Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93

Warning: Undefined array key "page_file_edit_line" in /home/sportsfever/public_html/filemanger/edit_text_line.php on line 32
/home/sportsfe.../httpdocs/clone
File: wp-login.php
// Validate action so as to default to the login screen.
[500] Fix | Delete
if ( ! in_array( $action, $default_actions, true ) && false === has_filter( 'login_form_' . $action ) ) {
[501] Fix | Delete
$action = 'login';
[502] Fix | Delete
}
[503] Fix | Delete
[504] Fix | Delete
nocache_headers();
[505] Fix | Delete
[506] Fix | Delete
header( 'Content-Type: ' . get_bloginfo( 'html_type' ) . '; charset=' . get_bloginfo( 'charset' ) );
[507] Fix | Delete
[508] Fix | Delete
if ( defined( 'RELOCATE' ) && RELOCATE ) { // Move flag is set.
[509] Fix | Delete
if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] !== $_SERVER['PHP_SELF'] ) ) {
[510] Fix | Delete
$_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] );
[511] Fix | Delete
}
[512] Fix | Delete
[513] Fix | Delete
$url = dirname( set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) );
[514] Fix | Delete
[515] Fix | Delete
if ( get_option( 'siteurl' ) !== $url ) {
[516] Fix | Delete
update_option( 'siteurl', $url );
[517] Fix | Delete
}
[518] Fix | Delete
}
[519] Fix | Delete
[520] Fix | Delete
// Set a cookie now to see if they are supported by the browser.
[521] Fix | Delete
$secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) );
[522] Fix | Delete
setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure );
[523] Fix | Delete
[524] Fix | Delete
if ( SITECOOKIEPATH !== COOKIEPATH ) {
[525] Fix | Delete
setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
[526] Fix | Delete
}
[527] Fix | Delete
[528] Fix | Delete
if ( isset( $_GET['wp_lang'] ) ) {
[529] Fix | Delete
setcookie( 'wp_lang', sanitize_text_field( $_GET['wp_lang'] ), 0, COOKIEPATH, COOKIE_DOMAIN, $secure );
[530] Fix | Delete
}
[531] Fix | Delete
[532] Fix | Delete
/**
[533] Fix | Delete
* Fires when the login form is initialized.
[534] Fix | Delete
*
[535] Fix | Delete
* @since 3.2.0
[536] Fix | Delete
*/
[537] Fix | Delete
do_action( 'login_init' );
[538] Fix | Delete
[539] Fix | Delete
/**
[540] Fix | Delete
* Fires before a specified login form action.
[541] Fix | Delete
*
[542] Fix | Delete
* The dynamic portion of the hook name, `$action`, refers to the action
[543] Fix | Delete
* that brought the visitor to the login form.
[544] Fix | Delete
*
[545] Fix | Delete
* Possible hook names include:
[546] Fix | Delete
*
[547] Fix | Delete
* - `login_form_checkemail`
[548] Fix | Delete
* - `login_form_confirm_admin_email`
[549] Fix | Delete
* - `login_form_confirmaction`
[550] Fix | Delete
* - `login_form_entered_recovery_mode`
[551] Fix | Delete
* - `login_form_login`
[552] Fix | Delete
* - `login_form_logout`
[553] Fix | Delete
* - `login_form_lostpassword`
[554] Fix | Delete
* - `login_form_postpass`
[555] Fix | Delete
* - `login_form_register`
[556] Fix | Delete
* - `login_form_resetpass`
[557] Fix | Delete
* - `login_form_retrievepassword`
[558] Fix | Delete
* - `login_form_rp`
[559] Fix | Delete
*
[560] Fix | Delete
* @since 2.8.0
[561] Fix | Delete
*/
[562] Fix | Delete
do_action( "login_form_{$action}" );
[563] Fix | Delete
[564] Fix | Delete
$http_post = ( 'POST' === $_SERVER['REQUEST_METHOD'] );
[565] Fix | Delete
$interim_login = isset( $_REQUEST['interim-login'] );
[566] Fix | Delete
[567] Fix | Delete
/**
[568] Fix | Delete
* Filters the separator used between login form navigation links.
