My goal is to show an error message when i check if the user is locked or not, the problem is that when the function ends, it redirects to the page that must appear after succesfull login. Objectives:
- Check if the user is locked "solved"
- If it is, create the error message
- Display the error message in the page that must appear after succesfull login.
Here is the relevant code i have at the moment:
function userLockedControl($user_login, $user) {
$sitesManager = \VirtualReal\Web\SitesManager::getInstance();
$vrapi = \VirtualReal\NATS\VRAPI::getInstance();
$nats_user_locked = $vrapi->get("xxxxxxxxxxxxxxxxx");
$user_is_locked = $nats_user_locked["locked"];
//$lock_message = "<div class='natsLoginError'><span>Dear user, Your account has been blocked because an strange behaviour. Please, contact with [email protected]</span></div>";
if($user_is_locked == 0){
//Cerrar sesion del usuario y mostrar el mensaje de error
function doer_of_stuff() {
return new WP_Error( 'broke', __( "I've fallen and can't get up", "my_textdomain" ) );
}
$return = doer_of_stuff();
if( is_wp_error( $return ) ) {
echo $return->get_error_message();
}
}
}
add_action('wp_login', 'userLockedControl', 10, 2);
My goal is to show an error message when i check if the user is locked or not, the problem is that when the function ends, it redirects to the page that must appear after succesfull login. Objectives:
- Check if the user is locked "solved"
- If it is, create the error message
- Display the error message in the page that must appear after succesfull login.
Here is the relevant code i have at the moment:
function userLockedControl($user_login, $user) {
$sitesManager = \VirtualReal\Web\SitesManager::getInstance();
$vrapi = \VirtualReal\NATS\VRAPI::getInstance();
$nats_user_locked = $vrapi->get("xxxxxxxxxxxxxxxxx");
$user_is_locked = $nats_user_locked["locked"];
//$lock_message = "<div class='natsLoginError'><span>Dear user, Your account has been blocked because an strange behaviour. Please, contact with [email protected]</span></div>";
if($user_is_locked == 0){
//Cerrar sesion del usuario y mostrar el mensaje de error
function doer_of_stuff() {
return new WP_Error( 'broke', __( "I've fallen and can't get up", "my_textdomain" ) );
}
$return = doer_of_stuff();
if( is_wp_error( $return ) ) {
echo $return->get_error_message();
}
}
}
add_action('wp_login', 'userLockedControl', 10, 2);
2 Answers
Reset to default 1Main problem with your code is that you use wp_login action. The wp_login action hook is triggered when a user logs in by the wp_signon() function. It is the very last action taken in the function, immediately following the wp_set_auth_cookie() call.
So first of all - the user is already authenticated and his auth cookie is already set - so he's basically logged in.
Another problem is that your action is called before any HTML is printed - so if you echo anything in it, then this output will be printed before opening <html> tag.
If you want to prevent user from logging in and display some errors, you should use authenticate filter instead.
It is called during authenticating user:
/**
* Filters whether a set of user login credentials are valid.
*
* A WP_User object is returned if the credentials authenticate a user.
* WP_Error or null otherwise.
*
* @since 2.8.0
* @since 4.5.0 `$username` now accepts an email address.
*
* @param null|WP_User|WP_Error $user WP_User if the user is authenticated.
* WP_Error or null otherwise.
* @param string $username Username or email address.
* @param string $password User password
*/
$user = apply_filters( 'authenticate', null, $username, $password );
So you can use it like so:
function userLockedControl( $user, $username, $password ) {
// ... rest of your code here
if ($user_is_locked == 0 ) {
return new WP_Error( 'broke', __( "I've fallen and can't get up", "my_textdomain" ) ); // you don't need all those functions returning errors and so one - just return an instance of the WP_Error instead of WP_User
}
}
add_filter( 'authenticate', 'userLockedControl', 10, 3 );
Solved, the wp_authenticate_user filter hook instead is better, because it's used to perform additional validation/authentication any time a user logs in to WordPress. That was just what i needed, because i wanted to deny from login if my condition was false adding extra validation. This is the functional code:
function userLockedControl( $user, $password ) {
require 'config.php';
$sitesManager = \VirtualReal\Web\SitesManager::getInstance();
$vrapi = \VirtualReal\NATS\VRAPI::getInstance();
$nats_user_locked = $vrapi->get("xxxx");
$user_is_locked = $nats_user_locked["locked"];
$lock_message = "Dear user, Your account has been blocked because an strange behaviour. Please, contact with [email protected]";
if ($user_is_locked == 0 ) {
return new WP_Error( 'broke', __( $lock_message, "my_textdomain" ) );
}
return $user;
}
add_filter( 'wp_authenticate_user', 'userLockedControl', 10, 2 );
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1745673357a4639539.html
评论列表(0条)