Login redirection and errors

Thanks for checking in Jeff! Yeah interesting is one word for it all right.

By way of further info, I’m hooking into both authenticate and login_errors in the theme’s functions.php… don’t think I’m doing anything there that would break things, but the code’s pasted below just in case. The authenticate function does set a cookie but it shouldn’t stomp on any of WP’s stuff…

The only other thing that looks odd to me at first glance is when you’re redirected to the standard login page with no error messages, the form code changes a bit – action="/login?instance=1" – and the hidden form field name="instance" has no value set.

The login_errors hook:

function frame_login_errors( $error ) {
	return '<div class="block width-100"><div class="box bg-yellow">' . str_replace( '<strong>ERROR</strong>: ', '<b>Ach du meine Güte!</b><br>', $error ) . '</div></div>';
}

and authenticate:

// flash a message if renewal date is close or has just passed
	// block login if after grace period
	function check_renewal( $user, $username, $password ) {
		// do we already have an error?
		if ( is_wp_error( $user ) ) {
			return $user;
		}

		// admins always pass
		if ( user_can( $user, 'activate_plugins' ) ) {
			// expire cookie if it exists
			setcookie( 'renewal_message' , '', time()-1 );
			return $user;
		}

		$registered = strtotime( $user->user_registered );
		$expires = strtotime( $user->user_registered . ' + ' . User_Extensions::$membership_period );
		$warning = $expires - ( 60 * 60 * 24 * 30 );
		$grace = strtotime( $user->user_registered . ' + ' . User_Extensions::$grace_period );
		$now = time();

		if ( $now > $warning and $now <= $expires ) {
			setcookie( 'renewal_message', 'expiring' );
			return $user;
		} elseif ( $now > $expires and $now <= $grace ) {
			setcookie( 'renewal_message', 'expired' );
			return $user;
		} elseif ( $now > $grace ) {
			return new WP_Error( 'membership_expired', 'Sorry, your membership to GABC appears to have expired. <a href="/membership/renew/">Please click here to renew</a>.' );
		}

		return $user;
	}

Would have been funny if it were that easy. I’ve isolated it, I think, to class-theme-my-login-template.php, the get_errors() function. In this situation, after the redirect, $is_active is set to false. I even tried setting it to true in the __construct function but it’s being overwritten somewhere between being instanced and running the get_errors method.

The error object is there, though, as evidenced by the terrible workaround I put in place – I’ve replaced the is_active check around line 209 with if ( 1 == 1 or $this->is_active() ) { but that’s obviously not a permanent solution.

The other thing I found is that although the error object is there, the instance is set to 0 rather than 1.

I’ve echoed a print_r of the $theme_my_login object into an html comment. Anything here ringing any bells?

Thanks!

Thanks for pulling me back to this. That did it, sort of:

Setting instance=”0″ in the TML call, either via shortcode or the function directly, didn’t work (more on this below). So I did a little preg_replace on the returned HTML to ensure the instance *is* 0, and voila, problem solved! So thanks.

$form = do_shortcode( '[theme-my-login instance="0"]' );
// ensure instance=0
$form = preg_replace( '@name="instance" value="\d+"@', 'name="instance" value="0"', $form );

So the obvious question is, why can one not force an instance number? I looked at the shortcode function in class-theme-my-login.php, and in there (line 797), I found:
wp_parse_args( $atts );

wp_parse_args requires 2 arguments – the provided array of args and an an array of default args. Just for fun I changed it to:
$atts = wp_parse_args( $atts, array('instance' => 500) );

… and sure enough, on a generic TML call in a template with no arguments, the instance is now set to 500.

Maybe WP changed the API for this function? Anyway unless you’ve redefined wp_parse_args somewhere in the code, that could be the problem…