wp-login.php


Lines:

1 to 100 of 1167
<?php

/**
 * WordPress User Page
 *
 * Handles authentication, registering, resetting passwords, forgot password,
 * and other user handling.
 *
 * @package WordPress
 */


/** Make sure that the WordPress bootstrap has run before continuing. */
require __DIR__ . '/wp-load.php';

// Redirect to HTTPS login if forced to use SSL.
if ( force_ssl_admin() && ! is_ssl() ) {
  if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
    wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) );
    exit;
  } else {
    wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] );
    exit;
  }
}

/* function login_header() – Output the login page header. */

/* function login_footer() – Outputs the footer for the login page. */

/* function wp_shake_js() – Outputs the Javascript to handle the form shaking. */

/* function wp_login_viewport_meta() – Outputs the viewport meta tag. */

//
// Main.
//

$action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : 'login';
$errors = new WP_Error();

if ( isset( $_GET['key'] ) ) {
  $action = 'resetpass';
}

if ( isset( $_GET['checkemail'] ) ) {
  $action = 'checkemail';
}

$default_actions = array(
  'confirm_admin_email',
  'postpass',
  'logout',
  'lostpassword',
  'retrievepassword',
  'resetpass',
  'rp',
  'register',
  'checkemail',
  'confirmaction',
  'login',
  WP_Recovery_Mode_Link_Service::LOGIN_ACTION_ENTERED,
);

// Validate action so as to default to the login screen.
if ( ! in_array( $action, $default_actions, true ) && false === has_filter( 'login_form_' . $action ) ) {
  $action = 'login';
}

nocache_headers();

header( 'Content-Type: ' . get_bloginfo( 'html_type' ) . '; charset=' . get_bloginfo( 'charset' ) );

if ( defined( 'RELOCATE' ) && RELOCATE ) { // Move flag is set.
  if ( isset( $_SERVER['PATH_INFO'] ) && ( $_SERVER['PATH_INFO'] !== $_SERVER['PHP_SELF'] ) ) {
    $_SERVER['PHP_SELF'] = str_replace( $_SERVER['PATH_INFO'], '', $_SERVER['PHP_SELF'] );
  }

  $url = dirname( set_url_scheme( 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ) );

  if ( get_option( 'siteurl' ) !== $url ) {
    update_option( 'siteurl', $url );
  }
}

// Set a cookie now to see if they are supported by the browser.
$secure = ( 'https' === parse_url( wp_login_url(), PHP_URL_SCHEME ) );
setcookie( TEST_COOKIE, 'WP Cookie check', 0, COOKIEPATH, COOKIE_DOMAIN, $secure );

if ( SITECOOKIEPATH !== COOKIEPATH ) {
  setcookie( TEST_COOKIE, 'WP Cookie check', 0, SITECOOKIEPATH, COOKIE_DOMAIN, $secure );
}

if ( isset( $_GET['wp_lang'] ) ) {
  setcookie( 'wp_lang', sanitize_text_field( $_GET['wp_lang'] ), 0, COOKIEPATH, COOKIE_DOMAIN, $secure );
}


/**
 * Fires when the login form is initialized.
 *

 View on GitHub View on Trac

Called by

    Invoked by

      Calls

      API Letters: ,,