<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[45757] trunk/src: Add admin email verification screen.</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { white-space: pre-line; overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="https://core.trac.wordpress.org/changeset/45757">45757</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"https://core.trac.wordpress.org/changeset/45757","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>azaozz</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2019-08-07 00:03:39 +0000 (Wed, 07 Aug 2019)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>Add admin email verification screen. Shown every six months after an admin has logged in.
Also includes WPCS fixes for wp-login.php.
Props andraganescu, boemedia, lessbloat, azaozz.
See <a href="https://core.trac.wordpress.org/ticket/46349">#46349</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunksrcwpadmincsslogincss">trunk/src/wp-admin/css/login.css</a></li>
<li><a href="#trunksrcwpadminincludesupgradephp">trunk/src/wp-admin/includes/upgrade.php</a></li>
<li><a href="#trunksrcwpadminoptionsgeneralphp">trunk/src/wp-admin/options-general.php</a></li>
<li><a href="#trunksrcwpincludesversionphp">trunk/src/wp-includes/version.php</a></li>
<li><a href="#trunksrcwploginphp">trunk/src/wp-login.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunksrcwpadmincsslogincss"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/css/login.css</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/css/login.css 2019-08-05 22:19:10 UTC (rev 45756)
+++ trunk/src/wp-admin/css/login.css 2019-08-07 00:03:39 UTC (rev 45757)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -131,6 +131,17 @@
</span><span class="cx" style="display: block; padding: 0 10px"> box-shadow: 0 1px 3px rgba(0, 0, 0, 0.13);
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+.login-action-confirm_admin_email #login {
+ width: 60vw;
+ margin-top: -2vh;
+}
+
+@media screen and (max-width: 782px) {
+ .login-action-confirm_admin_email #login {
+ width: 100vw;
+ }
+}
+
</ins><span class="cx" style="display: block; padding: 0 10px"> .login form .forgetmenot {
</span><span class="cx" style="display: block; padding: 0 10px"> font-weight: 400;
</span><span class="cx" style="display: block; padding: 0 10px"> float: left;
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -141,6 +152,36 @@
</span><span class="cx" style="display: block; padding: 0 10px"> float: right;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+.login .admin-email-confirm-form .submit {
+ text-align: center;
+}
+
+.admin-email__later {
+ text-align: left;
+}
+
+.login form p.admin-email__details {
+ margin: 1.1em 0;
+}
+
+.login h1.admin-email__heading {
+ border-bottom: 1px rgb(241, 241, 241) solid;
+ color: rgb(95, 95, 95);
+ font-weight: normal;
+ padding-bottom: 0.5em;
+ text-align: left;
+}
+
+.admin-email__actions div {
+ padding-top: 1.5em;
+}
+
+.login .admin-email__actions .button-primary {
+ float: none;
+ margin-left: 0.25em;
+ margin-right: 0.25em;
+}
+
</ins><span class="cx" style="display: block; padding: 0 10px"> #login form p {
</span><span class="cx" style="display: block; padding: 0 10px"> margin-bottom: 0;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span></span></pre></div>
<a id="trunksrcwpadminincludesupgradephp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/includes/upgrade.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/includes/upgrade.php 2019-08-05 22:19:10 UTC (rev 45756)
+++ trunk/src/wp-admin/includes/upgrade.php 2019-08-07 00:03:39 UTC (rev 45757)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -815,6 +815,10 @@
</span><span class="cx" style="display: block; padding: 0 10px"> upgrade_510();
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( $wp_current_db_version < 45744 ) {
+ upgrade_530();
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> maybe_disable_link_manager();
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> maybe_disable_automattic_widgets();
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -2115,6 +2119,19 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ * Executes changes made in WordPress 5.3.0.
+ *
+ * @ignore
+ * @since 5.3.0
+ */
+function upgrade_530() {
+ // Do `add_option()` rather than overwriting with `update_option()` as this may run
+ // after an admin was redirected to the email verification screen,
+ // and the option was updated.
+ add_option( 'admin_email_lifespan', 0 );
+}
+
+/**
</ins><span class="cx" style="display: block; padding: 0 10px"> * Executes network-level upgrade routines.
