Version Description
- Fixed the login link when
site_url()
home_url()
. - Added a mirror on GitHub.
Download this release
Release Info
Developer | avryl |
Plugin | Rename wp-login.php |
Version | 1.6 |
Comparing to | |
See all releases |
Code changes from version 1.5 to 1.6
- index.php +3 -1
- readme.md +102 -0
- readme.txt +27 -15
- rename-wp-login.php +10 -5
- wp-login.php +10 -10
index.php
CHANGED
@@ -1 +1,3 @@
|
|
1 |
-
<?php
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
// Silence is golden.
|
readme.md
ADDED
@@ -0,0 +1,102 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
# Rename wp-login.php
|
2 |
+
|
3 |
+
**Contributors:** avryl
|
4 |
+
**Tags:** rename, login, wp-login, wp-login.php, brute force, attacks
|
5 |
+
**Requires at least:** 3.6
|
6 |
+
**Tested up to:** 3.6.1
|
7 |
+
**Stable tag:** 1.6
|
8 |
+
**License:** GPLv2 or later
|
9 |
+
**License URI:** http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
+
|
11 |
+
Change wp-login.php to whatever you want. It can also prevent a lot of brute force attacks.
|
12 |
+
|
13 |
+
## Description
|
14 |
+
|
15 |
+
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/, and you can change this under Settings › Permalinks › Login.
|
16 |
+
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will return a 404 not found status.
|
17 |
+
|
18 |
+
### Compatibility
|
19 |
+
|
20 |
+
Works perfectly on WordPress 3.6 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
21 |
+
|
22 |
+
Compatible with plugins like:
|
23 |
+
|
24 |
+
* BuddyPress,
|
25 |
+
* Limit Login Attempts,
|
26 |
+
* User Switching,
|
27 |
+
* and any other plugin that hooks into the standard login form.
|
28 |
+
|
29 |
+
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
30 |
+
You also must have pretty, or almost pretty, permalinks enabled.
|
31 |
+
|
32 |
+
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
33 |
+
|
34 |
+
* For W3 Total Cache go to Performance › Page Cache › Advanced › Never cache the following pages, add your new login page on a new line and save all settings.
|
35 |
+
* For WP Super Cache go to Settings › WP Super Cache › Advanced › Accepted Filenames & Rejected URIs, add your new login page on a new line and save.
|
36 |
+
|
37 |
+
This plugin is **not** yet tested on installs that force **SSL** or use the **multisite** feature. I would appreciate any help with testing this.
|
38 |
+
|
39 |
+
### Benefits
|
40 |
+
|
41 |
+
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in, will return a 404 not found status.
|
42 |
+
|
43 |
+
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
44 |
+
|
45 |
+
If you want to keep your login url secret, you should make sure there aren’t any links pointing to it on your website.
|
46 |
+
|
47 |
+
### GitHub
|
48 |
+
|
49 |
+
This plugin has a [mirror](https://github.com/avryl/rename-wp-login) on GitHub.
|
50 |
+
|
51 |
+
## Installation
|
52 |
+
|
53 |
+
1. Go to Plugins › Add New.
|
54 |
+
2. Search for *Rename wp-login.php*.
|
55 |
+
3. Look for this plugin, download and activate it.
|
56 |
+
4. The page will redirect you to the settings. Rename wp-login.php in the section Login.
|
57 |
+
5. You can change this option any time you want, just go back to Settings › Permalinks › Login.
|
58 |
+
|
59 |
+
## Frequently Asked Questions
|
60 |
+
|
61 |
+
### I forgot my login url!
|
62 |
+
|
63 |
+
Either go to your MySQL database and look for the value of `rwl_page` in the options table, or remove the `rename-wp-login` folder from your `plugins` folder, log in through wp-login.php and reinstall the plugin.
|
64 |
+
|
65 |
+
## Changelog
|
66 |
+
|
67 |
+
### 1.6
|
68 |
+
|
69 |
+
* Fixed the login link when `site_url()` ≠ `home_url()`.
