Support » Plugins » Can you stop wp_login_form redirecting to wp-login on fail?

Viewing 12 replies - 1 through 12 (of 12 total)
  • Joshuwar


    Line 273 on includes.php (using WP 3.0.1) seems to control the redirect on login failure.

    <form name="' . $args['form_id'] . '" id="' . $args['form_id'] . '" action="' . site_url( 'wp-login.php', 'login' ) . '" method="post">

    Changing wp-login.php in the code above seems to have the behaviour I’m looking for.

    BUT! It’s never a good idea to hack the core, and I don’t know whether something else may break if I do this.

    What I’d really like to do is write a new function in my functions.php, to be inserted into wp_login_form(); on includes.php.

    Is that kind of thing possible? What’s the best course of action here? Can something on functions.php be made to override or add to existing core functions?

    You are right, never a good idea to mess around with the core.

    I see what you’re looking to do as I am trying to do the same. The process I am going to go with is to handle the login myself manually. There is a function called wp_signon, you pass it an array of arguments (username and password) and it returns a user object. My plan of action is to create the HTML form, submit it to my own process (could be handled by a plugin or a function in the theme) and use wp_signon to validate the login. I’ll then use is_wp_error (passing the user object) to determine if it passed or failed authentication. From there you can do whatever you want as far as handling failed logins (or good logins for that matter).

    In short – lookup wp_signon and is_wp_error in the codex.


    “And disrupts consistent brand experience”

    Looking at an alternative solution to this problem, you could always brand up the login page.

    Seems like there is no answer to this issue. It is however of great interest to be able to include all login behaviors (lost, fail, register) on a specific page !

    Any idea?

    A trick is to apply a template to your login.php page.

    Thanks for the replies, people.

    The thing I actually *did* was what thecodezombie suggested: rebranding the generic login page. It’s nice to use the WP lost password features, and it’s a pretty form, so hey.

    Since then I’ve also learnt that when I said:

    Can something on functions.php be made to override or add to existing core functions?

    I was probably looking for the WP action hooks and filters. I didn’t use them, however, because it was simpler not too. I’d be curious to know how they might be used to these ends, though…

    Also interested in using filters and hook Joshuwar as it is definitely not desirable to change the WP files…

    Anyway, I did change my login.php to meet my design.

    This also might be interesting for our purpose… 😉

    This is great conversation for the user management experience which I wish wordpress would really put some hard time in developing. Not to take away from the AMAZING job they have done with the application.

    The next questions I have is how you go about redirecting users to a specific area based on their role from the wp-login.php page?? Not the backend of wordpress. I wish I could write a function to do this but I’m not that advanced yet 🙁

    I figured out the answer to my question above. What needs to be done is that you use the

    <?php echo wp_login_url(); ?>

    function and pass in a redirect url.

    Carmellmom- The redirect url is for successful log on, I believe. Did you get it to work for an unsuccessful one?

    The answer for redirect a user that fails log in is here:

    Add this to your functions.php:

    add_action( 'wp_login_failed', 'my_front_end_login_fail' );  // hook failed login
    function my_front_end_login_fail( $username ) {
       $referrer = $_SERVER['HTTP_REFERER'];  // where did the post submission come from?
       // if there's a valid referrer, and it's not the default log-in screen
       if ( !empty($referrer) && !strstr($referrer,'wp-login') && !strstr($referrer,'wp-admin') ) {
          wp_redirect( $referrer . '?login=failed' );  // let's append some information (login=failed) to the URL for the theme to use

    and it works like a charm. This code redirects to the same page as the user tries to log in from. Change $referrer for another page.

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Can you stop wp_login_form redirecting to wp-login on fail?’ is closed to new replies.