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="cx" style="display: block; padding: 0 10px"> * @since 3.0.0
</span></span></pre></div>
<a id="trunksrcwpadminoptionsgeneralphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-admin/options-general.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-admin/options-general.php 2019-08-05 22:19:10 UTC (rev 45756)
+++ trunk/src/wp-admin/options-general.php 2019-08-07 00:03:39 UTC (rev 45757)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -108,7 +108,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> <?php } ?>
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> <tr>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-<th scope="row"><label for="new_admin_email"><?php _e( 'Email Address' ); ?></label></th>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+<th scope="row"><label for="new_admin_email"><?php _e( 'Administration Email Address' ); ?></label></th>
</ins><span class="cx" style="display: block; padding: 0 10px"> <td><input name="new_admin_email" type="email" id="new_admin_email" aria-describedby="new-admin-email-description" value="<?php form_option( 'admin_email' ); ?>" class="regular-text ltr" />
</span><span class="cx" style="display: block; padding: 0 10px"> <p class="description" id="new-admin-email-description"><?php _e( 'This address is used for admin purposes. If you change this we will send you an email at your new address to confirm it. <strong>The new address will not become active until confirmed.</strong>' ); ?></p>
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span></span></pre></div>
<a id="trunksrcwpincludesversionphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-includes/version.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-includes/version.php 2019-08-05 22:19:10 UTC (rev 45756)
+++ trunk/src/wp-includes/version.php 2019-08-07 00:03:39 UTC (rev 45757)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -20,7 +20,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="cx" style="display: block; padding: 0 10px"> * @global int $wp_db_version
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-$wp_db_version = 44719;
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+$wp_db_version = 45744;
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Holds the TinyMCE version
</span></span></pre></div>
<a id="trunksrcwploginphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: trunk/src/wp-login.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- trunk/src/wp-login.php 2019-08-05 22:19:10 UTC (rev 45756)
+++ trunk/src/wp-login.php 2019-08-07 00:03:39 UTC (rev 45757)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -55,7 +55,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> $shake_error_codes = apply_filters( 'shake_error_codes', $shake_error_codes );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( $shake_error_codes && $wp_error->has_errors() && in_array( $wp_error->get_error_code(), $shake_error_codes ) ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( $shake_error_codes && $wp_error->has_errors() && in_array( $wp_error->get_error_code(), $shake_error_codes, true ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> add_action( 'login_head', 'wp_shake_js', 12 );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -98,7 +98,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * This could be added by add_action('login_head'...) like wp_shake_js(),
</span><span class="cx" style="display: block; padding: 0 10px"> * but maybe better if it's not removable by plugins.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( 'loggedout' == $wp_error->get_error_code() ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( 'loggedout' === $wp_error->get_error_code() ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><span class="cx" style="display: block; padding: 0 10px"> <script>if("sessionStorage" in window){try{for(var key in sessionStorage){if(key.indexOf("wp-autosave-")!=-1){sessionStorage.removeItem(key)}}}catch(e){}};</script>
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -159,11 +159,14 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $login_header_text = apply_filters( 'login_headertext', $login_header_text );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> $classes = array( 'login-action-' . $action, 'wp-core-ui' );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( is_rtl() ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $classes[] = 'rtl';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( $interim_login ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $classes[] = 'interim-login';
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><span class="cx" style="display: block; padding: 0 10px"> <style type="text/css">html{background-color: transparent;}</style>
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -172,6 +175,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $classes[] = 'interim-login-success';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> $classes[] = ' locale-' . sanitize_html_class( strtolower( str_replace( '_', '-', get_locale() ) ) );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -194,6 +198,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @since 4.6.0
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> do_action( 'login_header' );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><span class="cx" style="display: block; padding: 0 10px"> <div id="login">
</span><span class="cx" style="display: block; padding: 0 10px"> <h1><a href="<?php echo esc_url( $login_header_url ); ?>"><?php echo $login_header_text; ?></a></h1>
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -206,6 +211,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @param string $message Login message text.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> $message = apply_filters( 'login_message', $message );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( ! empty( $message ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> echo $message . "\n";
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -219,10 +225,11 @@
</span><span class="cx" style="display: block; padding: 0 10px"> if ( $wp_error->has_errors() ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $errors = '';
</span><span class="cx" style="display: block; padding: 0 10px"> $messages = '';
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> foreach ( $wp_error->get_error_codes() as $code ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $severity = $wp_error->get_error_data( $code );
</span><span class="cx" style="display: block; padding: 0 10px"> foreach ( $wp_error->get_error_messages( $code ) as $error_message ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( 'message' == $severity ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( 'message' === $severity ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $messages .= ' ' . $error_message . "<br />\n";
</span><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><span class="cx" style="display: block; padding: 0 10px"> $errors .= ' ' . $error_message . "<br />\n";
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -229,6 +236,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( ! empty( $errors ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Filters the error messages displayed above the login form.
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -239,6 +247,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> echo '<div id="login_error">' . apply_filters( 'login_errors', $errors ) . "</div>\n";
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( ! empty( $messages ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Filters instructional messages displayed above the login form.
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -263,27 +272,35 @@
</span><span class="cx" style="display: block; padding: 0 10px"> global $interim_login;
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> // Don't allow interim logins to navigate away from the page.
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( ! $interim_login ) :
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( ! $interim_login ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p id="backtoblog"><a href="<?php echo esc_url( home_url( '/' ) ); ?>">
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p id="backtoblog"><a href="<?php echo esc_url( home_url( '/' ) ); ?>">
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> /* translators: %s: site title */
</span><span class="cx" style="display: block; padding: 0 10px"> printf( _x( '← Back to %s', 'site' ), get_bloginfo( 'title', 'display' ) );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- </a></p>
- <?php the_privacy_policy_link( '<div class="privacy-policy-page-link">', '</div>' ); ?>
- <?php endif; ?>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ </a></p>
+ <?php
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- </div>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ the_privacy_policy_link( '<div class="privacy-policy-page-link">', '</div>' );
+ }
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <?php if ( ! empty( $input_id ) ) : ?>
- <script type="text/javascript">
- try{document.getElementById('<?php echo $input_id; ?>').focus();}catch(e){}
- if(typeof wpOnload=='function')wpOnload();
- </script>
- <?php endif; ?>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ ?>
+ </div><?php // End of <div id="login"> ?>
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ if ( ! empty( $input_id ) ) {
+ ?>
+ <script type="text/javascript">
+ try{document.getElementById('<?php echo $input_id; ?>').focus();}catch(e){}
+ if(typeof wpOnload=='function')wpOnload();
+ </script>
+ <?php
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Fires in the login page footer.