|
70 |
+
* Added a [mirror](https://github.com/avryl/rename-wp-login) on GitHub.
|
71 |
+
|
72 |
+
### 1.5
|
73 |
+
|
74 |
+
* Made [User Switching](http://wordpress.org/plugins/user-switching/) compatible.
|
75 |
+
|
76 |
+
### 1.4
|
77 |
+
|
78 |
+
* Faster page load.
|
79 |
+
* Fixed 404 error for permalink structures with a prefixed path. “Almost pretty” permalinks work now too.
|
80 |
+
* Code clean-up.
|
81 |
+
|
82 |
+
### 1.3
|
83 |
+
|
84 |
+
* Prevents the plugin from working when there is no permalink structure.
|
85 |
+
|
86 |
+
### 1.2
|
87 |
+
|
88 |
+
* Fixed status code custom login page.
|
89 |
+
|
90 |
+
### 1.1
|
91 |
+
|
92 |
+
* Blocked access to wp-admin to prevent a redirect the the new login page.
|
93 |
+
|
94 |
+
### 1.0
|
95 |
+
|
96 |
+
* Initial version.
|
97 |
+
|
98 |
+
## Upgrade Notice
|
99 |
+
|
100 |
+
### 1.6
|
101 |
+
|
102 |
+
Always immediately update this plugin please!
|
readme.txt
CHANGED
@@ -3,8 +3,8 @@
|
|
3 |
Contributors: avryl
|
4 |
Tags: rename, login, wp-login, wp-login.php, brute force, attacks
|
5 |
Requires at least: 3.6
|
6 |
-
Tested up to: 3.6
|
7 |
-
Stable tag: 1.
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
@@ -12,19 +12,22 @@ Change wp-login.php to whatever you want. It can also prevent a lot of brute for
|
|
12 |
|
13 |
== Description ==
|
14 |
|
15 |
-
|
16 |
-
|
17 |
-
This plugin renames wp-login.php to whatever you want. The default is example.com/**login**/ if no such page already exists. Otherwise it will append a number, e.g. login-1.
|
18 |
-
You can change this under Settings › Permalinks › Login.
|
19 |
-
Please remember what you changed your login page to, accessing wp-login.php or wp-admin will not work and will return a 404 not found status.
|
20 |
|
21 |
= Compatibility =
|
22 |
|
23 |
-
Works
|
24 |
-
|
25 |
-
|
|
|
|
|
|
|
|
|
|
|
26 |
|
27 |
-
|
|
|
28 |
|
29 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
30 |
|
@@ -35,12 +38,16 @@ This plugin is **not** yet tested on installs that force **SSL** or use the **mu
|
|
35 |
|
36 |
= Benefits =
|
37 |
|
38 |
-
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php
|
39 |
-
|
40 |
-
I made this plugin primarily because a client’s host blocked wp-login.php with an annoying Captcha. On some bigger websites Limit Login Atttempts also showed us that a lot of bots were trying to gain access through wp-login.php.
|
41 |
|
42 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
43 |
|
|
|
|
|
|
|
|
|
|
|
|
|
44 |
== Installation ==
|
45 |
|
46 |
1. Go to Plugins › Add New.
|
@@ -57,6 +64,11 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
57 |
|
58 |
== Changelog ==
|
59 |
|
|
|
|
|
|
|
|
|
|
|
60 |
= 1.5 =
|
61 |
|
62 |
* Made [User Switching](http://wordpress.org/plugins/user-switching/) compatible.
|
@@ -85,6 +97,6 @@ Either go to your MySQL database and look for the value of `rwl_page` in the opt
|
|
85 |
|
86 |
== Upgrade Notice ==
|
87 |
|
88 |
-
= 1.
|
89 |
|
90 |
Always immediately update this plugin please!
