I'm trying to create a custom login page for a custom user page, but I can't get wordpress to stop redirecting the word login to wp-login.php.
Setup is pretty simple, I'm adding a rule that looks like this. account/login/?$ that yields to index.php?account=login. I also setup my rewrite tag for that custom query var. I have a couple other rules setup and they all work properly.
When I use monkey man's rewrite analyzer everything points properly, but on the front end any time I enter login into the url it redirects me to wp-login.php. It doesn't matter what segment it is entered at. so /login, /account/login, /dogs/bulldogs/login.... all redirect to wp-login.php
As far as I can tell there aren't any other rewrite rules containing login. So i'm at a loss.
As a last piece of info, i'm working in wp 3.6
Any advise or ideas would be greatly appreciated.
I'm facing the exact same problem. Google wasn't being very helpful, so I had the need to dig in. :)
Right on top of the wp-includes/template-loader.php file, you find this little snippet of code:
if ( defined('WP_USE_THEMES') && WP_USE_THEMES )
do_action('template_redirect');
If you inspect what functions are hooked to that action at that time, you'll find a reference to the wp_redirect_admin_locations function (both the hook and the function are declared on the /wp-includes/canonical.php file - line 526).
Within the wp_redirect_admin_locations function, you'll find this:
$logins = array(
home_url( 'wp-login.php', 'relative' ),
home_url( 'login', 'relative' ),
site_url( 'login', 'relative' ),
);
if ( in_array( untrailingslashit( $_SERVER['REQUEST_URI'] ), $logins ) ) {
wp_redirect( site_url( 'wp-login.php', 'login' ) );
exit;
}
An easy solution for the problem, would be to hook a function of yours to the *wp_redirect* filter. Something like this (within your functions.php):
add_filter('wp_redirect', 'yourprefix_filter_login_redirect', 10, 2);
function yourprefix_filter_login_redirect($location, $status)
{
$uri = trim($_SERVER['REQUEST_URI'], '/');
if ($uri === 'login') {
return false;
}
return $location;
}
So... The *wp_redirect_admin_locations* terminates the script after trying to preform the redirect, so the solution above won't work.
The only other solution I'm seeing right now is to bypass the function all together which kind of sucks. All the other redirects defined within that function, will be lost all together...
Anyway, what I've ended up using:
add_action(
'init',
function() {
remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
}
);
Building on top of Diogos great answer, you can even disable the /login redirect without losing the other redirects. I just posted this solution on WPSE: Disable "/login" redirect
Related
Trying to debug an issue on my WordPress site where using wp_login_url() both in templates and emails doesn't return the full URL.
It returns "/login/" instead of "https://sitename.com/login"
Any idea how to fix this?
I think something changed your login url if your not getting wp-login.php.
Anyway you can add anything after your site url by using this function
site_url('anything')
for your url
site_url(wp_login_url())
or (I prefer this)
site_url('login')
For adding filter to your login url , you can use this code (I don't suggest this way)
function filter_login_url( $login_url ) {
return site_url( $login_url );
}
add_filter( 'login_url', 'filter_login_url', 10, 3 );
Wordpress at the moment return a random page when visiting, for example, https://www.examplewebsite.com/?p=bdmvxmqa
At the moment it doesn't return a 404 and I'd like to correct it. But I cuouldn't find where to look into the code.
Wordpress usually redirects to the closest matching page title. (at least it used to way back when I was working with WordPress).
Try adding this line to functions.php to turn off this feature:
remove_filter('template_redirect', 'redirect_canonical');
If this is an old URL structure then you could redirect all ?p requests to your homepage or similar with the below function:
function rusty_redirect_query() {
global $wp;
$wp->add_query_var('p');
if(get_query_var('p')) {
wp_redirect( home_url( '/page/to/redirect/' ) );
}
exit();
}
add_action( 'template_redirect', 'rusty_redirect_query' );
I feel stupid for trying this and not realising what would happen.
Anyway.
Using the wp_redirect function...
if( current_user_can('administrator') ) {
$url = "https://example.com";
wp_redirect( $url );
}
...I want anyone with the role of 'administrator' to be redirected to the homepage when they login. Seems easy enough.
