HostForge-Systems/wordpress
Template
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Login and Registration: Populate username after password reset.

Browse Source 
Accessibility: to meet WCAG 2.2/3.3.7: Redundant entry, the username should be auto-populated when a user performs a password reset.

There is an existing cookie set that contains this information, but was deleted before displaying the login form.

Move cookie deletion to occur after displaying login form and use to set `$user_login`. 

Props estelaris, alh0319, sabernhardt, oglekler, peterwilsoncc, rcreators, rishavdutta, chaion07, stoyangeorgiev, rinkalpagdar, pratiklondhe, lukasfritzedev, ferdoused, audrasjb, westonruter, joedolson.
Fixes #60726.
Built from https://develop.svn.wordpress.org/trunk@61610


git-svn-id: http://core.svn.wordpress.org/trunk@60921 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
joedolson
2026-02-10 19:52:40 +00:00
parent 60e5bce8c2
commit 7ca72596fe
2 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wp-includes/version.php
View File

@@ -16,7 +16,7 @@
*
* @global string $wp_version
*/
$wp_version = '7.0-alpha-61609';
$wp_version = '7.0-alpha-61610';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.

9
wp-login.php
View File

@@ -1000,7 +1000,6 @@ switch ( $action ) {
if ( ( ! $errors->has_errors() ) && isset( $_POST['pass1'] ) && ! empty( $_POST['pass1'] ) ) {
reset_password( $user, $_POST['pass1'] );
setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
login_header(
__( 'Password Reset' ),
wp_get_admin_notice(
@@ -1487,6 +1486,14 @@ switch ( $action ) {
wp_clear_auth_cookie();
}
// Obtain user from password reset cookie flow before clearing the cookie.
$rp_cookie = 'wp-resetpass-' . COOKIEHASH;
if ( isset( $_COOKIE[ $rp_cookie ] ) && is_string( $_COOKIE[ $rp_cookie ] ) ) {
$user_login = sanitize_user( strtok( wp_unslash( $_COOKIE[ $rp_cookie ] ), ':' ) );
list( $rp_path ) = explode( '?', wp_unslash( $_SERVER['REQUEST_URI'] ) );
setcookie( $rp_cookie, ' ', time() - YEAR_IN_SECONDS, $rp_path, COOKIE_DOMAIN, is_ssl(), true );
}
login_header( __( 'Log In' ), '', $errors );
if ( isset( $_POST['log'] ) ) {