Code cleanup and some fixes from the WP Japan folks.

git-svn-id: http://svn.automattic.com/wordpress/trunk@1734 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/functions-user.php

@@ -1,42 +1,33 @@
 <?php
 
-function verify_login($user, $password) {
-	global $wpdb;
-	$user = $wpdb->escape($user);
-	$password = $password;
+function login($username, $password, $already_md5 = false) {
+	global $wpdb, $error;
+	if ( !$already_md5 )
+		$pwd = md5($password);
 
-	if ( $user = $wpdb->get_row("SELECT user_login, user_pass FROM $wpdb->users WHERE user_login = '$user'") ) {
-		if ( $user->user_pass = md5($password) )
+	if ( !$username )
+		return false;
+
+	if ( !$password ) {
+		$error = __('<strong>Error</strong>: The password field is empty.');
+		return false;
+	}
+
+	$login = $wpdb->get_row("SELECT ID, user_login, user_pass FROM $wpdb->users WHERE user_login = '$username'");
+
+	if (!$login) {
+		$error = __('<strong>Error</strong>: Wrong login.');
+		$pwd = '';
+		return false;
+	} else {
+
+		if ( $login->user_login == $username && $login->user_pass == $pwd ) {
 			return true;
-		else
+		} else {
+			$error = __('<strong>Error</strong>: Incorrect password.');
+			$pwd = '';
 			return false;
-	} else {
-		return false;
-	}
-}
-
-function verify_current() {
-	if (!empty($_COOKIE['wordpressuser_' . COOKIEHASH])) {
-		$user_login = $_COOKIE['wordpressuser_' . COOKIEHASH];
-		$user_pass = $_COOKIE['wordpresspass_' . COOKIEHASH];
-	} else {
-		return false;
-	}
-
-	if ('' == $user_login)
-		return false;
-	if ('' == $user_pass)
-		return false;
-
-	if ( verify_login($user_login, $user_pass) ) {
-		return true;
-	} else {
-		header('Expires: Wed, 11 Jan 1984 05:00:00 GMT');
-		header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
-		header('Cache-Control: no-cache, must-revalidate');
-		header('Pragma: no-cache');
-		header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']) );
-		exit();
+		}
 	}
 }