Updates to wp_login_url() and wp_logout_url(). Use them in more places. Props wnorris. fixes #9536

git-svn-id: http://svn.automattic.com/wordpress/trunk@10931 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-content/themes/classic/comments.php

@@ -42,7 +42,7 @@ if ( post_password_required() ) : ?>
 <h2 id="postcomment"><?php _e('Leave a comment'); ?></h2>
 
 <?php if ( get_option('comment_registration') && !$user_ID ) : ?>
-<p><?php printf(__('You must be <a href="%s">logged in</a> to post a comment.'), get_option('siteurl')."/wp-login.php?redirect_to=".urlencode(get_permalink()));?></p>
+<p><?php printf(__('You must be <a href="%s">logged in</a> to post a comment.'), wp_login_url( get_permalink() ) );?></p>
 <?php else : ?>
 
 <form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform">

wp-content/themes/default/comments.php

@@ -57,7 +57,7 @@
 </div>
 
 <?php if ( get_option('comment_registration') && !$user_ID ) : ?>
-<p>You must be <a href="<?php echo get_option('siteurl'); ?>/wp-login.php?redirect_to=<?php echo urlencode(get_permalink()); ?>">logged in</a> to post a comment.</p>
+<p>You must be <a href="<?php echo wp_login_url( get_permalink() ); ?>">logged in</a> to post a comment.</p>
 <?php else : ?>
 
 <form action="<?php echo get_option('siteurl'); ?>/wp-comments-post.php" method="post" id="commentform">

wp-includes/comment-template.php

@@ -984,7 +984,7 @@ function get_comment_reply_link($args = array(), $comment = null, $post = null)
 	$link = '';
 
 	if ( get_option('comment_registration') && !$user_ID )
-		$link = '<a rel="nofollow" href="' . site_url('wp-login.php?redirect_to=' . get_permalink()) . '">' . $login_text . '</a>';
+		$link = '<a rel="nofollow" href="' . wp_login_url( get_permalink() ) . '">' . $login_text . '</a>';
 	else
 		$link = "<a rel='nofollow' class='comment-reply-link' href='" . wp_specialchars( add_query_arg( 'replytocom', $comment->comment_ID ) ) . "#" . $respond_id . "' onclick='return addComment.moveForm(\"$add_below-$comment->comment_ID\", \"$comment->comment_ID\", \"$respond_id\", \"$post->ID\")'>$reply_text</a>";
 	return apply_filters('comment_reply_link', $before . $link . $after, $args, $comment, $post);
@@ -1035,7 +1035,7 @@ function get_post_reply_link($args = array(), $post = null) {
 		return false;
 
 	if ( get_option('comment_registration') && !$user_ID ) {
-		$link = '<a rel="nofollow" href="' . site_url('wp-login.php?redirect_to=' . get_permalink()) . '">' . $login_text . '</a>';
+		$link = '<a rel="nofollow" href="' . wp_login_url( get_permalink() ) . '">' . $login_text . '</a>';
 	} else {
 		$link = "<a rel='nofollow' class='comment-reply-link' href='" . get_permalink($post->ID) . "#$respond_id' onclick='return addComment.moveForm(\"$add_below-$post->ID\", \"0\", \"$respond_id\", \"$post->ID\")'>$reply_text</a>";
 	}

wp-includes/functions.php

@@ -2317,7 +2317,7 @@ function wp_nonce_ays( $action ) {
 	if ( wp_get_referer() )
 		$html .= "</p><p><a href='" . remove_query_arg( 'updated', clean_url( wp_get_referer() ) ) . "'>" . __( 'Please try again.' ) . "</a>";
 	elseif ( 'log-out' == $action )
-		$html .= "</p><p>" . sprintf( __( "Do you really want to <a href='%s'>log out</a>?"), wp_nonce_url( site_url('wp-login.php?action=logout', 'login'), 'log-out' ) );
+		$html .= "</p><p>" . sprintf( __( "Do you really want to <a href='%s'>log out</a>?"), wp_logout_url() );
 
 	wp_die( $html, $title);
 }

wp-includes/general-template.php

@@ -154,14 +154,20 @@ function wp_loginout() {
  * @since 2.7
  * @uses wp_nonce_url() To protect against CSRF
  * @uses site_url() To generate the log in URL
+ * @uses apply_filters() calls 'logout_url' hook on final logout url
  *
  * @param string $redirect Path to redirect to on logout.
  */
 function wp_logout_url($redirect = '') {
-	if ( strlen($redirect) )
-		$redirect = "&redirect_to=$redirect";
+	$args = array( 'action' => 'logout' );
+	if ( !empty($redirect) ) {
+		$args['redirect_to'] = $redirect;
+	}
 
-	return wp_nonce_url( site_url("wp-login.php?action=logout$redirect", 'login'), 'log-out' );
+	$logout_url = add_query_arg($args, site_url('wp-login.php', 'login'));
+	$logout_url = wp_nonce_url( $logout_url, 'log-out' );
+
+	return apply_filters('logout_url', $logout_url, $redirect);
 }
 
 /**
@@ -171,14 +177,18 @@ function wp_logout_url($redirect = '') {
  *
  * @since 2.7
  * @uses site_url() To generate the log in URL
+ * @uses apply_filters() calls 'login_url' hook on final login url
  *
  * @param string $redirect Path to redirect to on login.
  */
 function wp_login_url($redirect = '') {
-	if ( strlen($redirect) )
-		$redirect = "?redirect_to=$redirect";
+	$login_url = site_url('wp-login.php', 'login');
 
-	return site_url("wp-login.php$redirect", 'login');
+	if ( !empty($redirect) ) {
+		$login_url = add_query_arg('redirect_to', $redirect, $login_url);
+	}
+
+	return apply_filters('login_url', $login_url, $redirect);
 }
 
 /**

wp-includes/pluggable.php

@@ -750,7 +750,7 @@ function auth_redirect() {
 
 	$redirect = ( strpos($_SERVER['REQUEST_URI'], '/options.php') && wp_get_referer() ) ? wp_get_referer() : $proto . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
 
-	$login_url = site_url( 'wp-login.php?redirect_to=' . urlencode( $redirect ), 'login' );
+	$login_url = wp_login_url($redirect);
 
 	wp_redirect($login_url);
 	exit();
@@ -1102,7 +1102,7 @@ function wp_new_user_notification($user_id, $plaintext_pass = '') {
 
 	$message  = sprintf(__('Username: %s'), $user_login) . "\r\n";
 	$message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";
-	$message .= site_url("wp-login.php", 'login') . "\r\n";
+	$message .= wp_login_url() . "\r\n";
 
 	wp_mail($user_email, sprintf(__('[%s] Your username and password'), get_option('blogname')), $message);