Opened 11 years ago
Closed 11 years ago
#25901 closed defect (bug) (invalid)
/wp-admin/customize.php can't be navigated to with wp_redirect()
Reported by: | brianfeister | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.6.1 |
Component: | Login and Registration | Keywords: | reporter-feedback |
Focuses: | multisite | Cc: |
Description
With WordPress Multisite, programmatically creating a new user, with $activate_signup()
, then logging that user in via wp_signon()
works, but when trying to automatically move the user the theme customizer page (the focus of my Multisite network), I get a "Session expired. Please log in again. You will note move away from this page." Clicking "close" on the customizer frame takes the user back to the dashboard without asking for authentication. Is this happening because the Theme Customizer is in some way different than other wp-admin areas and cannot be the "first-navigated" admin page when a user initially authenticates?
This may be a bug or a feature request, I would need some clarification.
activate_signup = wpmu_activate_signup(); $creds = array(); $creds['user_login'] = $passed['username']; $creds['user_password'] = $activate_signup['password']; $creds['remember'] = true; $user = wp_signon( $creds, false ); wp_redirect( 'http://' . $subdomain . '/wp-admin/customize.php' ); // $subdomain is captured via a signup form and is outside this snippet exit();
Change History (3)
Note: See
TracTickets for help on using
tickets.
Thanks for the report, @brianfeister. I attempted to reproduce the issue in current trunk with both subdomain and subfolder setups, but am unable to do so.
Steps:
test1
athttp://src.wordpress-develop.dev/wp-signup.php
http://test1.src.wordpress-develop.dev/?fake_activate
http://test1.src.wordpress-develop.dev/wp-admin/customize.php
without complaint and logged in as the test1 user.The only thing that I can think of immediately from your example is that
wpmu_activate_signup()
does not have an activation key specified. Also, if you are handling the creation of the site through a custom form (resulting in the generation of$subdomain
, it is possible that a step is being missed that would normally be handled by core.