|
3 |
Contributors: avryl
|
4 |
Tags: rename, login, wp-login, wp-login.php, brute force, attacks
|
5 |
Requires at least: 3.6
|
6 |
+
Tested up to: 3.6.1
|
7 |
+
Stable tag: 1.6
|
8 |
License: GPLv2 or later
|
9 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
10 |
|
12 |
|
13 |
== Description ==
|
14 |
|
15 |
+
With this plugin you can change wp-login.php to anything you want. The default is example.com/login/, and you can change this under Settings › Permalinks › Login.
|
16 |
+
Please bookmark or remember your login url, accessing wp-login.php or wp-admin will return a 404 not found status.
|
|
|
|
|
|
|
17 |
|
18 |
= Compatibility =
|
19 |
|
20 |
+
Works perfectly on WordPress 3.6 or higher. The registration form, lost password form, login widget and expired sessions will keep working.
|
21 |
+
|
22 |
+
Compatible with plugins like:
|
23 |
+
|
24 |
+
* BuddyPress,
|
25 |
+
* Limit Login Attempts,
|
26 |
+
* User Switching,
|
27 |
+
* and any other plugin that hooks into the standard login form.
|
28 |
|
29 |
+
It does’t work with plugins that hardcoded wp-login.php, obviously.
|
30 |
+
You also must have pretty, or almost pretty, permalinks enabled.
|
31 |
|
32 |
If you’re using a **page caching plugin** like **W3 Total Cache** or **WP Super Cache**, add the word you renamed wp-login.php to (e.g. login) to the list of pages not to cache.
|
33 |
|
38 |
|
39 |
= Benefits =
|
40 |
|
41 |
+
Not only does it allow you to further customise your login page, it also prevents brute force attacks that are targeted specifically to wp-login.php. wp-login.php, and wp-admin if not logged in, will return a 404 not found status.
|
|
|
|
|
42 |
|
43 |
While you could use this plugin to prevent a lot of brute force attacks, it does not mean you don’t need a strong password. Read [this codex article](http://codex.wordpress.org/Brute_Force_Attacks) for more information on how to protect your website.
|
44 |
|
45 |
+
If you want to keep your login url secret, you should make sure there aren’t any links pointing to it on your website.
|
46 |
+
|
47 |
+
= GitHub =
|
48 |
+
|
49 |
+
This plugin has a [mirror](https://github.com/avryl/rename-wp-login) on GitHub.
|
50 |
+
|
51 |
== Installation ==
|
52 |
|
53 |
1. Go to Plugins › Add New.
|
64 |
|
65 |
== Changelog ==
|
66 |
|
67 |
+
= 1.6 =
|
68 |
+
|
69 |
+
* Fixed the login link when `site_url()` ≠ `home_url()`.
|
70 |
+
* Added a [mirror](https://github.com/avryl/rename-wp-login) on GitHub.
|
71 |
+
|
72 |
= 1.5 =
|
73 |
|
74 |
* Made [User Switching](http://wordpress.org/plugins/user-switching/) compatible.
|
97 |
|
98 |
== Upgrade Notice ==
|
99 |
|
100 |
+
= 1.6 =
|
101 |
|
102 |
Always immediately update this plugin please!
|
rename-wp-login.php
CHANGED
@@ -6,7 +6,7 @@ Plugin URI: http://wordpress.org/plugins/rename-wp-login/
|
|
6 |
Description: Change wp-login.php to whatever you want. It can also prevent a lot of brute force attacks.
|
7 |
Author: avryl
|
8 |
Author URI: http://profiles.wordpress.org/avryl/
|
9 |
-
Version: 1.
|
10 |
Text Domain: rename-wp-login
|
11 |
License: GPLv2 or later
|
12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
@@ -51,6 +51,7 @@ function rwl_admin_init() {
|
|
51 |
}
|
52 |
|
53 |
update_option( 'rwl_admin', isset( $_POST['rwl_admin'] ) ? $_POST['rwl_admin'] : '0' );
|
|
|
54 |
}
|
55 |
|
56 |
if ( get_option( 'rwl_redirect' ) == '1' ) {
|
@@ -65,7 +66,7 @@ function rwl_admin_init() {
|
|
65 |
|
66 |
function rwl_page() {
|
67 |
|
68 |
-
echo '<code>' .
