diff --git a/wp-login.php b/wp-login.php
index 532ffd970d..e4153e2562 100644
--- a/wp-login.php
+++ b/wp-login.php
@@ -619,7 +619,11 @@ default:
if ( !$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
$secure_cookie = false;
- $user = wp_signon('', $secure_cookie);
+ // If cookies are disabled we can't log in even with a valid user+pass
+ if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
+ $user = new WP_Error('test_cookie', __("ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress."));
+ else
+ $user = wp_signon('', $secure_cookie);
$redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
@@ -655,10 +659,6 @@ default:
if ( !empty($_GET['loggedout']) || $reauth )
$errors = new WP_Error();
- // If cookies are disabled we can't log in even with a valid user+pass
- if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
- $errors->add('test_cookie', __("ERROR: Cookies are blocked or not supported by your browser. You must enable cookies to use WordPress."));
-
if ( $interim_login ) {
if ( ! $errors->get_error_code() )
$errors->add('expired', __('Session expired. Please log in again. You will not move away from this page.'), 'message');