Ticket #4188 (closed defect: worksforme)

Opened 1 year ago

Last modified 1 year ago

redirect_to within wp-login.php breaks with an authentication failure

Reported by: oaoao Assigned to: anonymous
Priority: normal Milestone:
Component: General Version: 2.1.3
Severity: normal Keywords:
Cc:

Description

When submitting from an external form to wp-login.php:

<form action="/wp-login.php?redirect_to=%2F" method="post">

everything operates normally if the user is authenticated on the first try. He is properly redirected to the redirect_to URL, which is "/" in this case.

However, if the login attempt failed on the first try, and a user is passed to the Wordpress login page, redirect_to seems to be lost in the new form, and the user will be redirected to his profile page.

Change History

04/24/07 20:32:13 changed by foolswisdom

  • milestone changed from 2.1.4 to 2.4.

(in reply to: ↑ description ) 04/26/07 01:45:45 changed by gerbennn

I'm unable to replicate this bug. ENV:2.1.3
After the first request the form gets a hidden input with the value. 

<input type="hidden" name="redirect_to" value="/" />

It's carryed on to every time the page loads

05/19/07 00:10:25 changed by ryan

  • status changed from new to closed.
  • resolution set to fixed.

(In [5487]) Fix tinymce colorpicker. Props azaozz. fixes #4188 for 2.3

05/19/07 00:12:30 changed by ryan

  • status changed from closed to reopened.
  • resolution deleted.

Oops, committed to wrong bug. Ignore that commit message.

05/19/07 22:49:12 changed by markjaquith

  • status changed from reopened to closed.
  • resolution set to worksforme.
  • milestone deleted.

Cannot recreate, either with "Subscriber" or "Admin" account. Both types carry the redirect_to value on invalid logins and redirect to that URL after a successful login (following an indefinitely long chain of unsuccessful logins).