WordPress:使用重写页面获取URL变量(登录页面)

时间:2013-06-26 01:19:12

标签: wordpress login

作为大型项目的一部分,我尝试在以下地址进行所有登录活动:

www.url.com/login

因此,可以在以下位置找到一个链接,该链接应该会导致用户重置密码的表单:

www.url.com/login?action=lostpassword

但是,wp-login.php没有正确读取此内容,当我转到上述地址时,我会获得正常的登录表单。

这就是我设置它的方式:

add_action( 'init', 'add_virtual_page_template' );
function add_virtual_page_template()
{
    global $wp, $wp_rewrite;

    $wp->add_query_var( 'template' );

    add_rewrite_endpoint( 'login', EP_PERMALINK | EP_PAGES );
    add_rewrite_rule( 'login/?', 'index.php?template=login', 'top' );

    add_rewrite_rule( 'login/?', 'index.php?template=login', 'top' );

    $wp_rewrite->flush_rules();
}

add_action( 'template_redirect', 'add_virtual_page_redirect' );
function add_virtual_page_redirect()
{
    global $wp;

    $queryvar = get_query_var('template');

    if ($queryvar && $queryvar == 'login')
    {
        include(site_url('wp-login.php'));
        exit();
    }

    if ($queryvar == 'mylogin')
    {
        include( get_stylesheet_directory() . '/page-login.php' );
        exit();
    }
}

我错过了什么?

1 个答案:

答案 0 :(得分:1)

以下是构建WordPress for Web Apps工具包(https://github.com/cferdinandi/web-app-starter-kit)时的处理方法:

// LOGIN FORM SHORTCODE

function wpwebapp_login() {

    // Get current page URL
    $url_current  = @( $_SERVER["HTTPS"] != 'on' ) ? 'http://'.$_SERVER["SERVER_NAME"] :  'https://'.$_SERVER["SERVER_NAME"];
    $url_current .= ( $_SERVER["SERVER_PORT"] !== 80 ) ? ":".$_SERVER["SERVER_PORT"] : "";
    $url_current .= $_SERVER["REQUEST_URI"];
    $url_clean = array_shift( explode('?', $url_current) );
    $login_failed = $url_clean . '?login=failed';
    $signup_success = $url_clean . '?signup=success';
    $reset_success = $url_clean . '?password-reset=success';

    // Variables
    $login_status = '';

    // If login failed
    if ( $url_current == $login_failed ) {
        $login_status = '<div class="alert alert-red">Invalid username or password. Please try again.</div>';
    }

    // If password reset
    if ( $url_current == $signup_success ) {
        $login_status = '<div class="alert alert-green"><strong>Success!</strong> We just sent you an email with your password.</div>';
    }

    // If password reset
    if ( $url_current == $reset_success ) {
        $login_status = '<div class="alert alert-green">Your password was successfully reset. We just emailed you a new one.</div>';
    }

    // The login form
    $form = 
        $login_status .
        '<form name="login" id="wp_login_form" action="' . get_option('home') . '/wp-login.php" method="post">
            <div>
                <label for="username">Username</label>
                <input type="text" name="log" id="log" value="" tabindex="1" autofocus>
            </div>
            <div>
                <label for="password">Password</label>
                <input type="password" name="pwd" id="pwd" value="" tabindex="2">
            </div>
            <div>
                <label>
                    <input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90" checked>
                    Remember Me
                </label>
            </div>
            <div>
                <button type="submit" name="wp-submit" id="wp-submit" tabindex="100" class="btn btn-blue">Log In</button><br>
                <a href="' . $url_clean . 'password-reset/">Forgot your password?</a>
                <input type="hidden" name="action" value="login">
                <input type="hidden" name="redirect_to" value="' . get_option('home') . '">
                <input type="hidden" name="testcookie" value="1">
            </div>
        </form>';

    // Display the form
    return $form;
}
add_shortcode( 'loginform', 'wpwebapp_login' );



// FAILED LOGIN REDIRECT

add_action('login_redirect', 'redirect_login', 10, 3);
function redirect_login($redirect_to, $url, $user) {

    // URL Variables
    $referrer = $_SERVER['HTTP_REFERER'];
    $url_clean = array_shift( explode('?', $referrer) );
    $login_failed = $url_clean . '?login=failed';

    // If the post submission is a valid page that's not the backend login screen
    if(!empty($referrer) && !strstr($referrer,'wp-login') && !strstr($referrer,'wp-admin')) {
        // If the password is empty...
        if($user->errors['empty_password']){
            wp_redirect($login_failed);
        }
        // If the username is empty...
        else if($user->errors['empty_username']){
            wp_redirect($login_failed);
        }
        // If the username is invalid...
        else if($user->errors['invalid_username']){
            wp_redirect($login_failed);
        }
        // If the password is incorrect...
        else if($user->errors['incorrect_password']){
            wp_redirect($login_failed);
        }
        // Catch all for all other issues
        else {
                wp_redirect(get_option('home'));
        }
        exit;
    }

    // Prevents page from hanging when redirected from backend
    if ( !empty($referrer) && ( strstr($referrer,'wp-login') || strstr($referrer,'wp-admin')) ) {
            wp_redirect(get_option('home'));
            exit;
    }

}



// BLOCK BACKEND ACCESS FOR NON-ADMINS

add_action( 'init', 'blockusers_init' );
function blockusers_init() {
    // If accessing the admin panel and not an admin
    if ( is_admin() && !current_user_can('level_10') ) {
        // Redirect to the homepage
        wp_redirect( home_url() );
        exit;
    }
}

通过此设置,您可以阻止用户重定向到后端(不幸的副作用:如果您未登录,则需要先从前端登录)。您可以根据情况等添加自定义错误消息。您只需使用[loginform]短代码即可将其添加到页面中。

WordPress for Web Apps工具包具有此类功能,可用于密码重置,注册表单等,因此您可能需要查看它。去年我在一个正在进行的项目中经历了同样的学习过程。

相关问题
最新问题