Dieser Thread wurde gelöst. Hier ist eine Beschreibung des Problems und der Lösung.
Problem:
The issue here is that the user created a manual login form
<form name="loginform" id="loginform" action="https://mydomain.com/wp-login.php" method="post">
<div class="wp-success"></div>
<p class="login-username">
<label for="user_login">Your Email Address</label>
<input type="text" name="log" id="user_login" class="input" value="" size="20" />
</p>
<p class="login-password">
<label for="user_pass">Your Password</label>
<input type="password" name="pwd" id="user_pass" class="input" value="" size="20" />
</p>
<p class="login-submit">
<input type="submit" name="wp-submit" id="wp-submit" class="button-primary" value="Log In" />
<input type="hidden" name="redirect_to" value="https://mydomain.com/my-account/" />
</p>
<input type="hidden" name="wpv_login_form" value="on"/><input type="hidden" name="wpv_login_form_redirect_on_fail" value="https://mydomain.com/incorrect-password/" />
</form>
They wanted to know if this code was safe to use.
Solution:
Yes this is ok, the authentications are handled by the wordpress api itself so the form just serves as an interface to that API.
There shouldn't be any security issues.
This support ticket is created vor 6 Jahren, 4 Monaten. There's a good chance that you are reading advice that it now obsolete.
This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.
Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
| - | 9:00 – 12:00 | 9:00 – 12:00 | 9:00 – 12:00 | 9:00 – 12:00 | 9:00 – 12:00 | - |
| - | 13:00 – 18:00 | 13:00 – 18:00 | 13:00 – 18:00 | 14:00 – 18:00 | 13:00 – 18:00 | - |
Supporter timezone: America/Jamaica (GMT-05:00)
Dieses Thema enthält 2 Antworten, hat 2 Stimmen.
Zuletzt aktualisiert von vor 6 Jahren, 4 Monaten.
Assistiert von: Shane.
