Force homepage login while hiding wp-login.php
-
After hours of attempts, and countless articles dating back over a decade I nearly have this working 100%. Essentially as the title mentions I have a homepage (much like facebook), with a buddypress registration form and menu login.
The login form is using the wp-login.php to $POST vars (until 4.5 is released it appears this how this is to be done since). I do not want access to the site unless logged in, and I preferably don’t want wp-login.php ever seen. Here are the following precautions I have in place so far:
# Force Redirect on WP default login page add_action('init', array( $this, 'prevent_wp_login') ); function prevent_wp_login() { global $pagenow; # Check if a $_GET['action'] is set, and if so, load it into $action variable echo $action = (isset($_GET['action'])) ? $_GET['action'] : ''; if( $pagenow == 'wp-login.php' && ( ! $action || ( $action && ! in_array($action, array('login', 'logout', 'lostpassword', 'rp'))))) { wp_redirect( get_home_url() ); exit(); } } add_action('template_redirect', array( $this, 'check_if_logged_in') ); function check_if_logged_in(){ if(!is_front_page() && !is_user_logged_in()) auth_redirect(); } # Redirect members to their profile page add_filter( 'bp_login_redirect', array( $this, 'redirect_to_profile'), 11, 3 ); public function redirect_to_profile( $redirect_to, $redirect_url_specified, $user ){ if( empty( $redirect_to ) ) $redirect_to = admin_url(); # if the user is not have contributor capabilities, redirect to his/her profile if( isset( $user->ID) && ! user_can( $user->ID, 'edit_posts' ) ) return bp_core_get_user_domain( $user->ID ); else return $redirect_to; }
With those snippets everything works as expected except when the user fails to login, then it goes to the wp-login.php and notifies them of a bad password. How can I notify them on my login form without being redirected to the wp-login.php screen?
- The topic ‘Force homepage login while hiding wp-login.php’ is closed to new replies.