But the problem is that any consequent attempt to go to WP admin (not just after they login, but any time) will result in the administrator being redirected to the homepage effectively 'locking' them out of WP admin.
So I guess my question is, is it possible to redirect an administrator to the homepage when they login, but only immediately after they login? And any consequent attempt to go to /wp-admin/ would let them in?
This code should solve your problem.You can add this code in functions.php.I tested and confirmed its working for me.
function admin_redirection_page() {
return 'https://example.com';
}
add_filter('login_redirect', 'admin_redirection_page');
I think you have to fire the above code in hook wp_login.
Example:
function your_function() {
$url = "https://example.com";
wp_redirect( $url );
die();
}
add_action('wp_login', 'your_function');
Also we have use die() whenever we want to redirect.
Thank You
Does anyone know a way (or plugin) that would allow me to automatically redirect users to another page, based on their assigned user role, if they try accessing the main /wp-admin page?
The tricky part is (I guess), is that I still need them to be able to access sub-admin pages (ie. mysite.com/wp-admin/edit.php) -- it would only redirect them if they tried going to the main/dashboard page, mysite.com/wp-admin
I've recently had the problem where I needed to redirect multiple pages. The following code will check the roles you want to redirect ($valid-roles) and if not valid redirect to a given URL... in this case its /access-denied/.
Note: The page ID's in the array list of pages to re-direct.
add_action( 'template_redirect', 'role_based_redirect' );
function role_based_redirect() {
if( is_page( array( 1488, 2413, 2379, 2265, 2396, 2370, 2366, 4600 ) ) ) { //check the list of "corporate" pages
$user = wp_get_current_user();
$valid_roles = [ 'administrator', 'corporate', 'editor' ];
$the_roles = array_intersect( $valid_roles, $user->roles );
// The current user does not have any of the 'valid' roles.
if ( empty( $the_roles ) ) {
wp_redirect( home_url( '/access-denied/' ) );
exit;
}
}
}
There are many ways you can set the URL redirect to a different link by role on your WordPress page, you may use a plugin or you can also build a plugin to customize it specifically on your own way follow this link for that instruction but I believe as a second and better option this plugin right here might be easy for you might help you as well.
Good luck
I'm setting up a WooCommerce shop for a client and he has requested that the user be redirected back to the login form after the reset password form has been submitted.
Is this possible? Which function controls this?
Thanks in advance.
A much cleaner solution is to redirect using the woocommerce_customer_reset_password action:
function woocommerce_new_pass_redirect( $user ) {
wp_redirect( get_permalink(woocommerce_get_page_id('myaccount')));
exit;
}
add_action( 'woocommerce_customer_reset_password', 'woocommerce_new_pass_redirect' );
This code can be placed in functions.php.
Someone asked me about doing this and I think I'm going to talk them out of it, but here's what I came up with so that you could see the message and then be redirected in 5 seconds. Add a message/link to let them know you'll be redirecting. Plus, this will last through a WooCommerce upgrade if you add the template file to your theme
Add the form-lost-password.php template file to your theme and add the following code:
if ( $_GET[reset] = true && ( 'lost_password' == $args['form']) ) {
$my_account_url = get_site_url() . '/my-account';
echo "<script>window.setTimeout(function(){window.location.replace('$my_account_url')}, 5000)</script>";
}
If you dont want the time delay get rid of the window.setTimeout() and just use window.location.replace('$my_account_url').
I'm just facing the same question. I think the function that controls this is in the file woocommerce/includes/class-wc-form-handler.php. I changed the following line:
wp_redirect( add_query_arg( 'reset', 'true', remove_query_arg( array( 'key', 'login' ) ) ) );
with
wp_redirect( get_permalink( get_option('woocommerce_myaccount_page_id') ) );
With that change, you get redirected to the my-account page, where the customer can log in, but of course there are two problems doing that:
The customer gets no message the the password recovery was successful
Doing a WooCommerce update, the file gets overwritten with the original file
Would be great, if someone could come up with a "update-secure" solution.
Best regards
Christoph