I created a login form in the frontend with wp_login_form().
In my functions.php file I added an action to prevent the redirect to /wp-login.php if the login failed with
add_action(‘wp_login_failed’, ….
As it turns out the action only hooks if the username and password fields are filled in. If one of them is left empty I still get redirected to wp-login.php.
Is there a possibility to check if both fields are filled in to prevent the redirect?
Thanks
Julian
2 Answers
Add this filter to change how blank username/password is treated:
add_filter( 'authenticate', 'custom_authenticate_username_password', 30, 3);
function custom_authenticate_username_password( $user, $username, $password )
{
if ( is_a($user, 'WP_User') ) { return $user; }
if ( empty($username) || empty($password) )
{
$error = new WP_Error();
$user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
return $error;
}
}
And then your original redirect on wp_login_failed will work with blank username/password as well.