[569] Fix | Delete
*
[570] Fix | Delete
* @since 4.9.0
[571] Fix | Delete
*
[572] Fix | Delete
* @param string $login_link_separator The separator used between login form navigation links.
[573] Fix | Delete
*/
[574] Fix | Delete
$login_link_separator = apply_filters( 'login_link_separator', ' | ' );
[575] Fix | Delete
[576] Fix | Delete
switch ( $action ) {
[577] Fix | Delete
[578] Fix | Delete
case 'confirm_admin_email':
[579] Fix | Delete
/*
[580] Fix | Delete
* Note that `is_user_logged_in()` will return false immediately after logging in
[581] Fix | Delete
* as the current user is not set, see wp-includes/pluggable.php.
[582] Fix | Delete
* However this action runs on a redirect after logging in.
[583] Fix | Delete
*/
[584] Fix | Delete
if ( ! is_user_logged_in() ) {
[585] Fix | Delete
wp_safe_redirect( wp_login_url() );
[586] Fix | Delete
exit;
[587] Fix | Delete
}
[588] Fix | Delete
[589] Fix | Delete
if ( ! empty( $_REQUEST['redirect_to'] ) ) {
[590] Fix | Delete
$redirect_to = $_REQUEST['redirect_to'];
[591] Fix | Delete
} else {
[592] Fix | Delete
$redirect_to = admin_url();
[593] Fix | Delete
}
[594] Fix | Delete
[595] Fix | Delete
if ( current_user_can( 'manage_options' ) ) {
[596] Fix | Delete
$admin_email = get_option( 'admin_email' );
[597] Fix | Delete
} else {
[598] Fix | Delete
wp_safe_redirect( $redirect_to );
[599] Fix | Delete
exit;
[600] Fix | Delete
}
[601] Fix | Delete
[602] Fix | Delete
/**
[603] Fix | Delete
* Filters the interval for dismissing the admin email confirmation screen.
[604] Fix | Delete
*
[605] Fix | Delete
* If `0` (zero) is returned, the "Remind me later" link will not be displayed.
[606] Fix | Delete
*
[607] Fix | Delete
* @since 5.3.1
[608] Fix | Delete
*
[609] Fix | Delete
* @param int $interval Interval time (in seconds). Default is 3 days.
[610] Fix | Delete
*/
[611] Fix | Delete
$remind_interval = (int) apply_filters( 'admin_email_remind_interval', 3 * DAY_IN_SECONDS );
[612] Fix | Delete
[613] Fix | Delete
if ( ! empty( $_GET['remind_me_later'] ) ) {
[614] Fix | Delete
if ( ! wp_verify_nonce( $_GET['remind_me_later'], 'remind_me_later_nonce' ) ) {
[615] Fix | Delete
wp_safe_redirect( wp_login_url() );
[616] Fix | Delete
exit;
[617] Fix | Delete
}
[618] Fix | Delete
[619] Fix | Delete
if ( $remind_interval > 0 ) {
[620] Fix | Delete
update_option( 'admin_email_lifespan', time() + $remind_interval );
[621] Fix | Delete
}
[622] Fix | Delete
[623] Fix | Delete
$redirect_to = add_query_arg( 'admin_email_remind_later', 1, $redirect_to );
[624] Fix | Delete
wp_safe_redirect( $redirect_to );
[625] Fix | Delete
exit;
[626] Fix | Delete
}
[627] Fix | Delete
[628] Fix | Delete
if ( ! empty( $_POST['correct-admin-email'] ) ) {
[629] Fix | Delete
if ( ! check_admin_referer( 'confirm_admin_email', 'confirm_admin_email_nonce' ) ) {
[630] Fix | Delete
wp_safe_redirect( wp_login_url() );
[631] Fix | Delete
exit;
[632] Fix | Delete
}
[633] Fix | Delete
[634] Fix | Delete
/**
[635] Fix | Delete
* Filters the interval for redirecting the user to the admin email confirmation screen.
[636] Fix | Delete
*
[637] Fix | Delete
* If `0` (zero) is returned, the user will not be redirected.
