This code snippet demonstrates how to redirect a user back to a desired page after any WordPress failed logins.
Adding a log-in form to the front end of WordPress is pretty easy. WordPress 3.0 gave us the flexible wp_login_form() function, which displays a log-in form that can be customized with a number of arguments. By default, it will redirect the user back to the current page upon successful authentication, but we can also customize the redirect location.
How to Redirect WordPress Failed Logins
Redirect WordPress Failed Logins back to homepage
If you wish to redirect the user back to your blog homepage use the below code
1 2 |
// will redirect back to the blog's home page wp_login_form(array('redirect'=> site_url())); |
// will redirect back to the blog's home page
wp_login_form(array('redirect'=> site_url()));
Redirect WordPress Failed Logins to custom location
There’s just one problem with the above code; it will only redirect upon successful authentication! If your idea was to hide the default WordPress log-in screen, then sending users who fail at a log-in attempt back to the default log-in screen probably isn’t ideal. Here’s a hook and some code that you can put in your functions.php file that will redirect failed logins to any location of your choosing.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
// hook failed login add_action('wp_login_failed', 'my_front_end_login_fail'); function my_front_end_login_fail($username){ // Get the reffering page, where did the post submission come from? $referrer = $_SERVER['HTTP_REFERER']; // if there's a valid referrer, and it's not the default log-in screen if(!empty($referrer) && !strstr($referrer,'wp-login') && !strstr($referrer,'wp-admin')){ // let's append some information (login=failed) to the URL for the theme to use wp_redirect($referrer . '?login=failed'); exit; } } |
// hook failed login
add_action('wp_login_failed', 'my_front_end_login_fail');
function my_front_end_login_fail($username){
// Get the reffering page, where did the post submission come from?
$referrer = $_SERVER['HTTP_REFERER'];
// if there's a valid referrer, and it's not the default log-in screen
if(!empty($referrer) && !strstr($referrer,'wp-login') && !strstr($referrer,'wp-admin')){
// let's append some information (login=failed) to the URL for the theme to use
wp_redirect($referrer . '?login=failed');
exit;
}
}
8 Responses to How to Redirect WordPress Failed Logins
I modified this slightly so that you don’t end up making the addition of ‘?login=failed’ useless if the users try to login repeatedly. As it is above, if a user fails to log in and then tries again with bad data, he is then returned to $referrer . ‘?login=failed’, which means the URL will look something like http://www.foo.com/?login=failed?login=failed, and since you’ve declared the variable twice in the URL, any if statements you used to get the variable from $_GET won’t work any more.
A simple modification fixes the issue:
add_action( ‘wp_login_failed’, ‘my_front_end_login_fail’ ); // hook failed login
function my_front_end_login_fail( $username ) {
$referrer = $_SERVER['HTTP_REFERER']; // where did the post submission come from?
// if there’s a valid referrer, and it’s not the default log-in screen
if ( !empty($referrer) && !strstr($referrer,’wp-login’) && !strstr($referrer,’wp-admin’) ) {
if ( !strstr($referrer,’?login=failed’) ) { // make sure we don’t append twice
wp_redirect( $referrer . ‘?login=failed’ ); // let’s append some information (login=failed) to the URL for the theme to use
} else {
wp_redirect( $referrer );
}
exit;
}
}
Thanks for writing this code though, it helped me a lot in a project I just finished! Cheers!
how about when the fields are null? BTW: thanks for this code
You are welcome. To check for null fields you will need to extend the function to add the validation rules for null fields.
Hi,
I’m a total novice.
Really useful code, thanks, but could anyone tell me how to make it work for empty fields?
Thanks
this code redirects if the inputs are empty:
add_action( ‘authenticate’, ‘my_custom_function’);
function my_custom_function(){
$referrer = $_SERVER['HTTP_REFERER'];
if ( strstr($referrer,’login1′) && $user==null ) { // login1 is the name of the loginpage.
wp_redirect( $referrer . ‘?login=leer’ );
}
}
Hello guys, thank you for the tip.
But i don’t know where to copy/paste your code ?
I put it in wp-includes/functions.php and it does not work and try to put it in my theme directory/functions.php but does not work too…
I am running wordpress 3.4.1
Thank you for your help
Any extra code that you add to WordPress goes into the “functions.php” located inside your current theme directory.
The functions file belongs in here: “wp-content/themes/your-current-theme/functions.php”.
In no way should you modify the core WordPress files.
Try deleting the code from where you have added it and add it the the functions.php instructed above.
Broady
It is better to use add_query_arg() to build URL with arguments.
More in Codex: http://codex.wordpress.org/Function_Reference/add_query_arg
That way you can remove condition:
if ( !strstr( $referrer, ‘?login=failed’ ) ) {…}
For ex:
wp_redirect( add_query_arg( array( ‘login’ => ‘failed’ ), $referrer ) ); // let’s append some information (login=failed) to the URL for the theme to use