WordPress.org

Make WordPress Core

Opened 3 years ago

Last modified 3 months ago

#17630 new enhancement

Redirect wp-signup.php to wp_signup_location

Reported by: dwieeb Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 3.1.3
Component: Login and Registration Keywords: has-patch dev-feedback
Focuses: multisite Cc:

Description

I noticed that if wp-signup.php is accessed directly and wp_signup_location is not the default "site_url( 'wp-signup.php' )", it does not redirect to the signup location.

I've attached a potential patch. It works for me.

Attachments (5)

patch.diff (545 bytes) - added by dwieeb 3 years ago.
17630.diff (467 bytes) - added by jeremyfelt 8 months ago.
17630.1.diff (536 bytes) - added by jeremyfelt 8 months ago.
17630.2.diff (807 bytes) - added by jeremyfelt 7 months ago.
17630.3.diff (806 bytes) - added by jeremyfelt 7 months ago.

Download all attachments as: .zip

Change History (16)

dwieeb3 years ago

comment:1 wpmuguru17 months ago

  • Type changed from defect (bug) to enhancement

comment:2 jeremyfelt8 months ago

  • Keywords dev-feedback added
  • Milestone changed from Awaiting Review to 3.7

Does it make sense to handle it this way? The patch should probably be refreshed if so, but it would be a quick add. I could also see using an earlier, already available action to redirect the request.

jeremyfelt8 months ago

comment:3 jeremyfelt8 months ago

  • Severity changed from minor to normal

17630.diff uses network_site_url() instead of site_url() to align with all other uses of the wp_signup_location filter.

comment:4 follow-up: nacin8 months ago

I sense this could trigger an infinite redirect?

comment:5 in reply to: ↑ 4 jeremyfelt8 months ago

Replying to nacin:

I sense this could trigger an infinite redirect?

Because of the strict comparison? I thought that at first, but then figured these should always be full URLs/strings.

Though I guess it could be filtered to wp-signup.php?custom=thing and throw everything off.

jeremyfelt8 months ago

comment:6 jeremyfelt8 months ago

17630.1.diff strips any query string from the filtered URL before comparing to the network signup URL and only redirects if the combination of domain/path is different.

jeremyfelt7 months ago

comment:7 jeremyfelt7 months ago

17630.2.diff adds docs to the new wp_signup_location filter added in the patch.

comment:8 SergeyBiryukov7 months ago

die() in line 49 should probably be exit(), for consistency with [16847].

jeremyfelt7 months ago

comment:9 follow-up: jeremyfelt7 months ago

17630.3.diff uses exit; rather than die();, see [16847].

Interesting enough, there are a few other uses of wp_redirect() in wp-signup.php that still use die();.

comment:10 in reply to: ↑ 9 nacin7 months ago

  • Milestone changed from 3.7 to Future Release

Replying to jeremyfelt:

Interesting enough, there are a few other uses of wp_redirect() in wp-signup.php that still use die();.

Doesn't matter. [16847] was to enforce we were killing the script after a redirect, not that we were using exit over die. Though exit does seem to be our preferred statement.

This just hasn't been tested. I fear infinite redirects and other side effects. Someone filtering wp_signup_location can *also* choose to redirect wp-signup.php if they wanted to.

comment:11 jeremyfelt3 months ago

  • Component changed from Multisite to Login and Registration
  • Focuses multisite added
Note: See TracTickets for help on using tickets.