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -290,6 +307,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @since 3.1.0
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> do_action( 'login_footer' );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><span class="cx" style="display: block; padding: 0 10px"> <div class="clear"></div>
</span><span class="cx" style="display: block; padding: 0 10px"> </body>
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -304,13 +322,13 @@
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> function wp_shake_js() {
</span><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-<script type="text/javascript">
-addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
-function s(id,pos){g(id).left=pos+'px';}
-function g(id){return document.getElementById(id).style;}
-function shake(id,a,d){c=a.shift();s(id,c);if(a.length>0){setTimeout(function(){shake(id,a,d);},d);}else{try{g(id).position='static';wp_attempt_focus();}catch(e){}}}
-addLoadEvent(function(){ var p=new Array(15,30,15,0,-15,-30,-15,0);p=p.concat(p.concat(p));var i=document.forms[0].id;g(i).position='relative';shake(i,p,20);});
-</script>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <script type="text/javascript">
+ addLoadEvent = function(func){if(typeof jQuery!="undefined")jQuery(document).ready(func);else if(typeof wpOnload!='function'){wpOnload=func;}else{var oldonload=wpOnload;wpOnload=function(){oldonload();func();}}};
+ function s(id,pos){g(id).left=pos+'px';}
+ function g(id){return document.getElementById(id).style;}
+ function shake(id,a,d){c=a.shift();s(id,c);if(a.length>0){setTimeout(function(){shake(id,a,d);},d);}else{try{g(id).position='static';wp_attempt_focus();}catch(e){}}}
+ addLoadEvent(function(){ var p=new Array(15,30,15,0,-15,-30,-15,0);p=p.concat(p.concat(p));var i=document.forms[0].id;g(i).position='relative';shake(i,p,20);});
+ </script>
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -452,8 +470,22 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $action = 'resetpass';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+$default_actions = array(
+ 'confirm_admin_email',
+ 'postpass',
+ 'logout',
+ 'lostpassword',
+ 'retrievepassword',
+ 'resetpass',
+ 'rp',
+ 'register',
+ 'login',
+ 'confirmaction',
+ WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED,
+);
+
</ins><span class="cx" style="display: block; padding: 0 10px"> // Validate action so as to default to the login screen.
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-if ( ! in_array( $action, array( 'postpass', 'logout', 'lostpassword', 'retrievepassword', 'resetpass', 'rp', 'register', 'login', 'confirmaction', WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED ), true ) && false === has_filter( 'login_form_' . $action ) ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+if ( ! in_array( $action, $default_actions, true ) && false === has_filter( 'login_form_' . $action ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $action = 'login';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -462,12 +494,13 @@
</span><span class="cx" style="display: block; padding: 0 10px"> header( 'Content-Type: ' . get_bloginfo( 'html_type' ) . '; charset=' . get_bloginfo( 'charset' ) );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( defined( 'RELOCATE' ) && RELOCATE ) { // Move flag is set
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] != $_SERVER['PHP_SELF'] ) ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] !== $_SERVER['PHP_SELF'] ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> $url = dirname( set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( $url != get_option( 'siteurl' ) ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ if ( $url !== get_option( 'siteurl' ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> update_option( 'siteurl', $url );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -475,6 +508,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> //Set a cookie now to see if they are supported by the browser.
</span><span class="cx" style="display: block; padding: 0 10px"> $secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) );
</span><span class="cx" style="display: block; padding: 0 10px"> setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( SITECOOKIEPATH != COOKIEPATH ) {
</span><span class="cx" style="display: block; padding: 0 10px"> setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -497,7 +531,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> do_action( "login_form_{$action}" );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-$http_post = ( 'POST' == $_SERVER['REQUEST_METHOD'] );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+$http_post = ( 'POST' === $_SERVER['REQUEST_METHOD'] );
</ins><span class="cx" style="display: block; padding: 0 10px"> $interim_login = isset( $_REQUEST['interim-login'] );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -511,10 +545,171 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> switch ( $action ) {
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ case 'confirm_admin_email':
+ // Note that `is_user_logged_in()` will return false immediately after logging in
+ // as the current user is not set, see wp-includes/pluggable.php.
+ // However this action runs on a redirect after logging in.
+ if ( ! is_user_logged_in() ) {
+ wp_safe_redirect( wp_login_url() );
+ exit;
+ }
+
+ if ( ! empty( $_REQUEST['redirect_to'] ) ) {
+ $redirect_to = $_REQUEST['redirect_to'];
+ } else {
+ $redirect_to = admin_url();
+ }
+
+ if ( current_user_can( 'manage_options' ) ) {
+ $admin_email = get_option( 'admin_email' );
+ } else {
+ wp_safe_redirect( $redirect_to );
+ exit;
+ }
+
+ if ( ! empty( $_GET['remind_me_later'] ) ) {
+ if ( ! wp_verify_nonce( $_GET['remind_me_later'], 'remind_me_later_nonce' ) ) {
+ wp_safe_redirect( wp_login_url() );
+ exit;
+ }
+
+ // "Remind me later" is a bit ambiguous. Three days later?
+ update_option( 'admin_email_lifespan', time() + 3 * DAY_IN_SECONDS );
+
+ wp_safe_redirect( $redirect_to );
+ exit;
+ }
+
+ if ( ! empty( $_POST['correct-admin-email'] ) ) {
+ if ( ! check_admin_referer( 'confirm_admin_email', 'confirm_admin_email_nonce' ) ) {
+ wp_safe_redirect( wp_login_url() );
+ exit;
+ }
+
+ /**
+ * Filters the interval for redirecting the user to the admin email confirmation screen.
+ * If `0` (zero) is returned, the user will not be redirected.
+ *
+ * @since 5.3.0
+ *
+ * @param int Interval time (in seconds).
+ */
+ $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 180 * DAY_IN_SECONDS );
+
+ if ( $admin_email_check_interval > 0 ) {
+ update_option( 'admin_email_lifespan', time() + $admin_email_check_interval );
+ }
+
+ wp_safe_redirect( $redirect_to );
+ exit;
+ }
+
+ login_header( __( 'Confirm your admin email' ), '', $errors );
+
+ /**
+ * Fires before the admin email confirm form.
