我假设在打印任何输出之前调用了您的函数,否则重定向将不起作用。
将用户重定向到给定URL的最简单方法是使用:
wp_redirect( $url );
exit;
因此,您的代码可能如下所示:
function authentication($emailAdd, $password) {
include_once(\'././wp-includes/class-phpass.php\');
global $wpdb, $formErr;
if(1 > count($formErr->get_error_messages())){
$hasher = new PasswordHash(8, TRUE);
$table = $wpdb->prefix.\'finusers\';
$results=$wpdb->get_row("SELECT * FROM $table WHERE email_address=\'$emailAdd\'");
$hashed_pwd = $results->password;
//echo $hashed_pwd;
if($hasher->CheckPassword($password, $hashed_pwd)){
wp_redirect( $url ); // change to correct URL
exit;
}else{
echo "Please check email address of password";
}
}
}
还有,你的代码有很多错误和问题,尽管。。。我真的不会在任何网站上使用它,我想。。。至少不是当前形式。。。请参见下面代码中的我的注释
function authentication($emailAdd, $password) {
// using ././ won\'t work. It should be ../../. And even that is risky, because the structure may be changed - you should use ABSPATH instead.
include_once(\'././wp-includes/class-phpass.php\');
global $wpdb, $formErr;
// so if there is exactly one error, everything is fine and user can be logged in? ;)
if(1 > count($formErr->get_error_messages())){
$hasher = new PasswordHash(8, TRUE);
$table = $wpdb->prefix.\'finusers\';
// Why no escaping? What if $emailAdd will contain special characters to perform SQL injection?
// Another problem is that you query all rows, why no limit?
$results=$wpdb->get_row("SELECT * FROM $table WHERE email_address=\'$emailAdd\'");
// And what if there are no such rows? Line below will cause error
$hashed_pwd = $results->password;
//echo $hashed_pwd;
if($hasher->CheckPassword($password, $hashed_pwd)){
wp_redirect( $url ); // change to correct URL
exit;
}else{
echo "Please check email address of password";
}
}
}
