WordPress is deciding whether you are logged in or not by checking AUTH_COOKIE and LOGGED_IN_COOKIE. As you have noticed these cookies are set in the same, let,s say, A domain which your site is. Adding the same cookies to your second B domain would make your user logged in in two A and B domains. … Read more
You could do something like this: <?php add_action( ‘register_form’, function() { $get_type = filter_input( INPUT_GET, ‘type’, FILTER_SANITIZE_STRING ); if ( ! $get_type ) { return; } ?> <input type=”hidden” name=”type” value=”<?php echo esc_attr( $get_type ); ?>” /> <?php }); This will add the type parameter as a hidden field on the form if it is … Read more
Answers in comments here solved this one for me: Clear cookies for the site in your browser.
The main cause I’ve seen for this is incompatible plugins. Via FTP, either download and delete all your plugins, or rename the existing plugins folder to plugins-old (or whatever) and make a new plugins folder. After this, copy your plugins from the old folder to the new folder one by one until the problem reappears. … Read more
It’s definitely possible – I recently wrote a SSO plugin to allow users to be logged automatically into WP from a foreign system. I sketched out my approach in this question: SSO / authentication integration with external ‘directory service’
I worked long on this one. It is because of the WordPress remember me. Use this code in your theme’s functions.php and it should fix your issue: function myplugin_cookie_expiration( $expiration, $user_id, $remember ) { return $remember ? $expiration : 180; } add_filter( ‘auth_cookie_expiration’, ‘myplugin_cookie_expiration’, 99, 3 );
Most of the authentication functions are pluggable, meaning you can fully override the actual functions by simply defining them in a plugin which will be loaded before the pluggable.php file and provide the services you declare. Take a look at wp_authenticate and wp_check_password. They have filters and actions in them as well that should allow … Read more
You need to make sure that your code is executed before auth_redirect() is called. In simple words, you need to hook the whole function using setup_theme action. It worked in my case.
I like your solution checking the coockie from the .htaccess this will give a much quicker loading solution then my solution. .htaccess <IfModule mod_rewrite.c> RewriteEngine On # Rules to prevent php execution in uploads RewriteRule ^(.*)/uploads/(.*).php(.?) – [F] #redirect all FILES for login check (excluding PHP) RewriteCond !^(.*)/uploads/([0-9]+/.*)\.php(.?)$ – [NC] RewriteRule ^(.*)/uploads/([0-9]+/.*)\.* /wordpress/file.php?img=$2 [L] </IfModule> … Read more
You can password protect individual pages and posts. Under the Publish section of the dashboard, look under the link for VISIBILITY. The default setting is PUBLIC, but you can change it to PRIVATE, which only you can see when you’re logged in, or PASSWORD PROTECTED, which requires you to enter a password when you are … Read more