#7507 closed defect (bug) (no action required)
buddypress logout button for menu
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | 2.8.2 |
| Component: | Core | Keywords: | |
| Cc: |
Description
hello.
i have disabled backend login/resetpass/signup for all users. (no wp-login.php)
1 - for more security
2 - because i want to use my custom pages
with these codes in functions.php:
function possibly_redirect(){
global $pagenow;
if( 'wp-login.php' == $pagenow ) {
if ( isset( $_POST['wp-submit'] ) || // in case of LOGIN
( isset($_GET['checkemail']) && $_GET['checkemail']=='confirm') || // in case of LOST PASSWORD
( isset($_GET['checkemail']) && $_GET['checkemail']=='resetpassword') || // in case of LOST PASSWORD
( isset($_GET['checkemail']) && $_GET['checkemail']=='registered') ) return; // in case of REGISTER
elseif ( is_user_logged_in() && ( isset($_GET['action']) && $_GET['action']=='logout') ) return;
else { // force them to 404
global $wp_query;
$wp_query->set_404();
status_header( 404 );
get_template_part( 404 );
exit();
}
}
}
add_action('init','possibly_redirect');
add_action( 'init', 'signup_redirect_remove_init', 9 );
function signup_redirect_remove_init(){
remove_action( 'bp_init', 'bp_core_wpsignup_redirect' );
add_filter('option_users_can_register', function($value) {
$script = basename(parse_url($_SERVER['SCRIPT_NAME'], PHP_URL_PATH));
if ($script == 'wp-login.php') {
$value = false;
}
return $value;
});
add_filter('redirect_canonical', 'bs_no_redirect_404');
function bs_no_redirect_404($redirect_url)
{ if (is_404()) {
return false;
}
return $redirect_url;
}
add_action('init', 'remove_default_redirect');
add_filter('auth_redirect_scheme', 'stop_redirect', 9999);
function stop_redirect($scheme)
{
if ( $user_id = wp_validate_auth_cookie( '', $scheme) ) {
return $scheme;
}
global $wp_query;
$wp_query->set_404();
status_header( 404 );
get_template_part( 404 );
exit();
}
function remove_default_redirect()
{
remove_action('template_redirect', 'wp_redirect_admin_locations', 1000);
}
// for masking the logout url
add_filter( 'logout_url', 'new_custom_logout_url', 10, 2 );
add_action( 'wp_loaded', 'new_custom_logout_action' );
/**
* Replace default log-out URL.
* @wp-hook logout_url
* @param string $logout_url
* @param string $redirect
* @return string
*/
function new_custom_logout_url( $logout_url, $redirect )
{
$url = add_query_arg( 'logout', 1, home_url( '/' ) );
$redirect = home_url();
if ( ! empty ( $redirect ) )
$url = add_query_arg( 'redirect', $redirect, $url );
return $url;
}
/**
* Log the user out.
* @wp-hook wp_loaded
* @return void
*/
function new_custom_logout_action()
{
if ( ! isset ( $_GET['logout'] ) )
return;
wp_logout();
$loc = isset ( $_GET['redirect'] ) ? $_GET['redirect'] : home_url( '/' ) ;
wp_redirect( $loc );
exit;
}
all the plugins are off + 2017 theme.
from Dashboard > Appearance > Menus > Buddypress > Logged-in > add logout button to menu
the button must only be visible to logged-in users.
how ever if you go to this page (/wp-admin) as a visitor (not logged in), you will see the button! and you can click on it.
this url as an example:
www.example.com/wp-admin
Change History (2)
Note: See
TracTickets for help on using
tickets.
@masoud1111 this is really something you should ask on the help forum, trac is for specific core issues and enhancements.
Ask the question on:
https://buddypress.org/support/
You'll get more eyes on the issue there.