Login and Registration: Simplify the test for wp_signon() added in [46640].

Make sure it actually tests the change in behavior, previously it passed both before and after the patch.

Add `wp_unslash()` to the last remaining instance of `$_POST['user_login']` that didn't have it.

See #38744.

git-svn-id: https://develop.svn.wordpress.org/trunk@46650 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov
2019-11-04 15:04:41 +00:00
parent c231bb4869
commit 20165c2ffb
3 changed files with 19 additions and 37 deletions

View File

@@ -373,7 +373,7 @@ function retrieve_password() {
$errors->add( 'invalid_email', __( '<strong>ERROR</strong>: There is no account with that username or email address.' ) );
}
} else {
$login = trim( $_POST['user_login'] );
$login = trim( wp_unslash( $_POST['user_login'] ) );
$user_data = get_user_by( 'login', $login );
}