[638] Fix | Delete
*
[639] Fix | Delete
* @since 5.3.0
[640] Fix | Delete
*
[641] Fix | Delete
* @param int $interval Interval time (in seconds). Default is 6 months.
[642] Fix | Delete
*/
[643] Fix | Delete
$admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 6 * MONTH_IN_SECONDS );
[644] Fix | Delete
[645] Fix | Delete
if ( $admin_email_check_interval > 0 ) {
[646] Fix | Delete
update_option( 'admin_email_lifespan', time() + $admin_email_check_interval );
[647] Fix | Delete
}
[648] Fix | Delete
[649] Fix | Delete
wp_safe_redirect( $redirect_to );
[650] Fix | Delete
exit;
[651] Fix | Delete
}
[652] Fix | Delete
[653] Fix | Delete
login_header( __( 'Confirm your administration email' ), '', $errors );
[654] Fix | Delete
[655] Fix | Delete
/**
[656] Fix | Delete
* Fires before the admin email confirm form.
[657] Fix | Delete
*
[658] Fix | Delete
* @since 5.3.0
[659] Fix | Delete
*
[660] Fix | Delete
* @param WP_Error $errors A `WP_Error` object containing any errors generated by using invalid
[661] Fix | Delete
* credentials. Note that the error object may not contain any errors.
[662] Fix | Delete
*/
[663] Fix | Delete
do_action( 'admin_email_confirm', $errors );
[664] Fix | Delete
[665] Fix | Delete
?>
[666] Fix | Delete
[667] Fix | Delete
<form class="admin-email-confirm-form" name="admin-email-confirm-form" action="<?php echo esc_url( site_url( 'wp-login.php?action=confirm_admin_email', 'login_post' ) ); ?>" method="post">
[668] Fix | Delete
<?php
[669] Fix | Delete
/**
[670] Fix | Delete
* Fires inside the admin-email-confirm-form form tags, before the hidden fields.
[671] Fix | Delete
*
[672] Fix | Delete
* @since 5.3.0
[673] Fix | Delete
*/
[674] Fix | Delete
do_action( 'admin_email_confirm_form' );
[675] Fix | Delete
[676] Fix | Delete
wp_nonce_field( 'confirm_admin_email', 'confirm_admin_email_nonce' );
[677] Fix | Delete
[678] Fix | Delete
?>
[679] Fix | Delete
<input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
[680] Fix | Delete
[681] Fix | Delete
<h1 class="admin-email__heading">
[682] Fix | Delete
<?php _e( 'Administration email verification' ); ?>
[683] Fix | Delete
</h1>
[684] Fix | Delete
<p class="admin-email__details">
[685] Fix | Delete
<?php _e( 'Please verify that the <strong>administration email</strong> for this website is still correct.' ); ?>
[686] Fix | Delete
<?php
[687] Fix | Delete
[688] Fix | Delete
/* translators: URL to the WordPress help section about admin email. */
[689] Fix | Delete
$admin_email_help_url = __( 'https://wordpress.org/documentation/article/settings-general-screen/#email-address' );
[690] Fix | Delete
[691] Fix | Delete
$accessibility_text = sprintf(
[692] Fix | Delete
'<span class="screen-reader-text"> %s</span>',
[693] Fix | Delete
/* translators: Hidden accessibility text. */
[694] Fix | Delete
__( '(opens in a new tab)' )
[695] Fix | Delete
);
[696] Fix | Delete
[697] Fix | Delete
printf(
[698] Fix | Delete
'<a href="%s" rel="noopener" target="_blank">%s%s</a>',
[699] Fix | Delete
esc_url( $admin_email_help_url ),
[700] Fix | Delete
__( 'Why is this important?' ),
[701] Fix | Delete
$accessibility_text
[702] Fix | Delete