+ *
+ * @since 5.3.0
+ *
+ * @param WP_Error $errors A `WP_Error` object containing any errors generated by using invalid credentials. Note that the error object may not contain any errors.
+ */
+ do_action( 'admin_email_confirm', $errors );
+
+ ?>
+
+ <form class="admin-email-confirm-form" name="admin-email-confirm-form" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=confirm_admin_email', 'login_post' ) ); ?>" method="post">
+ <?php
+ /**
+ * Fires inside the admin-email-confirm-form form tags, before the hidden fields.
+ *
+ * @since 5.3.0
+ */
+ do_action( 'admin_email_confirm_form' );
+
+ wp_nonce_field( 'confirm_admin_email', 'confirm_admin_email_nonce' );
+
+ ?>
+ <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
+
+ <h1 class="admin-email__heading">
+ <?php _e( 'Administration email verification' ); ?>
+ </h1>
+ <p class="admin-email__details">
+ <?php _e( 'Please verify that the <strong>administration email</strong> for this website is still correct.' ); ?>
+ <?php
+
+ /* translators: URL to the WordPress help section about admin email. */
+ $admin_email_help_url = __( 'https://wordpress.org/support/article/settings-general-screen/#email-address' );
+
+ printf(
+ '<a href="%s" rel="noopener noreferrer" target="_blank">%s</a>',
+ esc_url( $admin_email_help_url ),
+ __( 'Why is this important?' )
+ );
+
+ ?>
+ </p>
+ <p class="admin-email__details">
+ <?php
+
+ printf(
+ __( 'Current administration email: <strong>%s</strong>' ),
+ esc_html( $admin_email )
+ );
+
+ ?>
+ </p>
+ <p class="admin-email__details">
+ <?php _e( 'This email may be different from your personal email address.' ); ?>
+ <?php
+
+ printf(
+ '<a href="%s" rel="noopener noreferrer" target="_blank">%s</a>',
+ esc_url( $admin_email_help_url ),
+ __( 'Learn more.' )
+ );
+
+ ?>
+ </p>
+
+ <div class="admin-email__actions">
+ <div class="admin-email__actions-primary">
+ <?php
+
+ $change_link = admin_url( 'options-general.php' );
+ $change_link = add_query_arg( 'highlight', 'confirm_admin_email', $change_link );
+
+ ?>
+ <a class="button button-large" href="<?php echo esc_url( $change_link ); ?>"><?php _e( 'Update' ); ?></a>
+ <input type="submit" name="correct-admin-email" id="correct-admin-email" class="button button-primary button-large" value="<?php esc_attr_e( 'The email is correct' ); ?>" />
+ </div>
+ <div class="admin-email__actions-secondary">
+ <?php
+
+ $remind_me_link = wp_login_url( $redirect_to );
+ $remind_me_link = add_query_arg(
+ array(
+ 'action' => 'confirm_admin_email',
+ 'remind_me_later' => wp_create_nonce( 'remind_me_later_nonce' ),
+ ),
+ $remind_me_link
+ );
+
+ ?>
+ <a href="<?php echo esc_url( $remind_me_link ); ?>"><?php _e( 'Remind me later' ); ?></a>
+ </div>
+ </div>
+ </form>
+
+ <?php
+
+ login_footer();
+ break;
+
</ins><span class="cx" style="display: block; padding: 0 10px"> case 'postpass':
</span><span class="cx" style="display: block; padding: 0 10px"> if ( ! array_key_exists( 'post_password', $_POST ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> wp_safe_redirect( wp_get_referer() );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- exit();
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ exit;
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> require_once ABSPATH . WPINC . '/class-phpass.php';
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -532,11 +727,13 @@
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> $expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS );
</span><span class="cx" style="display: block; padding: 0 10px"> $referer = wp_get_referer();
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( $referer ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) );
</span><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><span class="cx" style="display: block; padding: 0 10px"> $secure = false;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> wp_safe_redirect( wp_get_referer() );
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -553,7 +750,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $redirect_to = $_REQUEST['redirect_to'];
</span><span class="cx" style="display: block; padding: 0 10px"> $requested_redirect_to = $redirect_to;
</span><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- $redirect_to = add_query_arg(
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $redirect_to = add_query_arg(
</ins><span class="cx" style="display: block; padding: 0 10px"> array(
</span><span class="cx" style="display: block; padding: 0 10px"> 'loggedout' => 'true',
</span><span class="cx" style="display: block; padding: 0 10px"> 'wp_lang' => get_user_locale( $user ),
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -560,6 +757,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> ),
</span><span class="cx" style="display: block; padding: 0 10px"> wp_login_url()
</span><span class="cx" style="display: block; padding: 0 10px"> );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> $requested_redirect_to = '';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -573,6 +771,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @param WP_User $user The WP_User object for the user that's logging out.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> $redirect_to = apply_filters( 'logout_redirect', $redirect_to, $requested_redirect_to, $user );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> wp_safe_redirect( $redirect_to );
</span><span class="cx" style="display: block; padding: 0 10px"> exit();
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -580,6 +779,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> case 'retrievepassword':
</span><span class="cx" style="display: block; padding: 0 10px"> if ( $http_post ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $errors = retrieve_password();
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( ! is_wp_error( $errors ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
</span><span class="cx" style="display: block; padding: 0 10px"> wp_safe_redirect( $redirect_to );
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -588,9 +788,9 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( isset( $_GET['error'] ) ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( 'invalidkey' == $_GET['error'] ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( 'invalidkey' === $_GET['error'] ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'invalidkey', __( 'Your password reset link appears to be invalid. Please request a new link below.' ) );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( 'expiredkey' == $_GET['error'] ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( 'expiredkey' === $_GET['error'] ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'expiredkey', __( 'Your password reset link has expired. Please request a new link below.' ) );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -626,40 +826,45 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">
- <p>
- <label for="user_login" ><?php _e( 'Username or Email Address' ); ?><br />
- <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label>
- </p>
- <?php
- /**
- * Fires inside the lostpassword form tags, before the hidden fields.
