Failed/blank login redirect
hexagongirl opened this issue · comments
Currently on failed/blank login, the user is redirected to /wp-login.php.
Is there any reason why this plugin doesn't use something like the following to redirect instead to the current page with an error message? (kind of like the WooCommerce login does) - perhaps with a tickbox option in widget settings?
add_action( 'wp_login_failed', 'custom_front_end_login_fail' ); // hook failed login
function custom_front_end_login_fail( $username ) {
$redirect = esc_url($_SERVER['HTTP_REFERER']);
// if there's a valid referrer, and it's not the default log-in screen
if ( !empty($redirect) && !strstr($redirect,'wp-login') && !strstr($redirect,'wp-admin') ) {
if ( !strstr($redirect,'login=failed') ) { // don’t append twice
if(!strstr($redirect, '?')){
wp_redirect( $redirect . '?login=failed' );
} else {
wp_redirect( $redirect . '&login=failed' );
}
} else {
wp_redirect( $redirect );
}
exit;
}
}
add_filter('authenticate', 'custom_blank_authenticate', 40, 3); // blank log in - username and/or password field(s) blank
function custom_blank_authenticate($user, $username, $password) {
$redirect = esc_url($_SERVER['HTTP_REFERER']);
// if front end login AND either username or password are blank
if ( !empty($redirect) && !strstr($redirect,'wp-login') && !strstr($redirect,'wp-admin') && ($username==null || $password==null) ) {
if ( !strstr($redirect,'login=failed') ) { // don’t append twice
if(!strstr($redirect, '?')){
wp_redirect( $redirect . '?login=failed' );
} else {
wp_redirect( $redirect . '&login=failed' );
}
} else {
wp_redirect( $redirect );
}
exit;
}
else {
return $user;
}
}
Maybe you have a javascript error on site preventing the ajax from running? It shows an error message on blank/error.
@hexagongirl - Do you have FORCE_SSL_LOGIN enabled in your wp-config.php file, like I do? If so, the Ajax code will not run if the widget is on a non-ssl page.
I do the following:
add_action('login_head', array(&$this, 'login_redirect'));
function login_redirect()
{
global $errors;
global $woocommerce;
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$redirect_to = 'http://' . $_SERVER['HTTP_HOST'] . "/";
} else {
$woocommerce->session->login_error = $errors;
if (isset($_POST['redirect_to'])) {
$redirect_to = $_POST['redirect_to'];
} elseif (isset($_SERVER['HTTP_REFERER'])) {
$redirect_to = $_SERVER['HTTP_REFERER'];
} else {
$redirect_to = 'http://' . $_SERVER['HTTP_HOST'] . "/";
}
}
wp_redirect($redirect_to);
}