WordPress.org

Make WordPress Core

Opened 14 months ago

Last modified 3 months ago

#23412 closed defect (bug)

Password protected pages - redirect after login — at Initial Version

Reported by: dood_cro Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.5.1
Component: Template Keywords: needs-patch
Focuses: Cc:

Description

Hi,

I am using WP 3.5.1 and I have found out that after a successful login to a password protected page, WP won't redirect back.

This is because referrer is empty.

So I have modified page login script to have hidden "_wp_http_referer" field in form.

After that, login redirects back to page normally.

Here is my script:

function my_password_form() {

global $post;
$label = 'pwbox-'.( empty( $post->ID ) ? rand() : $post->ID );
$o = '<form class="protected-post-form" action="' . get_option( 'siteurl' ) . '/wp-login.php?action=postpass" method="post">
<p>' . ( "To view this protected post, enter the password below:" ) . '</p>
<label for="' . $label . '">' .
( "Password:" ) . ' </label><input name="post_password" id="' . $label . '" type="password" size="20" /><input type="submit" name="Submit" value="' . esc_attr( "Submit" ) . '" />
<input type="hidden" name="_wp_http_referer" value="'.get_permalink().'" />
</form>
';
return $o;

}
add_filter( 'the_password_form', 'my_password_form' );

This functions returns empty URL to wp-login.php script:

function wp_get_referer() {

$ref = false;
if ( ! empty( $_REQUEST_wp_http_referer? ) )

$ref = $_REQUEST_wp_http_referer?;

else if ( ! empty( $_SERVERHTTP_REFERER? ) )

$ref = $_SERVERHTTP_REFERER?;

if ( $ref && $ref !== $_SERVERREQUEST_URI? )

return $ref;

return false;

}

I hope this helps.

I have tried this with all plugins disabled, and also on 20-12 theme, same error occurs.

Bye,
Dubravko

Change History (0)

Note: See TracTickets for help on using tickets.