Problem with my Login Plugin

时间:2019-10-19 作者:Luthando Dlamini

我正在尝试用下面的代码创建我的测试登录插件,它不会给我任何错误,但不想工作。我是个初学者,有人能帮我指出正确的方向吗。谢谢

<?php
/**
 * Plugin Name:       LD Login Form 
 * Plugin URI:        https://testsite.co.za
 * Description:       Empire Investment Login Form
 * Version:           1.0
 * Author:            Luthando
 * Author URI:        https://testsite.co.za
 */

function luecustom_form() {
 ?>
<form action="<?php echo $_SERVER[\'REQUEST_URI\']; ?>" method="post" style="color: #fff">
  <div class="form-group">
    <label for="email">Email address:</label>
    <input name="email" type="email" class="form-control" id="email">
  </div>
  <div class="form-group">
    <label for="pwd">Password:</label>
    <input name="pass" type="password" class="form-control" id="pwd">
  </div>
  <div class="form-group form-check">
    <label class="form-check-label">
     <a style="color: #08a873" href="#"> Forgot Password? </a>    </label>
  </div>
  <input style="background: #08a873; margin-top: 5px; width: 100%" type="submit" class="btn btn-primary btn-lg active" role="button" aria-pressed="true" value="Login"/>

  <div class="alert alert-danger" role="alert">
     <?php echo $errMessage; ?>
</div>

</form>
 <?php
}
add_shortcode(\'luthandoLog\', \'luecustom_form\');
$errMessage = "";

if(isset($_POST[\'submit\'])) {


 global $wpdb;

 $errMessage = "";
 $email = $_POST[\'email\'];
 $pass = $_POST[\'pass\']; 

 $check = $wpdb->get_col("SELECT email.users , pass.users FROM users WHERE email.users = $email && pass.users = $pass"); 


    if($check->num_rows == 1){

    header("Location: https://dhetcodesigns.000webhostapp.com/?page_id=5");
    exit;

    }else{
        $errMessage = "Incorrect username/password";
    }

}
?>

1 个回复
SO网友:butlerblog

您有许多问题需要纠正才能正常工作。

短代码应返回内容,而不是将其回显/打印到屏幕上

  • 在使用之前,您应该清理检索到的$\\u POST值init.
    • 您的“错误”消息$errMessage 在快捷码函数外部定义,因此除非声明为全局值,否则其值在函数内部不可用
  • 不要使用结束PHP分隔符(“?>”)关闭文件。如果在它后面出现意外的空格,可能会导致问题$_POST[\'submit\'] 已设置。还要检查其值。否则,您将运行任何提交按钮的检查
    • 以下是您针对上述各项的代码:

    /**
 * Plugin Name:       LD Login Form 
 * Plugin URI:        https://testsite.co.za
 * Description:       Empire Investment Login Form
 * Version:           1.0
 * Author:            Luthando
 * Author URI:        https://testsite.co.za
 */

// Hooks, etc.
add_action( \'init\', \'luecustom_form_process\' );
add_shortcode(\'luthandoLog\', \'luecustom_form\');


function luecustom_form( $atts, $content, $tag ) {

    // Make sure you pick up the global $errMessage
    global $errMessage;

    // Don\'t echo/print your HTML in a shortcode. 
    // Instead put your HTML into $content to return at the end.
    $content = \'<form action="\' . $_SERVER[\'REQUEST_URI\'] . \'" method="post" style="color: #fff">
      <div class="form-group">
        <label for="email">Email address:</label>
        <input name="email" type="email" class="form-control" id="email">
      </div>
      <div class="form-group">
        <label for="pwd">Password:</label>
        <input name="pass" type="password" class="form-control" id="pwd">
      </div>
      <div class="form-group form-check">
        <label class="form-check-label">
         <a style="color: #08a873" href="#"> Forgot Password? </a>    </label>
      </div>
      <input style="background: #08a873; margin-top: 5px; width: 100%" type="submit" class="btn btn-primary btn-lg active" role="button" aria-pressed="true" value="Login" />

      <div class="alert alert-danger" role="alert">\' . $errMessage . \'</div>

    </form>\';

    return $content;
}


function luecustom_form_process() {

    /*
     * You don\'t need $wpdb because you don\'t need to query the db directly
     * You DO need to globalize $errMessage so it can be used in your shortcode.
     * Do this before the "if" so that you have a defined variable
     * regardless of whether post is submitted or not. Otherwise
     * you may get an undefined variable notice in the shortcode result.
     */ 
    global $errMessage;
    $errMessage = "";

    if(isset($_POST[\'submit\']) && \'Login\' == $_POST[\'submit\'] ) {

        // Sanitize email
        $email = sanitize_email( $_POST[\'email\'] );
        // Don\'t sanitize password because it may contain characters that would be removed. 
        // It\'s going to be hashed for comparison anyway.
        $pass = $_POST[\'pass\']; 

        // Get the user by their email address
        $user = get_user_by( \'email\', $email );

        // Check if the posted password is the same as the user\'s hashed password.
        $validate_pass = wp_check_password( $pass, $user->user_pass );

        // If the user validates (wp_check_password() returns true), then...
        if( $validate_pass ){

            header("Location: https://dhetcodesigns.000webhostapp.com/?page_id=5");
            exit;

        }else{
            $errMessage = "Incorrect username/password";
        }

    }
}

    标签: php   plugin-development   html   小码农  

    相关推荐

    搜索查询请帮助|CALL_USER_FUNC_ARRAY()要求参数1是有效的回调php

    主要问题是我的搜索查询在博客页面上的输出与查询的输出不正确。在wordpress admin中,最相关的列在第一位,但在第页上输出了DESC。我有这个函数的代码,phpfunction change_posts_order( $query ) { if ( $query-is_home() && $query-is_main_query() ) { $query-set( \'orderby\', \'title\' ); $query-set( \'order\'