WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Login and Registration: Avoid a potentially incorrect value for the cookie hash on multisite installations that don't have a value in the `siteurl` network option. 

This reverts [38619].

See #34084

Fixes #39497

Built from https://develop.svn.wordpress.org/trunk@40320


git-svn-id: http://core.svn.wordpress.org/trunk@40227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
John Blackbourn 2017-03-23 19:01:42 +00:00
parent e78707aad4
commit 3a4b5afa49
3 changed files with 3 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
wp-admin/install.php
View File

@ -334,6 +334,7 @@ switch($step) {
$scripts_to_print[] = 'user-profile';
display_header();
// Fill in the data we gathered
$weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
$user_name = isset($_POST['user_name']) ? trim( wp_unslash( $_POST['user_name'] ) ) : '';
@ -346,26 +347,21 @@ switch($step) {
$error = false;
if ( empty( $user_name ) ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'Please provide a valid username.' ) );
$error = true;
} elseif ( $user_name != sanitize_user( $user_name, true ) ) {
display_header();
display_setup_form( __( 'The username you provided has invalid characters.' ) );
$error = true;
} elseif ( $admin_password != $admin_password_check ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'Your passwords do not match. Please try again.' ) );
$error = true;
} elseif ( empty( $admin_email ) ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'You must provide an email address.' ) );
$error = true;
} elseif ( ! is_email( $admin_email ) ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'Sorry, that isn&#8217;t a valid email address. Email addresses look like <code>username@example.com</code>.' ) );
$error = true;
}
@ -373,16 +369,6 @@ switch($step) {
if ( $error === false ) {
$wpdb->show_errors();
$result = wp_install( $weblog_title, $user_name, $admin_email, $public, '', wp_slash( $admin_password ), $loaded_language );
// Log the user in and send them to wp-admin:
if ( ! headers_sent() ) {
wp_set_auth_cookie( $result['user_id'], true, is_ssl() );
wp_redirect( admin_url() );
exit;
}
// If headers have already been sent, fall back to a "Success!" message:
display_header();
?>
<h1><?php _e( 'Success!' ); ?></h1>

2
wp-includes/default-constants.php
View File

@ -205,7 +205,7 @@ function wp_cookie_constants() {
if ( $siteurl )
define( 'COOKIEHASH', md5( $siteurl ) );
else
define( 'COOKIEHASH', md5( wp_guess_url() ) );
define( 'COOKIEHASH', '' );
}
/**

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.8-alpha-40319';
$wp_version = '4.8-alpha-40320';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.