WordPress.org

Make WordPress Core

Opened 4 years ago

Last modified 19 months ago

#17630 new enhancement

Redirect wp-signup.php to wp_signup_location

Reported by: dwieeb Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 3.1.3
Component: Login and Registration Keywords: has-patch dev-feedback
Focuses: multisite Cc:

Description

I noticed that if wp-signup.php is accessed directly and wp_signup_location is not the default "site_url( 'wp-signup.php' )", it does not redirect to the signup location.

I've attached a potential patch. It works for me.

Attachments (5)

patch.diff (545 bytes) - added by dwieeb 4 years ago.
17630.diff (467 bytes) - added by jeremyfelt 2 years ago.
17630.1.diff (536 bytes) - added by jeremyfelt 2 years ago.
17630.2.diff (807 bytes) - added by jeremyfelt 23 months ago.
17630.3.diff (806 bytes) - added by jeremyfelt 23 months ago.

Download all attachments as: .zip

Change History (16)

@dwieeb4 years ago

comment:1 @wpmuguru3 years ago

  • Type changed from defect (bug) to enhancement

comment:2 @jeremyfelt2 years ago

  • Keywords dev-feedback added
  • Milestone changed from Awaiting Review to 3.7

Does it make sense to handle it this way? The patch should probably be refreshed if so, but it would be a quick add. I could also see using an earlier, already available action to redirect the request.

@jeremyfelt2 years ago

comment:3 @jeremyfelt2 years ago

  • Severity changed from minor to normal

17630.diff uses network_site_url() instead of site_url() to align with all other uses of the wp_signup_location filter.

comment:4 follow-up: @nacin2 years ago

I sense this could trigger an infinite redirect?

comment:5 in reply to: ↑ 4 @jeremyfelt2 years ago

Replying to nacin:

I sense this could trigger an infinite redirect?

Because of the strict comparison? I thought that at first, but then figured these should always be full URLs/strings.

Though I guess it could be filtered to wp-signup.php?custom=thing and throw everything off.

@jeremyfelt2 years ago

comment:6 @jeremyfelt2 years ago

17630.1.diff strips any query string from the filtered URL before comparing to the network signup URL and only redirects if the combination of domain/path is different.

@jeremyfelt23 months ago

comment:7 @jeremyfelt23 months ago

17630.2.diff adds docs to the new wp_signup_location filter added in the patch.

comment:8 @SergeyBiryukov23 months ago

die() in line 49 should probably be exit(), for consistency with [16847].

@jeremyfelt23 months ago

comment:9 follow-up: @jeremyfelt23 months ago

17630.3.diff uses exit; rather than die();, see [16847].

Interesting enough, there are a few other uses of wp_redirect() in wp-signup.php that still use die();.

comment:10 in reply to: ↑ 9 @nacin23 months ago

  • Milestone changed from 3.7 to Future Release

Replying to jeremyfelt:

Interesting enough, there are a few other uses of wp_redirect() in wp-signup.php that still use die();.

Doesn't matter. [16847] was to enforce we were killing the script after a redirect, not that we were using exit over die. Though exit does seem to be our preferred statement.

This just hasn't been tested. I fear infinite redirects and other side effects. Someone filtering wp_signup_location can *also* choose to redirect wp-signup.php if they wanted to.

comment:11 @jeremyfelt19 months ago

  • Component changed from Multisite to Login and Registration
  • Focuses multisite added
Note: See TracTickets for help on using tickets.