- *
- * @since 2.1.0
- */
- do_action( 'lostpassword_form' );
- ?>
- <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
- <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Get New Password' ); ?>" /></p>
- </form>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">
+ <p>
+ <label for="user_login" ><?php _e( 'Username or Email Address' ); ?><br />
+ <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label>
+ </p>
+ <?php
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p id="nav">
- <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>
- <?php
- if ( get_option( 'users_can_register' ) ) :
- $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ /**
+ * Fires inside the lostpassword form tags, before the hidden fields.
+ *
+ * @since 2.1.0
+ */
+ do_action( 'lostpassword_form' );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- echo esc_html( $login_link_separator );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ ?>
+ <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
+ <p class="submit">
+ <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Get New Password' ); ?>" />
+ </p>
+ </form>
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- /** This filter is documented in wp-includes/general-template.php */
- echo apply_filters( 'register', $registration_url );
- endif;
- ?>
- </p>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p id="nav">
+ <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>
+ <?php
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( get_option( 'users_can_register' ) ) {
+ $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );
+
+ echo esc_html( $login_link_separator );
+
+ /** This filter is documented in wp-includes/general-template.php */
+ echo apply_filters( 'register', $registration_url );
+ }
+
+ ?>
+ </p>
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> login_footer( 'user_login' );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-
</del><span class="cx" style="display: block; padding: 0 10px"> break;
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> case 'resetpass':
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -666,9 +871,11 @@
</span><span class="cx" style="display: block; padding: 0 10px"> case 'rp':
</span><span class="cx" style="display: block; padding: 0 10px"> list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
</span><span class="cx" style="display: block; padding: 0 10px"> $rp_cookie = 'wp-resetpass-' . COOKIEHASH;
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( isset( $_GET['key'] ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['key'] ) );
</span><span class="cx" style="display: block; padding: 0 10px"> setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) );
</span><span class="cx" style="display: block; padding: 0 10px"> exit;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -675,7 +882,9 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- $user = check_password_reset_key( $rp_key, $rp_login );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ $user = check_password_reset_key( $rp_key, $rp_login );
+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( isset( $_POST['pass1'] ) && ! hash_equals( $rp_key, $_POST['rp_key'] ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $user = false;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -685,11 +894,13 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( ! $user || is_wp_error( $user ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( $user && $user->get_error_code() === 'expired_key' ) {
</span><span class="cx" style="display: block; padding: 0 10px"> wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );
</span><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><span class="cx" style="display: block; padding: 0 10px"> wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> exit;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -723,70 +934,75 @@
</span><span class="cx" style="display: block; padding: 0 10px"> login_header( __( 'Reset Password' ), '<p class="message reset-pass">' . __( 'Enter your new password below.' ) . '</p>', $errors );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off">
- <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" />
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <form name="resetpassform" id="resetpassform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=resetpass', 'login_post' ) ); ?>" method="post" autocomplete="off">
+ <input type="hidden" id="user_login" value="<?php echo esc_attr( $rp_login ); ?>" autocomplete="off" />
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <div class="user-pass1-wrap">
- <p>
- <label for="pass1"><?php _e( 'New password' ); ?></label>
- </p>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <div class="user-pass1-wrap">
+ <p>
+ <label for="pass1"><?php _e( 'New password' ); ?></label>
+ </p>
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <div class="wp-pwd">
- <div class="password-input-wrapper">
- <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 16 ) ); ?>" name="pass1" id="pass1" class="input password-input" size="24" value="" autocomplete="off" aria-describedby="pass-strength-result" />
- <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js">
- <span class="dashicons dashicons-hidden" aria-hidden="true"></span>
- </button>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <div class="wp-pwd">
+ <div class="password-input-wrapper">
+ <input type="password" data-reveal="1" data-pw="<?php echo esc_attr( wp_generate_password( 16 ) ); ?>" name="pass1" id="pass1" class="input password-input" size="24" value="" autocomplete="off" aria-describedby="pass-strength-result" />
+ <button type="button" class="button button-secondary wp-hide-pw hide-if-no-js">
+ <span class="dashicons dashicons-hidden" aria-hidden="true"></span>
+ </button>
+ </div>
+ <div id="pass-strength-result" class="hide-if-no-js" aria-live="polite"><?php _e( 'Strength indicator' ); ?></div>
+ </div>
+ <div class="pw-weak">
+ <label>
+ <input type="checkbox" name="pw_weak" class="pw-checkbox" />
+ <?php _e( 'Confirm use of weak password' ); ?>
+ </label>
+ </div>
</ins><span class="cx" style="display: block; padding: 0 10px"> </div>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <div id="pass-strength-result" class="hide-if-no-js" aria-live="polite"><?php _e( 'Strength indicator' ); ?></div>
- </div>
- <div class="pw-weak">
- <label>
- <input type="checkbox" name="pw_weak" class="pw-checkbox" />
- <?php _e( 'Confirm use of weak password' ); ?>
- </label>
- </div>
- </div>
</del><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p class="user-pass2-wrap">
- <label for="pass2"><?php _e( 'Confirm new password' ); ?></label><br />
- <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" />
- </p>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p class="user-pass2-wrap">
+ <label for="pass2"><?php _e( 'Confirm new password' ); ?></label><br />
+ <input type="password" name="pass2" id="pass2" class="input" size="20" value="" autocomplete="off" />
+ </p>
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p>
- <br class="clear" />
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p class="description indicator-hint"><?php echo wp_get_password_hint(); ?></p>
+ <br class="clear" />
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <?php
- /**
- * Fires following the 'Strength indicator' meter in the user password reset form.
