Redirect from custom login to current page

Hello Matthias,

Can you please be more clear? I could not quite understand the scenario.

If the user is on page X and logs in, he should return to page X.

Yes. If you use the shortcode [user_registration_login], the user will not be redirected anywhere. If you would like to redirect, you can use the redirect_url parameter along with the shortcode [user_registration_login redirect_url=”sample-page”].

Also, to let you know about that hidden field. That is generated automatically by the wp_nonce_field() and the value is always esc_attr( wp_unslash( $_SERVER['REQUEST_URI'] ) ), for details see wp_referer_field().

The another hidden field you can see https://github.com/wpeverest/user-registration/blob/master/templates/myaccount/form-login.php#L73 will handle the redirect depending upon the redirect_url passed via the shortcode.

Let me know if you have any further confusion.

[ Signature deleted ]

• This reply was modified 6 years, 3 months ago by Jan Dembowski.

Hey sanzeeb3,

thank you for your reply. Indeed my statement isn’t accurate. I’ll try again.
My intention is: after successfully logging in, the user should be redirected to the last page where the user came from.
The User visit the Post Hello World. On that page the user clicking the link login. After successfuly logging in the user returned to Hello World.

Extended Version:

1. The user is on Post Hello World
   https://test.local/hello-world/

2. The user click the login link
   Reference: https://codex.www.ads-software.com/Function_Reference/wp_login_url
   For login and redirect to current page i use the permalink of current post hello-world
   <a href="<?php echo wp_login_url( get_permalink() ); ?>" title="Login">Login</a>

3. This function redirects the user to the login page. and not to wp-login.php

   if ( !function_exists('my_login_page') ) :
   	add_filter( 'login_url', 'my_login_page', 10, 3 );
   	function fa_login_page( $login_url, $redirect, $force_reauth ) {
   		$login_page = home_url( '/login/' );
   		if ( ! empty( $redirect ) ) {
   			$login_url = add_query_arg( 'redirect_to', urlencode( $redirect ), $login_page );
   		}
   		return $login_url;
   	}
   endif;

   The URL in adress bar is:
   https://test.local/login/?redirect_to=https://test.local/hello-world/

4. If the user is successfully logged in with your login form, the user will not be redirected to the last page.
   https://test.local/hello-world/

   Because the hidden field with the attribute name=”_wp_http_referer” contains in the value this piece, which blocks the successful redirecting to the old page /login/?redirect_to=

I don’t know how to handle this redirection or do you have any other way I can handle this? Sorry for the long long explanation.

• This reply was modified 6 years, 3 months ago by Matthias Honert.
• This reply was modified 6 years, 3 months ago by Matthias Honert. Reason: error

Hello Matthias Honert,

Thank you for the clear explaination. Since, you have passed the argument redirect_to with the login form. You can get this value and redirect accordingly. Assuming your login form url something like: https://example.com/login?redirect_to=sample-page

add_filter( 'user_registration_login_redirect', 'ur_login_redirect', 10, 2 );

function ur_login_redirect( $redirect, $user ) {
	$redirect = isset( $_GET['redirect_to'] ) ? $_GET['redirect_to'] : wp_get_raw_referer();
	return $redirect;
}

Let me know if you have any further confusion. BTW, Only to let you know, in your point no 3 my_login_page should’ve been fa_login_page or vice versa.

Thank You!

@sanzeeb3 thank you so much! Your filter function works! Now the user will be redirected.

Yes and I forgot to rename “fa_login_page” to “my_login_page” only for this topic.

There are too many codes here to know which to implement or not.
What is the final code to get the same done on a normal wp install?

Hello, I believe my situation is similar but with a twist…

We use User Registration as well as WP Ceber, a security plugin.

WP Ceber blocks both the wp-admin folder as well as the wp-login.php file. They do this by blocking the wp-admin folder with a random text string (which we provide to the plugin) as well as a switch to block the wp-login.php file. This secures our site from multiple attacks hourly.

The issue is the verification email provides the wp-login.php with a token to finalize the registration process. Replacing the ‘wp-login.php’ section of the URL with the random text string only provides a 404 error (expected when the url is not present in our system).

Unfortunately, I am not savvy enough to come up with coding for the functions.php file but savvy enough to copy and paste it properly. Is there a code that will permit this workaround?

The site is https://decisiveliberty.news

Thank in advance – User Registration is awesome, planning on upgrading to pro once the financial support kicks in later this week.

• This reply was modified 5 years, 8 months ago by decisiveliberty.

@decisiveliberty why don’t you use reCaptcha? This option is integrated in the plugin. It is in my opinion the better, more consistent solution than masking files with another plugin that break this plugin or functions. I think if you have attacs please contact your hosting service.

Hi Matthias – we are using reCaptcha. Our aim is to keeo all users out of the backend. The security has us setup a string that is uses to redirect away from wp-admin.php. The issue comes up when anything is hard-coded with “wp-login.php”. We are replacing the string in the emails with ‘wp_login_url()’ instead and will be testing shortly.