);
[703] Fix | Delete
[704] Fix | Delete
?>
[705] Fix | Delete
</p>
[706] Fix | Delete
<p class="admin-email__details">
[707] Fix | Delete
<?php
[708] Fix | Delete
[709] Fix | Delete
printf(
[710] Fix | Delete
/* translators: %s: Admin email address. */
[711] Fix | Delete
__( 'Current administration email: %s' ),
[712] Fix | Delete
'<strong>' . esc_html( $admin_email ) . '</strong>'
[713] Fix | Delete
);
[714] Fix | Delete
[715] Fix | Delete
?>
[716] Fix | Delete
</p>
[717] Fix | Delete
<p class="admin-email__details">
[718] Fix | Delete
<?php _e( 'This email may be different from your personal email address.' ); ?>
[719] Fix | Delete
</p>
[720] Fix | Delete
[721] Fix | Delete
<div class="admin-email__actions">
[722] Fix | Delete
<div class="admin-email__actions-primary">
[723] Fix | Delete
<?php
[724] Fix | Delete
[725] Fix | Delete
$change_link = admin_url( 'options-general.php' );
[726] Fix | Delete
$change_link = add_query_arg( 'highlight', 'confirm_admin_email', $change_link );
[727] Fix | Delete
[728] Fix | Delete
?>
[729] Fix | Delete
<a class="button button-large" href="<?php echo esc_url( $change_link ); ?>"><?php _e( 'Update' ); ?></a>
[730] Fix | Delete
<input type="submit" name="correct-admin-email" id="correct-admin-email" class="button button-primary button-large" value="<?php esc_attr_e( 'The email is correct' ); ?>" />
[731] Fix | Delete
</div>
[732] Fix | Delete
<?php if ( $remind_interval > 0 ) : ?>
[733] Fix | Delete
<div class="admin-email__actions-secondary">
[734] Fix | Delete
<?php
[735] Fix | Delete
[736] Fix | Delete
$remind_me_link = wp_login_url( $redirect_to );
[737] Fix | Delete
$remind_me_link = add_query_arg(
[738] Fix | Delete
array(
[739] Fix | Delete
'action' => 'confirm_admin_email',
[740] Fix | Delete
'remind_me_later' => wp_create_nonce( 'remind_me_later_nonce' ),
[741] Fix | Delete
),
[742] Fix | Delete
$remind_me_link
[743] Fix | Delete
);
[744] Fix | Delete
[745] Fix | Delete
?>
[746] Fix | Delete
<a href="<?php echo esc_url( $remind_me_link ); ?>"><?php _e( 'Remind me later' ); ?></a>
[747] Fix | Delete
</div>
[748] Fix | Delete
<?php endif; ?>
[749] Fix | Delete
</div>
[750] Fix | Delete
</form>
[751] Fix | Delete
[752] Fix | Delete
<?php
[753] Fix | Delete
[754] Fix | Delete
login_footer();
[755] Fix | Delete
break;
[756] Fix | Delete
[757] Fix | Delete
case 'postpass':
[758] Fix | Delete
if ( ! isset( $_POST['post_password'] ) || ! is_string( $_POST['post_password'] ) ) {
[759] Fix | Delete
wp_safe_redirect( wp_get_referer() );
[760] Fix | Delete
exit;
[761] Fix | Delete
}
[762] Fix | Delete
[763] Fix | Delete
require_once ABSPATH . WPINC . '/class-phpass.php';
[764] Fix | Delete
$hasher = new PasswordHash( 8, true );
[765] Fix | Delete
[766] Fix | Delete
/**
[767] Fix | Delete
* Filters the life span of the post password cookie.
[768] Fix | Delete
*
[769] Fix | Delete
* By default, the cookie expires 10 days from creation. To turn this
[770] Fix | Delete
* into a session cookie, return 0.
[771] Fix | Delete
*
[772] Fix | Delete
* @since 3.7.0
[773] Fix | Delete
*
[774] Fix | Delete
* @param int $expires The expiry time, as passed to setcookie().
