[buddypress-trac] [BuddyPress Trac] #7507: buddypress logout button for menu
buddypress-trac
noreply at wordpress.org
Wed Apr 19 16:27:45 UTC 2017
#7507: buddypress logout button for menu
--------------------------+-----------------------------
Reporter: masoud1111 | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Core | Version: 2.8.2
Severity: normal | Keywords:
--------------------------+-----------------------------
hello.
i have disabled backend login/resetpass/signup for all users. (no wp-
login.php)
1 - for more security
2 - because i want to use my custom pages
with these codes in functions.php:
{{{
function possibly_redirect(){
global $pagenow;
if( 'wp-login.php' == $pagenow ) {
if ( isset( $_POST['wp-submit'] ) || // in case of LOGIN
( isset($_GET['checkemail']) && $_GET['checkemail']=='confirm') ||
// in case of LOST PASSWORD
( isset($_GET['checkemail']) &&
$_GET['checkemail']=='resetpassword') || // in case of LOST PASSWORD
( isset($_GET['checkemail']) && $_GET['checkemail']=='registered') )
return; // in case of REGISTER
elseif ( is_user_logged_in() && ( isset($_GET['action']) &&
$_GET['action']=='logout') ) return;
else { // force them to 404
global $wp_query;
$wp_query->set_404();
status_header( 404 );
get_template_part( 404 );
exit();
}
}
}
add_action('init','possibly_redirect');
add_action( 'init', 'signup_redirect_remove_init', 9 );
function signup_redirect_remove_init(){
remove_action( 'bp_init', 'bp_core_wpsignup_redirect' );
add_filter('option_users_can_register', function($value) {
$script = basename(parse_url($_SERVER['SCRIPT_NAME'], PHP_URL_PATH));
if ($script == 'wp-login.php') {
$value = false;
}
return $value;
});
add_filter('redirect_canonical', 'bs_no_redirect_404');
function bs_no_redirect_404($redirect_url)
{ if (is_404()) {
return false;
}
return $redirect_url;
}
add_action('init', 'remove_default_redirect');
add_filter('auth_redirect_scheme', 'stop_redirect', 9999);
function stop_redirect($scheme)
{
if ( $user_id = wp_validate_auth_cookie( '', $scheme) ) {
return $scheme;
}
global $wp_query;
$wp_query->set_404();
status_header( 404 );
get_template_part( 404 );
exit();
}
function remove_default_redirect()
{
remove_action('template_redirect', 'wp_redirect_admin_locations',
1000);
}
// for masking the logout url
add_filter( 'logout_url', 'new_custom_logout_url', 10, 2 );
add_action( 'wp_loaded', 'new_custom_logout_action' );
/**
* Replace default log-out URL.
* @wp-hook logout_url
* @param string $logout_url
* @param string $redirect
* @return string
*/
function new_custom_logout_url( $logout_url, $redirect )
{
$url = add_query_arg( 'logout', 1, home_url( '/' ) );
$redirect = home_url();
if ( ! empty ( $redirect ) )
$url = add_query_arg( 'redirect', $redirect, $url );
return $url;
}
/**
* Log the user out.
* @wp-hook wp_loaded
* @return void
*/
function new_custom_logout_action()
{
if ( ! isset ( $_GET['logout'] ) )
return;
wp_logout();
$loc = isset ( $_GET['redirect'] ) ? $_GET['redirect'] : home_url( '/'
) ;
wp_redirect( $loc );
exit;
}
}}}
all the plugins are off + 2017 theme.
from Dashboard > Appearance > Menus > Buddypress > Logged-in > add logout
button to menu
the button must only be visible to logged-in users.
how ever if you go to this page (/wp-admin) as a visitor (not logged in),
you will see the button! and you can click on it.
this url as an example:
'''www.example.com/wp-admin'''
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/7507>
BuddyPress Trac <http://buddypress.org/>
BuddyPress Trac
More information about the buddypress-trac
mailing list