#7507 closed defect (bug) (no action required)
buddypress logout button for menu
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 2.8.2 |
Component: | Core | Keywords: | |
Cc: |
Description
hello.
i have disabled backend login/resetpass/signup for all users. (no wp-login.php)
1 - for more security
2 - because i want to use my custom pages
with these codes in functions.php:
function possibly_redirect(){ global $pagenow; if( 'wp-login.php' == $pagenow ) { if ( isset( $_POST['wp-submit'] ) || // in case of LOGIN ( isset($_GET['checkemail']) && $_GET['checkemail']=='confirm') || // in case of LOST PASSWORD ( isset($_GET['checkemail']) && $_GET['checkemail']=='resetpassword') || // in case of LOST PASSWORD ( isset($_GET['checkemail']) && $_GET['checkemail']=='registered') ) return; // in case of REGISTER elseif ( is_user_logged_in() && ( isset($_GET['action']) && $_GET['action']=='logout') ) return; else { // force them to 404 global $wp_query; $wp_query->set_404(); status_header( 404 ); get_template_part( 404 ); exit(); } } } add_action('init','possibly_redirect'); add_action( 'init', 'signup_redirect_remove_init', 9 ); function signup_redirect_remove_init(){ remove_action( 'bp_init', 'bp_core_wpsignup_redirect' ); add_filter('option_users_can_register', function($value) { $script = basename(parse_url($_SERVER['SCRIPT_NAME'], PHP_URL_PATH)); if ($script == 'wp-login.php') { $value = false; } return $value; }); add_filter('redirect_canonical', 'bs_no_redirect_404'); function bs_no_redirect_404($redirect_url) { if (is_404()) { return false; } return $redirect_url; } add_action('init', 'remove_default_redirect'); add_filter('auth_redirect_scheme', 'stop_redirect', 9999); function stop_redirect($scheme) { if ( $user_id = wp_validate_auth_cookie( '', $scheme) ) { return $scheme; } global $wp_query; $wp_query->set_404(); status_header( 404 ); get_template_part( 404 ); exit(); } function remove_default_redirect() { remove_action('template_redirect', 'wp_redirect_admin_locations', 1000); } // for masking the logout url add_filter( 'logout_url', 'new_custom_logout_url', 10, 2 ); add_action( 'wp_loaded', 'new_custom_logout_action' ); /** * Replace default log-out URL. * @wp-hook logout_url * @param string $logout_url * @param string $redirect * @return string */ function new_custom_logout_url( $logout_url, $redirect ) { $url = add_query_arg( 'logout', 1, home_url( '/' ) ); $redirect = home_url(); if ( ! empty ( $redirect ) ) $url = add_query_arg( 'redirect', $redirect, $url ); return $url; } /** * Log the user out. * @wp-hook wp_loaded * @return void */ function new_custom_logout_action() { if ( ! isset ( $_GET['logout'] ) ) return; wp_logout(); $loc = isset ( $_GET['redirect'] ) ? $_GET['redirect'] : home_url( '/' ) ; wp_redirect( $loc ); exit; }
all the plugins are off + 2017 theme.
from Dashboard > Appearance > Menus > Buddypress > Logged-in > add logout button to menu
the button must only be visible to logged-in users.
how ever if you go to this page (/wp-admin) as a visitor (not logged in), you will see the button! and you can click on it.
this url as an example:
www.example.com/wp-admin
Change History (2)
Note: See
TracTickets for help on using
tickets.
@masoud1111 this is really something you should ask on the help forum, trac is for specific core issues and enhancements.
Ask the question on:
https://buddypress.org/support/
You'll get more eyes on the issue there.