diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-06-27 11:03:10 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2006-06-27 11:03:10 +0000 |
| commit | 8db1e81228b0e295199f6e3ee8a99d223c48f8c2 (patch) | |
| tree | 131d8b23b9e939a9c23f24ec650b343efa918c5c /wp-login.php | |
| parent | 13aff523358403d08dc7fcb0d844a2e6c12df41a (diff) | |
| download | wordpress-mu-8db1e81228b0e295199f6e3ee8a99d223c48f8c2.tar.gz wordpress-mu-8db1e81228b0e295199f6e3ee8a99d223c48f8c2.tar.xz wordpress-mu-8db1e81228b0e295199f6e3ee8a99d223c48f8c2.zip | |
WP Merge
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@599 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-login.php')
| -rw-r--r-- | wp-login.php | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/wp-login.php b/wp-login.php index 86c5912..87c765f 100644 --- a/wp-login.php +++ b/wp-login.php @@ -30,7 +30,7 @@ case 'logout': $redirect_to = 'wp-login.php'; if ( isset($_REQUEST['redirect_to']) ) - $redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $_REQUEST['redirect_to']); + $redirect_to = $_REQUEST['redirect_to']; wp_redirect($redirect_to); exit(); @@ -173,7 +173,6 @@ default: $redirect_to = 'wp-admin/'; else $redirect_to = $_REQUEST['redirect_to']; - $redirect_to = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $redirect_to); if( $_POST ) { $user_login = $_POST['log']; @@ -242,7 +241,7 @@ if ( $error ) { <?php _e('Remember me'); ?></label></p> <p class="submit"> <input type="submit" name="submit" id="submit" value="<?php _e('Login'); ?> »" tabindex="4" /> - <input type="hidden" name="redirect_to" value="<?php echo $redirect_to; ?>" /> + <input type="hidden" name="redirect_to" value="<?php echo wp_specialchars($redirect_to); ?>" /> </p> </form> <ul> |