- *
- * @since 3.9.0
- *
- * @param WP_User $user User object of the user whose password is being reset.
- */
- do_action( 'resetpass_form', $user );
- ?>
- <input type="hidden" name="rp_key" value="<?php echo esc_attr( $rp_key ); ?>" />
- <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Reset Password' ); ?>" /></p>
- </form>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <?php
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p id="nav">
- <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>
- <?php
- if ( get_option( 'users_can_register' ) ) :
- $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ /**
+ * Fires following the 'Strength indicator' meter in the user password reset form.
+ *
+ * @since 3.9.0
+ *
+ * @param WP_User $user User object of the user whose password is being reset.
+ */
+ do_action( 'resetpass_form', $user );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- echo esc_html( $login_link_separator );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ ?>
+ <input type="hidden" name="rp_key" value="<?php echo esc_attr( $rp_key ); ?>" />
+ <p class="submit">
+ <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Reset Password' ); ?>" />
+ </p>
+ </form>
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- /** This filter is documented in wp-includes/general-template.php */
- echo apply_filters( 'register', $registration_url );
- endif;
- ?>
- </p>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <p id="nav">
+ <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>
+ <?php
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( get_option( 'users_can_register' ) ) {
+ $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );
+
+ echo esc_html( $login_link_separator );
+
+ /** This filter is documented in wp-includes/general-template.php */
+ echo apply_filters( 'register', $registration_url );
+ }
+
+ ?>
+ </p>
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> login_footer( 'user_pass' );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-
</del><span class="cx" style="display: block; padding: 0 10px"> break;
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> case 'register':
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -820,6 +1036,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> $errors = register_new_user( $user_login, $user_email );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( ! is_wp_error( $errors ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $redirect_to = ! empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'wp-login.php?checkemail=registered';
</span><span class="cx" style="display: block; padding: 0 10px"> wp_safe_redirect( $redirect_to );
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -828,6 +1045,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> $registration_redirect = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Filters the registration redirect URL.
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -836,40 +1054,47 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @param string $registration_redirect The redirect destination URL.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> $redirect_to = apply_filters( 'registration_redirect', $registration_redirect );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> login_header( __( 'Registration Form' ), '<p class="message register">' . __( 'Register For This Site' ) . '</p>', $errors );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate">
- <p>
- <label for="user_login"><?php _e( 'Username' ); ?><br />
- <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( wp_unslash( $user_login ) ); ?>" size="20" autocapitalize="off" /></label>
- </p>
- <p>
- <label for="user_email"><?php _e( 'Email' ); ?><br />
- <input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( wp_unslash( $user_email ) ); ?>" size="25" /></label>
- </p>
- <?php
- /**
- * Fires following the 'Email' field in the user registration form.
- *
- * @since 2.1.0
- */
- do_action( 'register_form' );
- ?>
- <p id="reg_passmail"><?php _e( 'Registration confirmation will be emailed to you.' ); ?></p>
- <br class="clear" />
- <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
- <p class="submit"><input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Register' ); ?>" /></p>
- </form>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <form name="registerform" id="registerform" action="<?php echo esc_url( site_url( 'wp-login.php?action=register', 'login_post' ) ); ?>" method="post" novalidate="novalidate">
+ <p>
+ <label for="user_login"><?php _e( 'Username' ); ?><br />
+ <input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( wp_unslash( $user_login ) ); ?>" size="20" autocapitalize="off" /></label>
+ </p>
+ <p>
+ <label for="user_email"><?php _e( 'Email' ); ?><br />
+ <input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr( wp_unslash( $user_email ) ); ?>" size="25" /></label>
+ </p>
+ <?php
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p id="nav">
- <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>
- <?php echo esc_html( $login_link_separator ); ?>
- <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a>
- </p>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ /**
+ * Fires following the 'Email' field in the user registration form.
+ *
+ * @since 2.1.0
+ */
+ do_action( 'register_form' );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ ?>
+ <p id="reg_passmail">
+ <?php _e( 'Registration confirmation will be emailed to you.' ); ?>
+ </p>
+ <br class="clear" />
+ <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
+ <p class="submit">
+ <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Register' ); ?>" />
+ </p>
+ </form>
+
+ <p id="nav">
+ <a href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>
+ <?php echo esc_html( $login_link_separator ); ?>
+ <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a>
+ </p>
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> login_footer( 'user_login' );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-
</del><span class="cx" style="display: block; padding: 0 10px"> break;
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> case 'confirmaction':
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -914,6 +1139,7 @@
</span><span class="cx" style="display: block; padding: 0 10px"> default:
</span><span class="cx" style="display: block; padding: 0 10px"> $secure_cookie = '';
</span><span class="cx" style="display: block; padding: 0 10px"> $customize_login = isset( $_REQUEST['customize-login'] );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> if ( $customize_login ) {
</span><span class="cx" style="display: block; padding: 0 10px"> wp_enqueue_script( 'customize-base' );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -990,21 +1216,42 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $message = '<p class="message">' . __( 'You have logged in successfully.' ) . '</p>';
</span><span class="cx" style="display: block; padding: 0 10px"> $interim_login = 'success';
</span><span class="cx" style="display: block; padding: 0 10px"> login_header( '', $message );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><span class="cx" style="display: block; padding: 0 10px"> </div>
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> /** This action is documented in wp-login.php */
</span><span class="cx" style="display: block; padding: 0 10px"> do_action( 'login_footer' );
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ if ( $customize_login ) {
+ ?>
+ <script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php echo wp_customize_url(); ?>', channel: 'login' }).send('login') }, 1000 );</script>
+ <?php
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <?php if ( $customize_login ) : ?>
- <script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php echo wp_customize_url(); ?>', channel: 'login' }).send('login') }, 1000 );</script>
- <?php endif; ?>
</del><span class="cx" style="display: block; padding: 0 10px"> </body></html>
</span><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> exit;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ // Check if it is time to add a redirect to the admin email confirmation screen.
