Giters

mikejolley / sidebar-login

Easily add an ajax-enhanced login widget to your WordPress site sidebar.

Home Page:http://wordpress.org/extend/plugins/sidebar-login/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Failed/blank login redirect

hexagongirl opened this issue · comments

commented

Currently on failed/blank login, the user is redirected to /wp-login.php.

Is there any reason why this plugin doesn't use something like the following to redirect instead to the current page with an error message? (kind of like the WooCommerce login does) - perhaps with a tickbox option in widget settings?

add_action( 'wp_login_failed', 'custom_front_end_login_fail' );  // hook failed login
function custom_front_end_login_fail( $username ) {

    $redirect = esc_url($_SERVER['HTTP_REFERER']);

    // if there's a valid referrer, and it's not the default log-in screen

    if ( !empty($redirect) && !strstr($redirect,'wp-login') && !strstr($redirect,'wp-admin') ) {
        if ( !strstr($redirect,'login=failed') ) { // don’t append twice
            if(!strstr($redirect, '?')){
                wp_redirect( $redirect . '?login=failed' );
            } else {
                wp_redirect( $redirect . '&login=failed' );
            }
        } else {
            wp_redirect( $redirect );
        }
    exit;
    }
}

add_filter('authenticate', 'custom_blank_authenticate', 40, 3);  // blank log in - username and/or password field(s) blank
function custom_blank_authenticate($user, $username, $password) {

  $redirect = esc_url($_SERVER['HTTP_REFERER']);   
  // if front end login AND either username or password are blank
  if ( !empty($redirect) && !strstr($redirect,'wp-login') && !strstr($redirect,'wp-admin') && ($username==null || $password==null) ) {
    if ( !strstr($redirect,'login=failed') ) { // don’t append twice
        if(!strstr($redirect, '?')){
            wp_redirect( $redirect . '?login=failed' );
        } else {
            wp_redirect( $redirect . '&login=failed' );
        }
    } else {
        wp_redirect( $redirect );
    }
    exit;
  }
  else {
    return $user;
  }   
}
commented

Maybe you have a javascript error on site preventing the ajax from running? It shows an error message on blank/error.

commented

@hexagongirl - Do you have FORCE_SSL_LOGIN enabled in your wp-config.php file, like I do? If so, the Ajax code will not run if the widget is on a non-ssl page.

I do the following:

 add_action('login_head', array(&$this, 'login_redirect'));

  function login_redirect()
        {
            global $errors;
            global $woocommerce;

            if ($_SERVER['REQUEST_METHOD'] != 'POST') {
                $redirect_to = 'http://' . $_SERVER['HTTP_HOST'] . "/";
            } else {

                $woocommerce->session->login_error = $errors;

                if (isset($_POST['redirect_to'])) {
                    $redirect_to = $_POST['redirect_to'];
                } elseif (isset($_SERVER['HTTP_REFERER'])) {
                    $redirect_to = $_SERVER['HTTP_REFERER'];
                } else {
                    $redirect_to = 'http://' . $_SERVER['HTTP_HOST'] . "/";
                }
            }
            wp_redirect($redirect_to);
        }