<?php bloginfo('name'); ?> › <?php echo $title; ?>

X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/177fd6fefd2e3d5a0ea6591c71d660cabdb3c1a4..refs/tags/wordpress-2.6.2:/wp-login.php diff --git a/wp-login.php b/wp-login.php index af9b1610..265a223f 100644 --- a/wp-login.php +++ b/wp-login.php @@ -1,7 +1,44 @@ element. + * @param string $message Optional. Message to display in header. + * @param WP_Error $wp_error Optional. WordPress Error Object + */ function login_header($title = 'Login', $message = '', $wp_error = '') { global $error; @@ -14,16 +51,9 @@ function login_header($title = 'Login', $message = '', $wp_error = '') { <?php bloginfo('name'); ?> › <?php echo $title; ?> - - + wp_admin_css( 'login', true ); + wp_admin_css( 'colors-fresh', true ); + do_action('login_head'); ?> @@ -56,6 +86,15 @@ function login_header($title = 'Login', $message = '', $wp_error = '') { } } // End of login_header() +/** + * retrieve_password() - Handles sending password retrieval email to user + * + * {@internal Missing Long Description}} + * + * @uses $wpdb WordPress Database object + * + * @return bool|WP_Error True: when finish. WP_Error on error + */ function retrieve_password() { global $wpdb; @@ -90,10 +129,17 @@ function retrieve_password() { do_action('retreive_password', $user_login); // Misspelled and deprecated do_action('retrieve_password', $user_login); + $allow = apply_filters('allow_password_reset', true, $user_data->ID); + + if ( ! $allow ) + return new WP_Error('no_password_reset', __('Password reset is not allowed for this user')); + else if ( is_wp_error($allow) ) + return $allow; + $key = $wpdb->get_var($wpdb->prepare("SELECT user_activation_key FROM $wpdb->users WHERE user_login = %s", $user_login)); if ( empty($key) ) { // Generate something random for a key... - $key = wp_generate_password(); + $key = wp_generate_password(20, false); do_action('retrieve_password_key', $user_login, $key); // Now insert the new md5 key into the db $wpdb->query($wpdb->prepare("UPDATE $wpdb->users SET user_activation_key = %s WHERE user_login = %s", $key, $user_login)); @@ -102,7 +148,7 @@ function retrieve_password() { $message .= get_option('siteurl') . "\r\n\r\n"; $message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n"; $message .= __('To reset your password visit the following address, otherwise just ignore this email and nothing will happen.') . "\r\n\r\n"; - $message .= get_option('siteurl') . "/wp-login.php?action=rp&key=$key\r\n"; + $message .= site_url("wp-login.php?action=rp&key=$key", 'login') . "\r\n"; if ( !wp_mail($user_email, sprintf(__('[%s] Password Reset'), get_option('blogname')), $message) ) die('

' . __('The e-mail could not be sent.') . "
\n" . __('Possible reason: your host may have disabled the mail() function...') . '

'); @@ -110,6 +156,16 @@ function retrieve_password() { return true; } +/** + * reset_password() - Handles resetting the user's password + * + * {@internal Missing Long Description}} + * + * @uses $wpdb WordPress Database object + * + * @param string $key Hash to validate sending user's password + * @return bool|WP_Error + */ function reset_password($key) { global $wpdb; @@ -129,7 +185,7 @@ function reset_password($key) { wp_set_password($new_pass, $user->ID); $message = sprintf(__('Username: %s'), $user->user_login) . "\r\n"; $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n"; - $message .= get_option('siteurl') . "/wp-login.php\r\n"; + $message .= site_url('wp-login.php', 'login') . "\r\n"; if ( !wp_mail($user->user_email, sprintf(__('[%s] Your new password'), get_option('blogname')), $message) ) die('

' . __('The e-mail could not be sent.') . "
\n" . __('Possible reason: your host may have disabled the mail() function...') . '

'); @@ -144,6 +200,15 @@ function reset_password($key) { return true; } +/** + * register_new_user() - Handles registering a new user + * + * {@internal Missing Long Description}} + * + * @param string $user_login User's username for logging in + * @param string $user_email User's email address to send password and add + * @return int|WP_Error Either user's ID or error on failure. + */ function register_new_user($user_login, $user_email) { $errors = new WP_Error(); @@ -247,7 +312,7 @@ case 'retrievepassword' : login_header(__('Lost Password'), '

' . __('Please enter your username or e-mail address. You will receive a new password via e-mail.') . '

', $errors); ?> -

- | - + | +

+ has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' ) ) - $redirect_to = get_option('siteurl') . '/wp-admin/profile.php'; + $redirect_to = admin_url('profile.php'); wp_safe_redirect($redirect_to); exit(); } @@ -375,7 +453,7 @@ default: login_header(__('Login'), '', $errors); ?> -