+ if ( is_a( $user, 'WP_User' ) && $user->exists() && $user->has_cap( 'manage_options' ) ) {
+ $admin_email_lifespan = (int) get_option( 'admin_email_lifespan' );
+
+ // If `0` (or anything "falsey" as it is cast to int) is returned, the user will not be redirected
+ // to the admin email confirmation screen.
+ /** This filter is documented in wp-login.php */
+ $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 180 * DAY_IN_SECONDS );
+
+ if ( $admin_email_check_interval > 0 && time() > $admin_email_lifespan ) {
+ $redirect_to = add_query_arg( 'action', 'confirm_admin_email', wp_login_url( $redirect_to ) );
+ }
+ }
+
+ if ( ( empty( $redirect_to ) || $redirect_to === 'wp-admin/' || $redirect_to == admin_url() ) ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
</span><span class="cx" style="display: block; padding: 0 10px"> if ( is_multisite() && ! get_active_blog_for_user( $user->ID ) && ! is_super_admin( $user->ID ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $redirect_to = user_admin_url();
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1015,10 +1262,11 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> wp_redirect( $redirect_to );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- exit();
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ exit;
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> wp_safe_redirect( $redirect_to );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- exit();
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ exit;
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> $errors = $user;
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1037,15 +1285,15 @@
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><span class="cx" style="display: block; padding: 0 10px"> // Some parts of this script use the main login form to display a message.
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( isset( $_GET['loggedout'] ) && true == $_GET['loggedout'] ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( isset( $_GET['loggedout'] ) && $_GET['loggedout'] ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'loggedout', __( 'You are now logged out.' ), 'message' );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( isset( $_GET['registration'] ) && 'disabled' == $_GET['registration'] ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( isset( $_GET['registration'] ) && 'disabled' === $_GET['registration'] ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'registerdisabled', __( 'User registration is currently not allowed.' ) );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( isset( $_GET['checkemail'] ) && 'confirm' == $_GET['checkemail'] ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( isset( $_GET['checkemail'] ) && 'confirm' === $_GET['checkemail'] ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'confirm', __( 'Check your email for the confirmation link.' ), 'message' );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( isset( $_GET['checkemail'] ) && 'newpass' == $_GET['checkemail'] ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( isset( $_GET['checkemail'] ) && 'newpass' === $_GET['checkemail'] ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'newpass', __( 'Check your email for your new password.' ), 'message' );
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } elseif ( isset( $_GET['checkemail'] ) && 'registered' == $_GET['checkemail'] ) {
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ } elseif ( isset( $_GET['checkemail'] ) && 'registered' === $_GET['checkemail'] ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'registered', __( 'Registration complete. Please check your email.' ), 'message' );
</span><span class="cx" style="display: block; padding: 0 10px"> } elseif ( strpos( $redirect_to, 'about.php?updated' ) ) {
</span><span class="cx" style="display: block; padding: 0 10px"> $errors->add( 'updated', __( '<strong>You have successfully updated WordPress!</strong> Please log back in to see what’s new.' ), 'message' );
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1072,8 +1320,9 @@
</span><span class="cx" style="display: block; padding: 0 10px"> login_header( __( 'Log In' ), '', $errors );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( isset( $_POST['log'] ) ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- $user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : '';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $user_login = ( 'incorrect_password' === $errors->get_error_code() || 'empty_password' === $errors->get_error_code() ) ? esc_attr( wp_unslash( $_POST['log'] ) ) : '';
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
</ins><span class="cx" style="display: block; padding: 0 10px"> $rememberme = ! empty( $_POST['rememberme'] );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( $errors->has_errors() ) {
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1081,80 +1330,100 @@
</span><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><span class="cx" style="display: block; padding: 0 10px"> $aria_describedby_error = '';
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- ?>
</del><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post">
- <p>
- <label for="user_login"><?php _e( 'Username or Email Address' ); ?><br />
- <input type="text" name="log" id="user_login"<?php echo $aria_describedby_error; ?> class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label>
- </p>
- <p>
- <label for="user_pass"><?php _e( 'Password' ); ?><br />
- <input type="password" name="pwd" id="user_pass"<?php echo $aria_describedby_error; ?> class="input" value="" size="20" /></label>
- </p>
- <?php
- /**
- * Fires following the 'Password' field in the login form.
- *
- * @since 2.1.0
- */
- do_action( 'login_form' );
</del><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <p class="forgetmenot"><label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever" <?php checked( $rememberme ); ?> /> <?php esc_html_e( 'Remember Me' ); ?></label></p>
- <p class="submit">
- <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Log In' ); ?>" />
- <?php if ( $interim_login ) { ?>
- <input type="hidden" name="interim-login" value="1" />
- <?php } else { ?>
- <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
- <?php } ?>
- <?php if ( $customize_login ) : ?>
- <input type="hidden" name="customize-login" value="1" />
- <?php endif; ?>
- <input type="hidden" name="testcookie" value="1" />
- </p>
- </form>
</del><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <?php if ( ! $interim_login ) { ?>
- <p id="nav">
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <form name="loginform" id="loginform" action="<?php echo esc_url( site_url( 'wp-login.php', 'login_post' ) ); ?>" method="post">
+ <p>
+ <label for="user_login"><?php _e( 'Username or Email Address' ); ?><br />
+ <input type="text" name="log" id="user_login"<?php echo $aria_describedby_error; ?> class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" /></label>
+ </p>
+ <p>
+ <label for="user_pass"><?php _e( 'Password' ); ?><br />
+ <input type="password" name="pwd" id="user_pass"<?php echo $aria_describedby_error; ?> class="input" value="" size="20" /></label>
+ </p>
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ) ) ) :
- if ( get_option( 'users_can_register' ) ) :
- $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );
</del><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- /** This filter is documented in wp-includes/general-template.php */
- echo apply_filters( 'register', $registration_url );
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ /**
+ * Fires following the 'Password' field in the login form.
