New logo, better login.

git-svn-id: http://svn.automattic.com/wordpress/trunk@3120 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-admin/admin-footer.php

@@ -1,8 +1,8 @@
 
-<div id="footer"><p><a href="http://wordpress.org/"><img src="../wp-includes/images/wp-small.png" alt="WordPress" /></a><br />
-<?php bloginfo('version'); ?> <br /> 
+<div id="footer"><p><a href="http://wordpress.org/" id="wordpress-logo"><img src="images/wordpress-logo.png" alt="WordPress" /></a></p>
+<p>
 <a href="http://codex.wordpress.org/"><?php _e('Documentation'); ?></a> &#8212; <a href="http://wordpress.org/support/"><?php _e('Support Forums'); ?></a> <br />
-<?php printf(__('%s seconds'), number_format(timer_stop(), 2)); ?>
+<?php bloginfo('version'); ?> &#8212; <?php printf(__('%s seconds'), number_format(timer_stop(), 2)); ?>
 </p>
 
 </div>

wp-admin/wp-admin.css

@@ -471,7 +471,7 @@ table .vers, table .name {
 
 #login {
 	background: #fff;
-	border: 2px solid #a2a2a2;
+	border: 1px solid #a2a2a2;
 	margin: 5em auto;
 	padding: 1.5em;
 	width: 25em;
@@ -488,13 +488,15 @@ table .vers, table .name {
 }
 
 #login h1 {
-	background: url(../wp-includes/images/wp-small.png) no-repeat;
+	background: url(images/wordpress-logo.png) no-repeat top left;
 	margin-top: 0;
 }
 
 #login h1 a {
 	display: block;
 	text-indent: -1000px;
+	height: 66px;
+	border-bottom: none;
 }
 
 #login input {
@@ -513,6 +515,14 @@ table .vers, table .name {
 	text-align: center;
 }
 
+#login #log, #pwd {
+	font-size: 1.7em;
+	width: 80%;
+}
+
+#login #submit {
+	font-size: 1.7em;
+}
 
 #postcustom .updatemeta, #postcustom .deletemeta {
 	margin: auto;

wp-includes/pluggable-functions.php

@@ -144,10 +144,10 @@ if ( !function_exists('wp_login') ) :
 function wp_login($username, $password, $already_md5 = false) {
 	global $wpdb, $error;
 
-	if ( !$username )
+	if ( '' == $username )
 		return false;
 
-	if ( !$password ) {
+	if ( '' == $password ) {
 		$error = __('<strong>Error</strong>: The password field is empty.');
 		return false;
 	}

wp-login.php

@@ -170,8 +170,9 @@ default:
 		$redirect_to = $_REQUEST['redirect_to'];
 	$redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $redirect_to);
 
-	if( !empty($_POST) ) {
+	if( $_POST ) {
 		$user_login = $_POST['log'];
+		$user_login = sanitize_user( $user_login );
 		$user_pass  = $_POST['pwd'];
 		$rememberme = $_POST['rememberme'];
 	} elseif ( !empty($_COOKIE) ) {
@@ -185,13 +186,13 @@ default:
 
 	do_action('wp_authenticate', array(&$user_login, &$user_pass));
 
-	if ($user_login && $user_pass) {
+	if ( $_POST ) {
 		$user = new WP_User($user_login);
-
+	
 		// If the user can't edit posts, send them to their profile.
 		if ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) )
- 			$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
-
+			$redirect_to = get_settings('siteurl') . '/wp-admin/profile.php';
+	
 		if ( wp_login($user_login, $user_pass, $using_cookie) ) {
 			if ( !$using_cookie )
 				wp_setcookie($user_login, $user_pass, false, '', '', $rememberme);
@@ -216,11 +217,6 @@ default:
 	}
 	window.onload = focusit;
 	</script>
-	<style type="text/css">
-	#log, #pwd, #submit {
-		font-size: 1.7em;
-	}
-	</style>
 </head>
 <body>
 
@@ -232,7 +228,7 @@ if ( $error )
 ?>
 
 <form name="loginform" id="loginform" action="wp-login.php" method="post">
-<p><label><?php _e('Username:') ?><br /><input type="text" name="log" id="log" value="" size="20" tabindex="1" /></label></p>
+<p><label><?php _e('Username:') ?><br /><input type="text" name="log" id="log" value="<?php echo wp_specialchars(stripslashes($user_login), 1); ?>" size="20" tabindex="1" /></label></p>
 <p><label><?php _e('Password:') ?><br /> <input type="password" name="pwd" id="pwd" value="" size="20" tabindex="2" /></label></p>
 <p>
   <label><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="3" />