我制作了一个插件，通过使用短代码生成登录表单。然而，在仪表板内部，登录工作正常，我注意到表单提交工作不正常。例如，概要文件更新不起作用，即当Save 按钮，页面将重新加载，但更改不会存储到数据库中
以下是代码：

function login_validation( $username, $password )  {
    global $reg_errors;
    $reg_errors = new WP_Error;

    if ( empty( $username ) && !empty( $password ) ) {
        $reg_errors->add(\'field\', \'The username field is empty\');
    } else if ( !empty( $username ) && empty( $password ) ) {
        $reg_errors->add(\'field\', \'The password field is empty\');
    } else if ( empty( $username ) && empty( $password ) ) {
        $reg_errors->add(\'field\', \'The fields are empty\');
    } else if ( !username_exists( $username ) ) {
        $reg_errors->add(\'user_name\', \'Sorry, that username doesn\\\'t exists!\');
    } else if ( !validate_username( $username ) ) {
        $reg_errors->add(\'username_invalid\', \'Sorry, the username you entered is not valid\');
    }

    if ( is_wp_error( $reg_errors ) ) {

        foreach ( $reg_errors->get_error_messages() as $error ) {
            echo \'<div class="alert alert-danger message-box">\';
            echo \'<strong>ERROR</strong>: \';
            echo $error . \'<br/>\';
            echo \'</div>\';
        }
    }
}

function custom_login() {
    if (isset($_POST[\'submit\'])) {
        $login_data = array();
        $login_data[\'user_login\'] = sanitize_user($_POST[\'username\']);
        $login_data[\'user_password\'] = esc_attr($_POST[\'password\']);

        $user = wp_signon( $login_data, false );

        if ( is_wp_error($user) ) {
            echo $user->get_error_message();
        } else {
            wp_clear_auth_cookie();
            do_action(\'wp_login\', $user->ID);
            wp_set_current_user($user->ID);
            wp_set_auth_cookie($user->ID, true);
            $redirect_to = $_SERVER[\'REQUEST_URI\'];
            wp_safe_redirect($redirect_to);
            exit;
        }
    }
}

function login_form() { ?>
    <form action="<?php echo $_SERVER[\'REQUEST_URI\'] ?>" method="post">
        <div class="input-group">
            <label for="username">Username <span class="form-required" title="This field is required.">*</span></label>
            <input type="text" name="username" placeholder="Username">
        </div>

        <div class="input-group">
            <label for="password">Password <span class="form-required" title="This field is required.">*</span></label>
            <input type="password" name="password" placeholder="Password">
        </div>
        <?php wp_nonce_field(\'wp_login\'); ?>

        <div class="input-group">
            <input type="submit" name="submit" value="Log in"/>
        </div>
    </form>
<?php }

add_action( \'after_setup_theme\', \'custom_login\' );

/*
 * Remove the response error messages from the header
 */
add_filter( \'gettext\', \'change_error_messages\', 10, 3 );
function change_error_messages( $translation, $text, $domain ) {
    if ( \'default\' !== $domain )
        return $translation;

    if ( \'<strong>ERROR</strong>: The password you entered for the username <strong>%1$s</strong> is incorrect. <a href="%2$s" title="Password Lost and Found">Lost your password</a>?\' == $text )
        return \'\';

    if ( \'<strong>ERROR</strong>: The password field is empty.\' == $text )
        return \'\';

    if ( \'<strong>ERROR</strong>: Invalid username. <a href=\\"%s\\" title=\\"Password Lost and Found\\">Lost your password</a>?\' == $text )
        return \'\';

    return $translation;    
}

// The callback function that will replace
function custom_login_shortcode() {
    ob_start();
    custom_login_function();
    return ob_get_clean();
}

// Register a new shortcode: [cr_custom_login]
add_shortcode(\'cr_custom_login\', \'custom_login_shortcode\');

如果我禁用这个插件，一切正常。我认为问题在于某种验证没有发生。也许nonce 领域我说得对吗？我怎样才能修复它
谢谢！

UPDATE
根据用户@Krzysiek Dródż的建议，我更新了custom_login 功能如下：

function custom_login() {
    if (isset($_POST[\'submit\'])) {
        $login_data = array();
        $login_data[\'user_login\'] = sanitize_user($_POST[\'username\']);
        $login_data[\'user_password\'] = esc_attr($_POST[\'password\']);
        $nonce = $_REQUEST[\'_wpnonce\'];

        $user = wp_signon( $login_data, false );

        global $user_ID;
        // Check whether the user is already logged in
        if ( !$user_ID ) {
            if ( ! wp_verify_nonce( $nonce, \'wp_login\' ) ) {
                // die( \'Security check\' );
                exit;
            } else {
                if ( is_wp_error($user) ) {
                    echo $user->get_error_message();
                } else {
                    wp_clear_auth_cookie();
                    do_action(\'wp_login\', $user->ID);
                    wp_set_current_user($user->ID);
                    wp_set_auth_cookie($user->ID, true);
                    $redirect_to = $_SERVER[\'REQUEST_URI\'];
                    wp_safe_redirect($redirect_to);
                    exit;
                }
            }
        }
    }
}

现在问题似乎已经解决了
如果我想使用其他类型的支票而不是if (isset($_POST[\'submit\']))?

function custom_login() {
    if(!empty($_POST[\'user_login\']) && !empty($_POST[\'user_pass\'])){
        $login_data = array();
        $login_data[\'user_login\'] = sanitize_user($_POST[\'user_login\']);
        $login_data[\'user_password\'] = esc_attr($_POST[\'user_pass\']);
        $login_data[\'rememberme\'] = true;
        $nonce = $_REQUEST[\'_wpnonce\'];

        $user = wp_signon( $login_data, false );

        global $user_ID;
        // Check whether the user is already logged in and the nonce is verified
        if ( !$user_ID && !wp_verify_nonce( $nonce, \'wp_login\' ) ) {
            exit;
        } else {
            if ( is_wp_error($user) ) {
                echo $user->get_error_message();
            } else {
                wp_clear_auth_cookie();
                do_action(\'wp_login\', $user->ID);
                wp_set_current_user($user->ID);
                wp_set_auth_cookie($user->ID, true);
                wp_safe_redirect(home_url());
                exit;
            }
        }
    }
}