[775] Fix | Delete
*/
[776] Fix | Delete
$expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS );
[777] Fix | Delete
$referer = wp_get_referer();
[778] Fix | Delete
[779] Fix | Delete
if ( $referer ) {
[780] Fix | Delete
$secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) );
[781] Fix | Delete
} else {
[782] Fix | Delete
$secure = false;
[783] Fix | Delete
}
[784] Fix | Delete
[785] Fix | Delete
setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure );
[786] Fix | Delete
[787] Fix | Delete
wp_safe_redirect( wp_get_referer() );
[788] Fix | Delete
exit;
[789] Fix | Delete
[790] Fix | Delete
case 'logout':
[791] Fix | Delete
check_admin_referer( 'log-out' );
[792] Fix | Delete
[793] Fix | Delete
$user = wp_get_current_user();
[794] Fix | Delete
[795] Fix | Delete
wp_logout();
[796] Fix | Delete
[797] Fix | Delete
if ( ! empty( $_REQUEST['redirect_to'] ) && is_string( $_REQUEST['redirect_to'] ) ) {
[798] Fix | Delete
$redirect_to = $_REQUEST['redirect_to'];
[799] Fix | Delete
$requested_redirect_to = $redirect_to;
[800] Fix | Delete
} else {
[801] Fix | Delete
$redirect_to = add_query_arg(
[802] Fix | Delete
array(
[803] Fix | Delete
'loggedout' => 'true',
[804] Fix | Delete
'wp_lang' => get_user_locale( $user ),
[805] Fix | Delete
),
[806] Fix | Delete
wp_login_url()
[807] Fix | Delete
);
[808] Fix | Delete
[809] Fix | Delete
$requested_redirect_to = '';
[810] Fix | Delete
}
[811] Fix | Delete
[812] Fix | Delete
/**
[813] Fix | Delete
* Filters the log out redirect URL.
[814] Fix | Delete
*
[815] Fix | Delete
* @since 4.2.0
[816] Fix | Delete
*
[817] Fix | Delete
* @param string $redirect_to The redirect destination URL.
[818] Fix | Delete
* @param string $requested_redirect_to The requested redirect destination URL passed as a parameter.
[819] Fix | Delete
* @param WP_User $user The WP_User object for the user that's logging out.
[820] Fix | Delete
*/
[821] Fix | Delete
$redirect_to = apply_filters( 'logout_redirect', $redirect_to, $requested_redirect_to, $user );
[822] Fix | Delete
[823] Fix | Delete
wp_safe_redirect( $redirect_to );
[824] Fix | Delete
exit;
[825] Fix | Delete
[826] Fix | Delete
case 'lostpassword':
[827] Fix | Delete
case 'retrievepassword':
[828] Fix | Delete
if ( $http_post ) {
[829] Fix | Delete
$errors = retrieve_password();
[830] Fix | Delete
[831] Fix | Delete
if ( ! is_wp_error( $errors ) ) {
[832] Fix | Delete
$redirect_to = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'wp-login.php?checkemail=confirm';
[833] Fix | Delete
wp_safe_redirect( $redirect_to );
[834] Fix | Delete
exit;
[835] Fix | Delete
}
[836] Fix | Delete
}
[837] Fix | Delete
[838] Fix | Delete
if ( isset( $_GET['error'] ) ) {
[839] Fix | Delete
if ( 'invalidkey' === $_GET['error'] ) {
[840] Fix | Delete
$errors->add( 'invalidkey', __( '<strong>Error:</strong> Your password reset link appears to be invalid. Please request a new link below.' ) );
[841] Fix | Delete
} elseif ( 'expiredkey' === $_GET['error'] ) {
[842] Fix | Delete
$errors->add( 'expiredkey', __( '<strong>Error:</strong> Your password reset link has expired. Please request a new link below.' ) );
[843] Fix | Delete
}
[844] Fix | Delete
}
[845] Fix | Delete
[846] Fix | Delete
$lostpassword_redirect = ! empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '';
[847] Fix | Delete
/**
[848] Fix | Delete
* Filters the URL redirected to after submitting the lostpassword/retrievepassword form.
[849] Fix | Delete
*
[850] Fix | Delete
* @since 3.0.0
[851] Fix | Delete
*
[852] Fix | Delete
* @param string $lostpassword_redirect The redirect destination URL.
[853] Fix | Delete
*/
[854] Fix | Delete
$redirect_to = apply_filters( 'lostpassword_redirect', $lostpassword_redirect );
[855] Fix | Delete
[856] Fix | Delete
/**
[857] Fix | Delete
* Fires before the lost password form.
