Don't reveal username when login failed on valid email login
This commit is contained in:
parent
ec0783f382
commit
230301e6da
|
@ -794,7 +794,9 @@ class WC_Form_Handler {
|
|||
$user = wp_signon( apply_filters( 'woocommerce_login_credentials', $creds ), $secure_cookie );
|
||||
|
||||
if ( is_wp_error( $user ) ) {
|
||||
throw new Exception( $user->get_error_message() );
|
||||
$message = $user->get_error_message();
|
||||
$message = str_replace( '<strong>' . esc_html( $creds['user_login'] ) . '</strong>', '<strong>' . esc_html( $_POST['username'] ) . '</strong>', $message );
|
||||
throw new Exception( $message );
|
||||
} else {
|
||||
|
||||
if ( ! empty( $_POST['redirect'] ) ) {
|
||||
|
|
Loading…
Reference in New Issue