scobatron
Forum Replies Created
-
Forum: Fixing WordPress
In reply to: Auto update deleted my codeThank you all for your help. I sort of went against what you told me, but the solution I found is working, and *hopefully* won’t have any serious issues. I looked into OAuth at one point but decided it was overkill for me because my users don’t interact with word press through my application other than logging in. Once they are logged in I wrote my own php scripts to send user data to a database separate from word press. Here’s what I did in full:
-COPY wp-login.php into a file I’ll call ek-login.php. wp-login.php remains in its default form and is never edited. The only reason I’m doing this is because wp-login.php is a good template for a login form. The built-in error functions, password hashing, and input sanitization makes everything easy. I don’t wanna mess around with this theme stuff, I just wanna hard-code janky stuff that works. I’m a self-taught hobbyist doing a solo project, not a professional.
-ek-login.php has several changes to reference itself instead of wp-login (some instances of wp_login_url() changed to a hard-coded ek-login.php url). This was the main thing that broke when I simply renamed the file, but it’s fine now.
-ek-login.php redirects to some custom scripts that send a response back to my application, then it redirects to logout and closes (my application doesn’t need the user to be considered “logged in” as a cookie)
-all the navigation is changed and some of it is hard-coded. There is no log-out button. The registration link opens a full browser window with the normal registration page.
-The security of all of this is a lot more robust than I have detailed here; don’t want to give too much away in case the wrong person ever reads this post.
Forum: Fixing WordPress
In reply to: Auto update deleted my codeThank you for your help also. Perhaps a solution (because I really am not a web developer and I’m winging it with the php–writing my own plugin sounds daunting) would be to install another “members”-type plugin and modify the page with code snippets? Or simply create another login-type page with Ultimate Member and modify it with code snippets rather than editing the base file?
All this assuming that simply renaming my edited wp-login.php to something else and using it will completely fix the problem? Because this was working fine until it got updated and erased.
Forum: Fixing WordPress
In reply to: Auto update deleted my codeI appreciate your help. Using the plugin Ultimate Member, the login page within my website is completely separate from wp-login. wp-login.php is not a part of my website’s normal architecture whatsoever.
the only time wp-login.php is ever accessed is from within my application, which directly references the URL (ex: https://example.com/wp-login.php)
my website login URL is https://example.com/login/2 separate logins here – one is for logging into the actual website, the other is for authenticating a login from within my application.
The act of renaming it is only so it doesn’t get rewritten again. I’ll keep a default wp-login.php page in the directory but it will never get used.
Does that make sense?
Forum: Fixing WordPress
In reply to: Auto update deleted my codeThis is confusing to me and I’m trying to understand. I’m not sure that editing the functions.php is in my interest because I don’t want to modify the behavior of my normal login page, and the link you gave says you can make a custom login page using wordpress functions, which essentially is what my edited page is–I’m using wordpress login functions but then redirecting to custom pages that do (secret) checks to send a response back to my application so the app can consider the user logged in (this is not stored as a cookie).
To be perfectly clear, the wp-login.php I edited is not meant to ever be accessed anywhere except from within my application and it’s not meant to have any functionality otherwise. Web browsers do not have access to it. I don’t want to change the behavior of login forms that exist in the website.
I guess my question is, how is what I’m doing different from writing a new custom login page from scratch using wordpress functions? and what specific problems should i be worried about after I copy/rename my wp-login file?
Forum: Fixing WordPress
In reply to: Auto update deleted my codeThank you for the quick reply. I am very lucky that HostGator is currently assisting me in getting back my wp-login.php file. When i get it restored i think i’ll just copy/rename it, then revert the original to its default. I edited the code so much that I literally am just using the page to check if the login information is correct, then it sends a response back to my application and closes itself. it can’t even create cookies or be used as a standard login page on the website anymore. I have a separate website login page contained in a plugin.
Do you think i’ll run into problems using this method or will it be fine? (after i rename it)