+ *
+ * @since 2.1.0
+ */
+ do_action( 'login_form' );
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- echo esc_html( $login_link_separator );
- endif;
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ ?>
+ <p class="forgetmenot"><label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever" <?php checked( $rememberme ); ?> /> <?php esc_html_e( 'Remember Me' ); ?></label></p>
+ <p class="submit">
+ <input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Log In' ); ?>" />
+ <?php
+
+ if ( $interim_login ) {
+ ?>
+ <input type="hidden" name="interim-login" value="1" />
+ <?php
+ } else {
+ ?>
+ <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
+ <?php
+ }
+
+ if ( $customize_login ) {
+ ?>
+ <input type="hidden" name="customize-login" value="1" />
+ <?php
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a>
- <?php endif; ?>
- </p>
- <?php } ?>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <input type="hidden" name="testcookie" value="1" />
+ </p>
+ </form>
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <script type="text/javascript">
- function wp_attempt_focus(){
- setTimeout( function(){ try{
- <?php if ( $user_login ) { ?>
- d = document.getElementById('user_pass');
- d.value = '';
- <?php } else { ?>
- d = document.getElementById('user_login');
- <?php if ( 'invalid_username' == $errors->get_error_code() ) { ?>
- if( d.value != '' )
- d.value = '';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <?php
+
+ if ( ! $interim_login ) {
+ ?>
+ <p id="nav">
</ins><span class="cx" style="display: block; padding: 0 10px"> <?php
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ if ( ! isset( $_GET['checkemail'] ) || ! in_array( $_GET['checkemail'], array( 'confirm', 'newpass' ), true ) ) {
+ if ( get_option( 'users_can_register' ) ) {
+ $registration_url = sprintf( '<a href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );
+
+ /** This filter is documented in wp-includes/general-template.php */
+ echo apply_filters( 'register', $registration_url );
+
+ echo esc_html( $login_link_separator );
+ }
+
+ ?>
+ <a href="<?php echo esc_url( wp_lostpassword_url() ); ?>"><?php _e( 'Lost your password?' ); ?></a>
+ <?php
+ }
+
+ ?>
+ </p>
+ <?php
+ }
+
+ $login_script = 'function wp_attempt_focus() {';
+ $login_script .= 'setTimeout( function() {';
+ $login_script .= 'try {';
+
+ if ( $user_login ) {
+ $login_script .= 'd = document.getElementById( "user_pass" ); d.value = "";';
+ } else {
+ $login_script .= 'd = document.getElementById( "user_login" );';
+
+ if ( $errors->get_error_code() === 'invalid_username' ) {
+ $login_script .= 'd.value = "";';
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- }
- ?>
- d.focus();
- d.select();
- } catch(e){}
- }, 200);
- }
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ }
</ins><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <?php
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $login_script .= 'd.focus(); d.select();';
+ $login_script .= '} catch( er ) {}';
+ $login_script .= '}, 200);';
+ $login_script .= "}\n"; // End of wp_attempt_focus().
+
</ins><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Filters whether to print the call to `wp_attempt_focus()` on the login screen.
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -1163,25 +1432,36 @@
</span><span class="cx" style="display: block; padding: 0 10px"> * @param bool $print Whether to print the function call. Default true.
</span><span class="cx" style="display: block; padding: 0 10px"> */
</span><span class="cx" style="display: block; padding: 0 10px"> if ( apply_filters( 'enable_login_autofocus', true ) && ! $error ) {
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ $login_script .= "wp_attempt_focus();\n";
+ }
+
+ // Run `wpOnload()` if defined.
+ $login_script .= "if ( typeof wpOnload === 'function' ) { wpOnload() }";
+
+ ?>
+ <script type="text/javascript">
+ <?php echo $login_script; ?>
+ </script>
+ <?php
+
+ if ( $interim_login ) {
</ins><span class="cx" style="display: block; padding: 0 10px"> ?>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- wp_attempt_focus();
- <?php } ?>
- if(typeof wpOnload=='function')wpOnload();
- <?php if ( $interim_login ) { ?>
- (function(){
- try {
- var i, links = document.getElementsByTagName('a');
- for ( i in links ) {
- if ( links[i].href )
- links[i].target = '_blank';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <script type="text/javascript">
+ ( function() {
+ try {
+ var i, links = document.getElementsByTagName( 'a' );
+ for ( i in links ) {
+ if ( links[i].href ) {
+ links[i].target = '_blank';
+ links[i].rel = 'noreferrer noopener';
+ }
+ }
+ } catch( er ) {}
+ }());
+ </script>
+ <?php
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- } catch(e){}
- }());
- <?php } ?>
- </script>
</del><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <?php
</del><span class="cx" style="display: block; padding: 0 10px"> login_footer();
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-
</del><span class="cx" style="display: block; padding: 0 10px"> break;
</span><span class="cx" style="display: block; padding: 0 10px"> } // End action switch.
</span></span></pre>
</div>
</div>
</body>
</html>