[858] Fix | Delete
*
[859] Fix | Delete
* @since 1.5.1
[860] Fix | Delete
* @since 5.1.0 Added the `$errors` parameter.
[861] Fix | Delete
*
[862] Fix | Delete
* @param WP_Error $errors A `WP_Error` object containing any errors generated by using invalid
[863] Fix | Delete
* credentials. Note that the error object may not contain any errors.
[864] Fix | Delete
*/
[865] Fix | Delete
do_action( 'lost_password', $errors );
[866] Fix | Delete
[867] Fix | Delete
login_header(
[868] Fix | Delete
__( 'Lost Password' ),
[869] Fix | Delete
wp_get_admin_notice(
[870] Fix | Delete
__( 'Please enter your username or email address. You will receive an email message with instructions on how to reset your password.' ),
[871] Fix | Delete
array(
[872] Fix | Delete
'type' => 'info',
[873] Fix | Delete
'additional_classes' => array( 'message' ),
[874] Fix | Delete
)
[875] Fix | Delete
),
[876] Fix | Delete
$errors
[877] Fix | Delete
);
[878] Fix | Delete
[879] Fix | Delete
$user_login = '';
[880] Fix | Delete
[881] Fix | Delete
if ( isset( $_POST['user_login'] ) && is_string( $_POST['user_login'] ) ) {
[882] Fix | Delete
$user_login = wp_unslash( $_POST['user_login'] );
[883] Fix | Delete
}
[884] Fix | Delete
[885] Fix | Delete
?>
[886] Fix | Delete
[887] Fix | Delete
<form name="lostpasswordform" id="lostpasswordform" action="<?php echo esc_url( network_site_url( 'wp-login.php?action=lostpassword', 'login_post' ) ); ?>" method="post">
[888] Fix | Delete
<p>
[889] Fix | Delete
<label for="user_login"><?php _e( 'Username or Email Address' ); ?></label>
[890] Fix | Delete
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr( $user_login ); ?>" size="20" autocapitalize="off" autocomplete="username" required="required" />
[891] Fix | Delete
</p>
[892] Fix | Delete
<?php
[893] Fix | Delete
[894] Fix | Delete
/**
[895] Fix | Delete
* Fires inside the lostpassword form tags, before the hidden fields.
[896] Fix | Delete
*
[897] Fix | Delete
* @since 2.1.0
[898] Fix | Delete
*/
[899] Fix | Delete
do_action( 'lostpassword_form' );
[900] Fix | Delete
[901] Fix | Delete
?>
[902] Fix | Delete
<input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
[903] Fix | Delete
<p class="submit">
[904] Fix | Delete
<input type="submit" name="wp-submit" id="wp-submit" class="button button-primary button-large" value="<?php esc_attr_e( 'Get New Password' ); ?>" />
[905] Fix | Delete
</p>
[906] Fix | Delete
</form>
[907] Fix | Delete
[908] Fix | Delete
<p id="nav">
[909] Fix | Delete
<a class="wp-login-log-in" href="<?php echo esc_url( wp_login_url() ); ?>"><?php _e( 'Log in' ); ?></a>
[910] Fix | Delete
<?php
[911] Fix | Delete
[912] Fix | Delete
if ( get_option( 'users_can_register' ) ) {
[913] Fix | Delete
$registration_url = sprintf( '<a class="wp-login-register" href="%s">%s</a>', esc_url( wp_registration_url() ), __( 'Register' ) );
[914] Fix | Delete
[915] Fix | Delete
echo esc_html( $login_link_separator );
[916] Fix | Delete
[917] Fix | Delete
/** This filter is documented in wp-includes/general-template.php */
[918] Fix | Delete
echo apply_filters( 'register', $registration_url );
[919] Fix | Delete
}
[920] Fix | Delete
[921] Fix | Delete
?>
[922] Fix | Delete
</p>
[923] Fix | Delete
<?php
[924] Fix | Delete
[925] Fix | Delete
login_footer( 'user_login' );
[926] Fix | Delete
break;
[927] Fix | Delete
[928] Fix | Delete
case 'resetpass':
[929] Fix | Delete
case 'rp':
[930] Fix | Delete
list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
[931] Fix | Delete
