Custom password form issue

  • christian70

    (@christian70)


    6 days, 2 hours ago

    Having a password protected page I used the password form in it.

    It works perfectly locally but online the form – after submitting – redirects to a blank page with wrong url mysiteurl/login.php?action=postpass. To fix it I had to add a hidden field to the form:

    $output .= '<input type="hidden" name="_wp_http_referer" value="' . get_permalink(). '">';

    It’s just like the form does not recognize the url from which the submit is activated without that extra field.

    It is a weird behaviour, isn’t it? Do anybody can help me to understand what’s due to?

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator bcworkz

    (@bcworkz)

    5 days, 20 hours ago

    The WP post password scheme normally relies upon the HTTP_REFERER header sent by your browser to know where to redirect to after validating the password. When such a header does not exist for any reason, the scheme will look for a _wp_http_referer form field for this information.

    Your browser is apparently sending such a header since the redirect works locally. Thus there’s something about your server configuration that’s preventing referrer headers from reaching PHP and WP. Probably some attempt at security or anonymizing users is at play.

    Thread Starter christian70

    (@christian70)

    5 days, 7 hours ago

    I thought it was related to server’s settings, some extensions activated or deactivated, some PHP values… the problem is that assistance by host was useless and I don’t have any clue about what I should set to fix it…

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.