0

我正在制作一个插件,旨在通过限制用户进行的错误登录尝试次数来提高 wordpress 网站的安全性。

else if ($row[2] > $maxtries && $curdate < $row[4]){

            echo '<p>You have been blocked due to continued incorrect login attempts.</p>';
            echo $password;

            $denied_message = "SORRY MATE YA BLOCKED";
            WP_Error( 'denied_access',$denied_message);

        }

目前我只是得到一个带有阻塞回声的白屏(由 WP_Error 产生),我希望登录表单显示我自己的错误消息,就像在 wordpress 登录表单上已经完成的那样。非常感谢。

在此处输入图像描述

4

2 回答 2

0 
working code please usage in wordpress
add_filter('authenticate', 'check_login_submit', 40, 3);

function check_login_submit($user, $username, $password) {
    $WP_Error = new WP_Error();
    $WP_Error->add('my_error', '<strong>Error</strong>: Something went wrong.');
    return $WP_Error;
}
于 2018-01-31T11:04:49.253 回答
0

这是我使用的代码。将 1 == 1 替换为您的条件!

add_filter( 'authenticate', 'my_validate_login_form', 10, 3 );

function my_validate_login_form( $user, $username, $password ) {

    /**
     * If the username or password are not sent we do nothing (and return $user)
     * This way we avoid errors to be shown before the user clicks the button to log in
     */
    if ( ! isset( $username ) || '' == $username || ! isset( $password ) || '' == $password ) {
        return $user;
    }

    // Check if the conditions are true and show an error and cancel further processing if they are
    if ( 1 == 1 ) {
        remove_action( 'authenticate', 'wp_authenticate_username_password', 20 );
        remove_action( 'authenticate', 'wp_authenticate_email_password', 20 );
        $user = new WP_Error( 'denied', '<strong>ERROR</strong>: My awesome error here.' );
        return $user;
    }

    // Return $user to allow wordpress to check password and username
    return $user;

}
于 2018-01-30T16:14:49.310 回答