$rp_cookie = 'wp-resetpass-' . COOKIEHASH;
[932] Fix | Delete
[933] Fix | Delete
if ( isset( $_GET['key'] ) && isset( $_GET['login'] ) ) {
[934] Fix | Delete
$value = sprintf( '%s:%s', wp_unslash( $_GET['login'] ), wp_unslash( $_GET['key'] ) );
[935] Fix | Delete
setcookie( $rp_cookie, $value, 0, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
[936] Fix | Delete
[937] Fix | Delete
wp_safe_redirect( remove_query_arg( array( 'key', 'login' ) ) );
[938] Fix | Delete
exit;
[939] Fix | Delete
}
[940] Fix | Delete
[941] Fix | Delete
if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) {
[942] Fix | Delete
list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
[943] Fix | Delete
[944] Fix | Delete
$user = check_password_reset_key( $rp_key, $rp_login );
[945] Fix | Delete
[946] Fix | Delete
if ( isset( $_POST['pass1'] ) && ! hash_equals( $rp_key, $_POST['rp_key'] ) ) {
[947] Fix | Delete
$user = false;
[948] Fix | Delete
}
[949] Fix | Delete
} else {
[950] Fix | Delete
$user = false;
[951] Fix | Delete
}
[952] Fix | Delete
[953] Fix | Delete
if ( ! $user || is_wp_error( $user ) ) {
[954] Fix | Delete
setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
[955] Fix | Delete
[956] Fix | Delete
if ( $user && $user->get_error_code() === 'expired_key' ) {
[957] Fix | Delete
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );
[958] Fix | Delete
} else {
[959] Fix | Delete
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) );
[960] Fix | Delete
}
[961] Fix | Delete
[962] Fix | Delete
exit;
[963] Fix | Delete
}
[964] Fix | Delete
[965] Fix | Delete
$errors = new WP_Error();
[966] Fix | Delete
[967] Fix | Delete
// Check if password is one or all empty spaces.
[968] Fix | Delete
if ( ! empty( $_POST['pass1'] ) ) {
[969] Fix | Delete
$_POST['pass1'] = trim( $_POST['pass1'] );
[970] Fix | Delete
[971] Fix | Delete
if ( empty( $_POST['pass1'] ) ) {
[972] Fix | Delete
$errors->add( 'password_reset_empty_space', __( 'The password cannot be a space or all spaces.' ) );
[973] Fix | Delete
}
[974] Fix | Delete
}
[975] Fix | Delete
[976] Fix | Delete
// Check if password fields do not match.
[977] Fix | Delete
if ( ! empty( $_POST['pass1'] ) && trim( $_POST['pass2'] ) !== $_POST['pass1'] ) {
[978] Fix | Delete
$errors->add( 'password_reset_mismatch', __( '<strong>Error:</strong> The passwords do not match.' ) );
[979] Fix | Delete
}
[980] Fix | Delete
[981] Fix | Delete
/**
[982] Fix | Delete
* Fires before the password reset procedure is validated.
[983] Fix | Delete
*
[984] Fix | Delete
* @since 3.5.0
[985] Fix | Delete
*
[986] Fix | Delete
* @param WP_Error $errors WP Error object.
[987] Fix | Delete
* @param WP_User|WP_Error $user WP_User object if the login and reset key match. WP_Error object otherwise.
[988] Fix | Delete
*/
[989] Fix | Delete
do_action( 'validate_password_reset', $errors, $user );
[990] Fix | Delete
[991] Fix | Delete
if ( ( ! $errors->has_errors() ) && isset( $_POST['pass1'] ) && ! empty( $_POST['pass1'] ) ) {
[992] Fix | Delete
reset_password( $user, $_POST['pass1'] );
[993] Fix | Delete
setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
[994] Fix | Delete
login_header(
[995] Fix | Delete
__( 'Password Reset' ),
[996] Fix | Delete
wp_get_admin_notice(
[997] Fix | Delete
__( 'Your password has been reset.' ) . ' <a href="' . esc_url( wp_login_url() ) . '">' . __( 'Log in' ) . '</a>',
[998] Fix | Delete
array(
[999] Fix | Delete
1234
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function