|
69 |
|
70 |
}
|
71 |
|
@@ -83,9 +84,10 @@ function rwl_admin_notices() {
|
|
83 |
|
84 |
} elseif ( $_GET['settings-updated'] == true ) {
|
85 |
|
86 |
-
echo '<div class="updated"><p>Your login page is now here: <a href="' .
|
87 |
|
88 |
}
|
|
|
89 |
}
|
90 |
|
91 |
function rwl_plugin_action_links( $links ) {
|
@@ -149,6 +151,7 @@ function rwl_init() {
|
|
149 |
exit;
|
150 |
|
151 |
}
|
|
|
152 |
}
|
153 |
|
154 |
}
|
@@ -191,6 +194,7 @@ function rwl_filter_logout_url( $login_url, $redirect = '' ) {
|
|
191 |
$logout_url = wp_nonce_url( $logout_url, 'log-out' );
|
192 |
|
193 |
return $logout_url;
|
|
|
194 |
}
|
195 |
|
196 |
function rwl_filter_register_url( $register_url ) {
|
@@ -209,11 +213,12 @@ function rwl_filter_lostpassword_url( $lostpassword_url, $redirect = '' ) {
|
|
209 |
$lostpassword_url = add_query_arg( $args, rwl_login_url() );
|
210 |
|
211 |
return $lostpassword_url;
|
|
|
212 |
}
|
213 |
|
214 |
function rwl_login_url() {
|
215 |
|
216 |
-
return
|
217 |
|
218 |
}
|
219 |
|
@@ -221,7 +226,7 @@ function rwl_404() {
|
|
221 |
|
222 |
global $wp_query;
|
223 |
|
224 |
-
status_header(404);
|
225 |
|
226 |
$wp_query->set_404();
|
227 |
|
6 |
Description: Change wp-login.php to whatever you want. It can also prevent a lot of brute force attacks.
|
7 |
Author: avryl
|
8 |
Author URI: http://profiles.wordpress.org/avryl/
|
9 |
+
Version: 1.6
|
10 |
Text Domain: rename-wp-login
|
11 |
License: GPLv2 or later
|
12 |
License URI: http://www.gnu.org/licenses/gpl-2.0.html
|
51 |
}
|
52 |
|
53 |
update_option( 'rwl_admin', isset( $_POST['rwl_admin'] ) ? $_POST['rwl_admin'] : '0' );
|
54 |
+
|
55 |
}
|
56 |
|
57 |
if ( get_option( 'rwl_redirect' ) == '1' ) {
|
66 |
|
67 |
function rwl_page() {
|
68 |
|
69 |
+
echo '<code>' . home_url() . '/</code> <input id="rwl-page-input" type="text" name="rwl_page" value="' . get_option( 'rwl_page' ) . '" /> <code>/</code>';
|
70 |
|
71 |
}
|
72 |
|
84 |
|
85 |
} elseif ( $_GET['settings-updated'] == true ) {
|
86 |
|
87 |
+
echo '<div class="updated"><p>Your login page is now here: <a href="' . home_url() . '/' . get_option( 'rwl_page' ) . '/">' . home_url() . '/<strong>' . get_option( 'rwl_page' ) . '</strong>/</a>. Bookmark this page!</p></div>';
|
88 |
|
89 |
}
|
90 |
+
|
91 |
}
|
92 |
|
93 |
function rwl_plugin_action_links( $links ) {
|
151 |
exit;
|
152 |
|
153 |
}
|
154 |
+
|
155 |
}
|
156 |
|
157 |
}
|
194 |
$logout_url = wp_nonce_url( $logout_url, 'log-out' );
|
195 |
|
196 |
return $logout_url;
|
197 |
+
|
198 |
}
|
199 |
|
200 |
function rwl_filter_register_url( $register_url ) {
|
213 |
$lostpassword_url = add_query_arg( $args, rwl_login_url() );
|
214 |
|
215 |
return $lostpassword_url;
|
216 |
+
|
217 |
}
|
218 |
|
219 |
function rwl_login_url() {
|
220 |
|
221 |
+
return home_url() . '/' . get_option( 'rwl_page' ) . '/';
|
222 |
|
223 |
}
|
224 |
|
226 |
|
227 |
global $wp_query;
|
228 |
|
229 |
+
status_header( 404 );
|
230 |
|
231 |
$wp_query->set_404();
|
232 |
|
wp-login.php
CHANGED
@@ -248,7 +248,7 @@ function retrieve_password() {
|
|
248 |
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
249 |
$message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
|
250 |
$message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
|
251 |
-
$message .= '<' .
