[wp-trac] [WordPress Trac] #10453: authentication errors from plugins sometimes get suppressed
WordPress Trac
wp-trac at lists.automattic.com
Mon Jul 20 22:33:09 UTC 2009
#10453: authentication errors from plugins sometimes get suppressed
--------------------------+-------------------------------------------------
Reporter: wnorris | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Unassigned
Component: Plugins | Version: 2.8.1
Severity: normal | Keywords: authentication, login, plugins, has-patch
--------------------------+-------------------------------------------------
I've noticed that the new authentication code in WP 2.8 sometimes
suppresses error messages from plugins which implement the 'authenticate'
hook. This happens on wp-login.php when both the username and password
fields are left empty.
The included patch does two things:
* modifies `wp_authenticate_username_password` to maintain existing
WP_Error object if present. Also changes how `wp_signon` clears out the
'empty_username' and 'empty_password' errors, to ensure that any others
are maintained (this last part could be made cleaner if `WP_Error` exposed
a `remove` method)
* modifies the 'login_errors' and 'login_messages' filter calls in `wp-
login.php` to pass the raw `$wp_errors` object as an optional second
parameter
--
Ticket URL: <http://core.trac.wordpress.org/ticket/10453>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list