联系前方录:微信/QQ:34419369QQ交流群:632528856
Skip to content
一、wordpress自定义登录页面全代码
<?php
/*
Template Name: 自定义登录页面
*/
if(!isset($_SESSION))
session_start();
if( isset($_POST['qfl_token']) && ($_POST['qfl_token'] == $_SESSION['qfl_token'])) {
$error = '';
$secure_cookie = false;
$user_name = sanitize_user( $_POST['log'] );
$user_password = $_POST['pwd'];
if ( empty($user_name) || ! validate_username( $user_name ) ) {
$error .= '错误:请输入有效的用户名。';
$user_name = '';
}
if( empty($user_password) ) {
$error .= '错误:请输入密码。';
}
if($error == '') {
// If the user wants ssl but the session is not ssl, force a secure cookie.
if ( !empty($user_name) && !force_ssl_admin() ) {
if ( $user = get_user_by('login', $user_name) ) {
if ( get_user_option('use_ssl', $user->ID) ) {
$secure_cookie = true;
force_ssl_admin(true);
}
}
}
if ( isset( $_GET['r'] ) ) {
$redirect_to = $_GET['r'];
// Redirect to https if user wants ssl
if ( $secure_cookie && false !== strpos($redirect_to, 'wp-admin') )
$redirect_to = preg_replace('|^http://', 'https://', $redirect_to);
} else {
$redirect_to = admin_url();
}
if ( !$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
$secure_cookie = false;
$creds = array();
$creds['user_login'] = $user_name;
$creds['user_password'] = $user_password;
$creds['remember'] = !empty( $_POST['rememberme'] );
$user = wp_signon( $creds, $secure_cookie );
if ( is_wp_error($user) ) {
$error .= $user->get_error_message();
} else {
unset($_SESSION['qfl_token']);
wp_safe_redirect($redirect_to);
}
}
unset($_SESSION['qfl_token']);
}
$rememberme = !empty( $_POST['rememberme'] );
$token = md5(uniqid(rand(), true));
$_SESSION['qfl_token'] = $token;
?>
<?php the_content(); ?>
<?php if(!empty($error)) {
echo '<p class="qfl-error">'.$error.'</p>';
}
if (!is_user_logged_in()) {
?>
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="stylesheet" href="<?php bloginfo('stylesheet_url'); ?>">
<title>注册页面</title>
</head>
<body class="login-page">
<div class="header-bg">
<div class="qfl-container qfl-container1">
<div class="header">
<div class="qfl-left">
<h3>
<span>前方录</span>
|
<span>登录账号</span>
</h3>
</div>
<div class="qfl-right">
<span>我已登录,现在就</span>
<span>
<a class="login" href="login.html">注册</a>
</span>
</div>
</div>
</div>
</div>
<div class="qfl-container qfl-container2">
<div class="qfl-wrap">
<div class="former">
<form name="loginform" method="post" action="<?php echo $_SERVER["REQUEST_URI"]; ?>" class="qfl-login">
<p>
<label for="log">用户名:</label>
<input id="log" name="log" class="input" value="<?php if(!empty($user_name)) echo $user_name; ?>" type="text" placeholder="请输入用户名"></p>
</p>
<p>
<label for="pwd">密码(至少6位):</label>
<input id="pwd" name="pwd" type="password" tabindex="21" class="input" placeholder="请输入密码">
</p>
<p class="forgetmenot">
<label for="rememberme"><input id="rememberme" name="rememberme" type="checkbox" value="1" <?php checked( $rememberme ); ?> > 记住我</label>
</p>
<p class="submit">
<input type="hidden" name="redirect_to" value="<?php if(isset($_GET['r'])) echo $_GET['r']; ?>" />
<input type="hidden" name="qfl_token" value="<?php echo $token; ?>" />
<input class="button button-primary button-large" type="submit" value="登录">
</p>
</form>
</div>
</div>
</div>
</body>
</html>
二、制作独立的wordpress登录页面需要的知识点:
- php函数isset():变量是否设置;
- php超级全局变量$_SESSION:存储用户信息的全局变量;
- php函数session_start():启用$_SESSION全局变量;
- php超级全局变量$_POST:存储从浏览器用post方式发送来的数据;
- wordpress函数sanitize_user():去除用户名的不安全字符;
- php函数empty():查看变量是否为空;
- wordpress函数validate_username():查看用户名是否有效
- wordpress函数force_ssl_admin():在管理页面是否启用ssl协议
- wordpress函数get_user_by():检索用户信息
- wordpress函数get_user_option()
- php超级全局变量$_GET存储浏览器用get方式传送过来的值
- php函数stros()查看指定的字符在字符串用的索引
- php函数preg_replace()替换字符串的指定字符为另一个字符
- wordpress函数admin_url()生成管理员“类别”的URL路径
- wordpress函数is_ssl()确认是否使用ssl
- wordpress函数force_ssl_login()该函数已废弃,请使用force_ssl_admin()
- wordpress函数wp_signon()使用“记住”功能对用户进行身份验证和记录。
- wordpress函数is_wp_error()检查变量是否是WordPress错误。
- wordpress函数get_error_message()获取单个错误消息。
- php函数unset()使变量失效
- wordpress函数wp_safe_redirect():执行安全重定向
- php函数md5()给字符进行md5加密
- php函数uniqid()用时间获得只唯一字符
- wordpress函数is_user_logged_in()查看用户是否是登录创态
- wordpress函数wp_logout_url()退出登录
- wordpress函数checked()元素是否被选中