Avoid PHP notices in wp-login.php if password reset cookie is not set.

props mdawaffe.
see #29060.
Built from https://develop.svn.wordpress.org/trunk@29381


git-svn-id: http://core.svn.wordpress.org/trunk@29159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Sergey Biryukov 2014-08-06 02:17:15 +00:00
parent b61903f2bb
commit 444a25b375
1 changed files with 8 additions and 5 deletions

View File

@ -568,13 +568,16 @@ case 'rp' :
exit;
}
list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
if ( isset( $_COOKIE[ $rp_cookie ] ) && 0 < strpos( $_COOKIE[ $rp_cookie ], ':' ) ) {
list( $rp_login, $rp_key ) = explode( ':', wp_unslash( $_COOKIE[ $rp_cookie ] ), 2 );
$user = check_password_reset_key( $rp_key, $rp_login );
} else {
$user = false;
}
$user = check_password_reset_key( $rp_key, $rp_login );
if ( is_wp_error($user) ) {
if ( ! $user || is_wp_error( $user ) ) {
setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
if ( $user->get_error_code() === 'expired_key' )
if ( $user && $user->get_error_code() === 'expired_key' )
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=expiredkey' ) );
else
wp_redirect( site_url( 'wp-login.php?action=lostpassword&error=invalidkey' ) );