Upstream
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

When auth_redirect() detects a logged out user and the target 

page was about.php?updated, then issue a message welcoming them.

This is to prevent it from being so jolting if you are taken to
the login screen after an update.

In WordPress 3.4, the changes to wp_salt() provide for extra
security, but will cause a log-out for any installs without 8
unique keys and salts in wp-config.php (with some exceptions).
Properly re-issuing cookies, even for the logged in user, is
not easily doable via admin/includes/update-core.php, as that
file is included long after the headers are sent.

see #19599.



git-svn-id: http://core.svn.wordpress.org/trunk@20887 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
nacin 2012-05-24 21:22:09 +00:00
parent c3e7ce5320
commit 9f97ddf45c
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
wp-login.php
View File

@ -634,6 +634,8 @@ default:
$errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
elseif ( $interim_login )
$errors->add('expired', __('Your session has expired. Please log-in again.'), 'message');
elseif ( strpos( $redirect_to, 'about.php?updated' ) )
$errors->add('updated', __( '<strong>You have successfully updated WordPress!</strong> Please log back in to experience the awesomeness.' ), 'message' );
// Clear any stale cookies.
if ( $reauth )