|
252 |
|
253 |
if ( is_multisite() )
|
254 |
$blogname = $GLOBALS['current_site']->site_name;
|
@@ -421,7 +421,7 @@ case 'logout' :
|
|
421 |
check_admin_referer('log-out');
|
422 |
wp_logout();
|
423 |
|
424 |
-
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] :
|
425 |
wp_safe_redirect( $redirect_to );
|
426 |
exit();
|
427 |
|
@@ -433,7 +433,7 @@ case 'retrievepassword' :
|
|
433 |
if ( $http_post ) {
|
434 |
$errors = retrieve_password();
|
435 |
if ( !is_wp_error($errors) ) {
|
436 |
-
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] :
|
437 |
wp_safe_redirect( $redirect_to );
|
438 |
exit();
|
439 |
}
|
@@ -449,7 +449,7 @@ case 'retrievepassword' :
|
|
449 |
|
450 |
?>
|
451 |
|
452 |
-
<form name="lostpasswordform" id="lostpasswordform" action="<?php echo
|
453 |
<p>
|
454 |
<label for="user_login" ><?php _e('Username or E-mail:') ?><br />
|
455 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
@@ -475,7 +475,7 @@ case 'rp' :
|
|
475 |
$user = check_password_reset_key($_GET['key'], $_GET['login']);
|
476 |
|
477 |
if ( is_wp_error($user) ) {
|
478 |
-
wp_redirect(
|
479 |
exit;
|
480 |
}
|
481 |
|
@@ -499,7 +499,7 @@ case 'rp' :
|
|
499 |
login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );
|
500 |
|
501 |
?>
|
502 |
-
<form name="resetpassform" id="resetpassform" action="<?php echo
|
503 |
<input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />
|
504 |
|
505 |
<p>
|
@@ -537,7 +537,7 @@ case 'register' :
|
|
537 |
}
|
538 |
|
539 |
if ( !get_option('users_can_register') ) {
|
540 |
-
wp_redirect(
|
541 |
exit();
|
542 |
}
|
543 |
|
@@ -548,7 +548,7 @@ case 'register' :
|
|
548 |
$user_email = $_POST['user_email'];
|
549 |
$errors = register_new_user($user_login, $user_email);
|
550 |
if ( !is_wp_error($errors) ) {
|
551 |
-
$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] :
|
552 |
wp_safe_redirect( $redirect_to );
|
553 |
exit();
|
554 |
}
|
@@ -558,7 +558,7 @@ case 'register' :
|
|
558 |
login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors);
|
559 |
?>
|
560 |
|
561 |
-
<form name="registerform" id="registerform" action="<?php echo
|
562 |
<p>
|
563 |
<label for="user_login"><?php _e('Username') ?><br />
|
564 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(wp_unslash($user_login)); ?>" size="20" /></label>
|
@@ -692,7 +692,7 @@ default:
|
|
692 |
$rememberme = ! empty( $_POST['rememberme'] );
|
693 |
?>
|
694 |
|
695 |
-
<form name="loginform" id="loginform" action="<?php echo
|
696 |
<p>
|
697 |
<label for="user_login"><?php _e('Username') ?><br />
|
698 |
<input type="text" name="log" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
248 |
$message .= sprintf(__('Username: %s'), $user_login) . "\r\n\r\n";
|
249 |
$message .= __('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n\r\n";
|
250 |
$message .= __('To reset your password, visit the following address:') . "\r\n\r\n";
|
251 |
+
$message .= '<' . home_url() . '/' . get_option('rwl_page') . '/' . "?action=rp&key=$key&login=" . rawurlencode($user_login) . ">\r\n";
|
252 |
|
253 |
if ( is_multisite() )
|
254 |
$blogname = $GLOBALS['current_site']->site_name;
