[wp-trac] [WordPress Trac] #26760: Allow checking login form fields before username/password
WordPress Trac
noreply at wordpress.org
Sat Jan 4 19:28:41 UTC 2014
#26760: Allow checking login form fields before username/password
-----------------------------+------------------------------
Reporter: crysman | Owner:
Type: feature request | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Resolution:
Keywords: close |
-----------------------------+------------------------------
Changes (by SergeyBiryukov):
* keywords: => close
Comment:
> "Unfortunately, WordPress DOES NOT have an opportunity to check captcha
input BEFORE entering the rest of the fields."
This is just plain wrong.
The BestWebSoft's Captcha plugin uses `login_errors` and `login_redirect`
filters to check the captcha:
http://plugins.trac.wordpress.org/browser/captcha/tags/3.9.3/captcha.php#L156
Core checks for correct username/password earlier, by hooking into the
`authenticate` filter:
https://core.trac.wordpress.org/browser/tags/3.8/src/wp-
includes/user.php#L68
The plugin should just hook into the same filter with an earlier priority.
SI CAPTCHA Anti-Spam plugin does that correctly and works the way you
want:
http://plugins.trac.wordpress.org/browser/si-captcha-for-
wordpress/tags/2.7.7.1/si-captcha.php#L1249
--
Ticket URL: <https://core.trac.wordpress.org/ticket/26760#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list