url, $current_domain ) === 0 );

2
wp-includes/js/wp-auth-check.js
View File

@ -64,7 +64,7 @@
$(window).off( 'beforeunload.wp-auth-check' );
wrap.fadeOut( 200, function() {
wrap.addClass('hidden').css('display', '');
wrap.addClass('hidden').css('display', '').find('.wp-auth-check-close').css('display', '');
$('#wp-auth-check-frame').remove();
});
}

16
wp-login.php
View File

@ -100,7 +100,6 @@ function login_header($title = 'Log In', $message = '', $wp_error = '') {
$classes[] = 'interim-login';
?>
<style type="text/css">html{background-color: transparent;}</style>
<base target="_blank">
<?php
if ( 'success' === $interim_login )
@ -663,9 +662,7 @@ default:
if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
$errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress."));
$form_target = '';
if ( $interim_login ) {
$form_target = ' target="_self"';
if ( ! $errors->get_error_code() )
$errors->add('expired', __('Session expired. Please log in again. You will not move away from this page.'), 'message');
} else {
@ -697,7 +694,7 @@ default:
$rememberme = ! empty( $_POST['rememberme'] );
?>
<form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post"<?php echo $form_target; ?>>
<form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post">
<p>
<label for="user_login"><?php _e('Username') ?><br />
<input type="text" name="log" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
@ -757,6 +754,17 @@ d.select();
wp_attempt_focus();
<?php } ?>
if(typeof wpOnload=='function')wpOnload();
<?php if ( $interim_login ) { ?>
(function(){
try {
var i, links = document.getElementsByTagName('a');
for ( i in links ) {
if ( links[i].href )
links[i].target = '_blank';
}
} catch(e){}
}());
<?php } ?>
</script>
<?php