|
421 |
check_admin_referer('log-out');
|
422 |
wp_logout();
|
423 |
|
424 |
+
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : home_url() . '/' . get_option('rwl_page') . '/' . '?loggedout=true';
|
425 |
wp_safe_redirect( $redirect_to );
|
426 |
exit();
|
427 |
|
433 |
if ( $http_post ) {
|
434 |
$errors = retrieve_password();
|
435 |
if ( !is_wp_error($errors) ) {
|
436 |
+
$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : home_url() . '/' . get_option('rwl_page') . '/' . '?checkemail=confirm';
|
437 |
wp_safe_redirect( $redirect_to );
|
438 |
exit();
|
439 |
}
|
449 |
|
450 |
?>
|
451 |
|
452 |
+
<form name="lostpasswordform" id="lostpasswordform" action="<?php echo home_url() . '/' . get_option('rwl_page') . '/' . '?action=lostpassword'; ?>" method="post">
|
453 |
<p>
|
454 |
<label for="user_login" ><?php _e('Username or E-mail:') ?><br />
|
455 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|
475 |
$user = check_password_reset_key($_GET['key'], $_GET['login']);
|
476 |
|
477 |
if ( is_wp_error($user) ) {
|
478 |
+
wp_redirect( home_url() . '/' . get_option('rwl_page') . '/' . '?action=lostpassword&error=invalidkey' );
|
479 |
exit;
|
480 |
}
|
481 |
|
499 |
login_header(__('Reset Password'), '<p class="message reset-pass">' . __('Enter your new password below.') . '</p>', $errors );
|
500 |
|
501 |
?>
|
502 |
+
<form name="resetpassform" id="resetpassform" action="<?php echo home_url() . '/' . get_option('rwl_page') . '/' . '?action=resetpass&key=' . urlencode( $_GET['key'] ) . '&login=' . urlencode( $_GET['login'] ); ?>" method="post" autocomplete="off">
|
503 |
<input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />
|
504 |
|
505 |
<p>
|
537 |
}
|
538 |
|
539 |
if ( !get_option('users_can_register') ) {
|
540 |
+
wp_redirect( home_url() . '/' . get_option('rwl_page') . '/' . '?registration=disabled' );
|
541 |
exit();
|
542 |
}
|
543 |
|
548 |
$user_email = $_POST['user_email'];
|
549 |
$errors = register_new_user($user_login, $user_email);
|
550 |
if ( !is_wp_error($errors) ) {
|
551 |
+
$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : home_url() . '/' . get_option('rwl_page') . '/' . '?checkemail=registered';
|
552 |
wp_safe_redirect( $redirect_to );
|
553 |
exit();
|
554 |
}
|
558 |
login_header(__('Registration Form'), '<p class="message register">' . __('Register For This Site') . '</p>', $errors);
|
559 |
?>
|
560 |
|
561 |
+
<form name="registerform" id="registerform" action="<?php echo home_url() . '/' . get_option('rwl_page') . '/' . '?action=register'; ?>" method="post">
|
562 |
<p>
|
563 |
<label for="user_login"><?php _e('Username') ?><br />
|
564 |
<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(wp_unslash($user_login)); ?>" size="20" /></label>
|
692 |
$rememberme = ! empty( $_POST['rememberme'] );
|
693 |
?>
|
694 |
|
695 |
+
<form name="loginform" id="loginform" action="<?php echo home_url() . '/' . get_option('rwl_page') . '/'; ?>" method="post">
|
696 |
<p>
|
697 |
<label for="user_login"><?php _e('Username') ?><br />
|
698 |
<input type="text" name="log" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" /></label>
|