Changeset 10844
- Timestamp:
- 03/25/2021 07:32:50 AM (4 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/common/includes/wporg-sso/wp-plugin.php
r10579 r10844 55 55 remove_action( 'after_password_reset', 'wp_password_change_notification' ); 56 56 57 // Disable the 'admin' user with a nicer message. Must be before authenticate_block_check. 58 add_filter( 'authenticate', array( $this, 'authenticate_admin_check' ), 4, 2 ); 59 57 60 add_filter( 'allow_password_reset', array( $this, 'disable_password_reset_for_blocked_users' ), 10, 2 ); 58 61 add_filter( 'authenticate', array( $this, 'authenticate_block_check' ), 5, 2 ); … … 83 86 add_filter( 'pre_site_option_registration', array( $this, 'inherit_registration_option' ) ); 84 87 return $value; 88 } 89 /** 90 * Checks if the authenticated is "admin" and returns a nicer error message. 91 * 92 * @param WP_User|WP_Error|null $user WP_User or WP_Error object if a previous 93 * callback failed authentication. 94 * @param string $user_login The user login attmpting to login. 95 * @return WP_User|WP_Error WP_User on success, WP_Error on failure. 96 */ 97 public function authenticate_admin_check( $user, $user_login ) { 98 99 if ( 'admin' === $user_login ) { 100 101 // Returning a WP_Error from an authenticate filter doesn't block auth, as a later hooked item can return truthful. 102 remove_all_actions( 'authenticate' ); 103 104 return new WP_Error( 105 'admin_wrong_place', 106 sprintf( 107 '<strong>%s</strong><br><br>%s', 108 __( 'Are you in the right place?', 'wporg' ), 109 __( 'This login form is for the WordPress.org website, rather than your personal WordPress site.', 'wporg' ) 110 ) 111 ); 112 } 113 114 return $user; 85 115 } 86 116
Note: See TracChangeset
for help on using the changeset viewer.