Login and Registration: Avoid a potentially incorrect value for the cookie hash on multisite installations that don't have a value in the `siteurl` network option.

This reverts [38619].

See #34084, #39497

Merges [40320] to the 4.7 branch.

Built from https://develop.svn.wordpress.org/branches/4.7@40321


git-svn-id: http://core.svn.wordpress.org/branches/4.7@40228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
John Blackbourn 2017-03-23 19:03:37 +00:00
parent 913475ecdf
commit bfa0cc8b91
3 changed files with 3 additions and 17 deletions

View File

@ -334,6 +334,7 @@ switch($step) {
$scripts_to_print[] = 'user-profile';
display_header();
// Fill in the data we gathered
$weblog_title = isset( $_POST['weblog_title'] ) ? trim( wp_unslash( $_POST['weblog_title'] ) ) : '';
$user_name = isset($_POST['user_name']) ? trim( wp_unslash( $_POST['user_name'] ) ) : '';
@ -346,26 +347,21 @@ switch($step) {
$error = false;
if ( empty( $user_name ) ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'Please provide a valid username.' ) );
$error = true;
} elseif ( $user_name != sanitize_user( $user_name, true ) ) {
display_header();
display_setup_form( __( 'The username you provided has invalid characters.' ) );
$error = true;
} elseif ( $admin_password != $admin_password_check ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'Your passwords do not match. Please try again.' ) );
$error = true;
} elseif ( empty( $admin_email ) ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'You must provide an email address.' ) );
$error = true;
} elseif ( ! is_email( $admin_email ) ) {
// TODO: poka-yoke
display_header();
display_setup_form( __( 'Sorry, that isn&#8217;t a valid email address. Email addresses look like <code>username@example.com</code>.' ) );
$error = true;
}
@ -373,16 +369,6 @@ switch($step) {
if ( $error === false ) {
$wpdb->show_errors();
$result = wp_install( $weblog_title, $user_name, $admin_email, $public, '', wp_slash( $admin_password ), $loaded_language );
// Log the user in and send them to wp-admin:
if ( ! headers_sent() ) {
wp_set_auth_cookie( $result['user_id'], true, is_ssl() );
wp_redirect( admin_url() );
exit;
}
// If headers have already been sent, fall back to a "Success!" message:
display_header();
?>
<h1><?php _e( 'Success!' ); ?></h1>

View File

@ -205,7 +205,7 @@ function wp_cookie_constants() {
if ( $siteurl )
define( 'COOKIEHASH', md5( $siteurl ) );
else
define( 'COOKIEHASH', md5( wp_guess_url() ) );
define( 'COOKIEHASH', '' );
}
/**

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.7.4-alpha-40291';
$wp_version = '4.7.4-alpha-40321';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.