Make WordPress Core

Opened 6 weeks ago

Last modified 6 weeks ago

#60748 new defect (bug)

auth_redirect() login check doesn't exist or doesn't work

Reported by: kratosgemini's profile kratosgemini Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: Login and Registration Keywords:
Focuses: Cc:

Description

The auth_redirect() documentation states:

"Checks if a user is logged in, if not it redirects them to the login page."
https://developer.wordpress.org/reference/functions/auth_redirect/

However, unless a call to auth_redirect() is wrapped inside a is_user_logged_in() check, then it always sends people to the login page (even if a user is already logged in).

I don't know if the documentation is incorrect or if there is a bug in the code.

To reproduce, all you need to do is something like this:

<?php
add_action( 'wp', function() {
        if ( is_page( 2 ) ) {
                auth_redirect();
        }
} );

Change History (1)

#1 @mujuonly
6 weeks ago

+1

<?php
add_action( 'wp', function() {
        if ( is_cart() ) {
                auth_redirect();
        }
} );

Just checked this as logged in and reloaded the cart page, it logs out and redirect to login page.

This is the function doc

<?php
        /**
         * Checks if a user is logged in, if not it redirects them to the login page.
         *
         * When this code is called from a page, it checks to see if the user viewing the page is logged in.
         * If the user is not logged in, they are redirected to the login page. The user is redirected
         * in such a way that, upon logging in, they will be sent directly to the page they were originally
         * trying to access.
         *
         * @since 1.5.0
         */
Note: See TracTickets for help on using tickets.