diff --git a/wp-includes/link-template.php b/wp-includes/link-template.php index 9875356c65..1a07d7298b 100644 --- a/wp-includes/link-template.php +++ b/wp-includes/link-template.php @@ -781,7 +781,9 @@ function get_shortcut_link() { function site_url($path = '', $scheme = null) { // should the list of allowed schemes be maintained elsewhere? if ( !in_array($scheme, array('http', 'https')) ) { - if ( ('login' == $scheme) && ( force_ssl_login() || force_ssl_admin() ) ) + if ( ('login_post' == $scheme) && ( force_ssl_login() || force_ssl_admin() ) ) + $scheme = 'https'; + elseif ( ('login' == $scheme) && ( force_ssl_admin() ) ) $scheme = 'https'; elseif ( ('admin' == $scheme) && force_ssl_admin() ) $scheme = 'https'; diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index 535f424161..7b5d7266c7 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -610,6 +610,10 @@ function wp_clear_auth_cookie() { setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH . 'wp-admin', COOKIE_DOMAIN); setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH . 'wp-admin', COOKIE_DOMAIN); setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH . 'wp-admin', COOKIE_DOMAIN); + setcookie(AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); + setcookie(AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); + setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); + setcookie(SECURE_AUTH_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); setcookie(LOGGED_IN_COOKIE, ' ', time() - 31536000, SITECOOKIEPATH, COOKIE_DOMAIN); diff --git a/wp-login.php b/wp-login.php index 1a0490b291..cebf41eaa1 100644 --- a/wp-login.php +++ b/wp-login.php @@ -12,7 +12,7 @@ require( dirname(__FILE__) . '/wp-load.php' ); // Redirect to https login if forced to use SSL -if ( (force_ssl_admin() || force_ssl_login()) && !is_ssl() ) { +if ( force_ssl_admin() && !is_ssl() ) { if ( 0 === strpos($_SERVER['REQUEST_URI'], 'http') ) { wp_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI'])); exit(); @@ -312,7 +312,7 @@ case 'retrievepassword' : login_header(__('Lost Password'), '

' . __('Please enter your username or e-mail address. You will receive a new password via e-mail.') . '

', $errors); ?> -
+

@@ -376,7 +376,7 @@ case 'register' : login_header(__('Registration Form'), '

' . __('Register For This Site') . '

', $errors); ?> - +

@@ -409,7 +409,7 @@ default: if ( isset( $_REQUEST['redirect_to'] ) ) $redirect_to = $_REQUEST['redirect_to']; else - $redirect_to = 'wp-admin/'; + $redirect_to = admin_url(); if ( is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) ) $secure_cookie = false; @@ -445,7 +445,7 @@ default: login_header(__('Login'), '', $errors); ?> - +