Wordpress: step by step how to create their own login
Friday, October 24, 2008 In this tutorial we'll see how to create a personal login procedure, also using Ajax functionality using jQuery. There are several ways to customize the login of WordPress, for example through the use of hooks and filters add_action() add_filter() Here we will use a more low level, although there still Interface to the Kernel of WordPress. Furthermore we will make sure to validate a user through the dupla email / password.
Why create their own login?
- In some contexts it may have the most control of Interest back to the login page, to propose a custom layout to our registered users. You can also enrich the page with useful information, from a logo to the classic "Forgot your password?
- To allow access via the email (as in the example dealt with here) instead of
user_loginstandard Wordpress - To have the opportunity to enter a login panel in the sidebar of our blog
- And finally, to have a skeleton - and an idea - for a great plugin
Environment
In our example / tutorial will work on the root of WordPress in a folder mylogin Create two php files within this folder: index.php and logon.php The first will contain the interface of our log, with all functions Javascript / jQuery we need. The second file, logon.php will contain the code to validate the user. Then create a folder css and inside this file layout.css and a folder images Inside the images folder will put a classic Ajax loader: create it online AjaxLoad.info. The end you should have:
- MyLogin
- index.php
- logon.php
- css
- layout.css
- images
- ajax-loader.gif
index.php
This file shows the form of access through a form with two fields input email and password:
- "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd" > DOCTYPE html PUBLIC "- / / W3C / / DTD XHTML 1.0 Transitional / / EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- "http://www.w3.org/1999/xhtml" > <Html xmlns = "http://www.w3.org/1999/xhtml">
- <Head>
- equiv = "Content-Type" content = "text/html; charset=utf-8" /> <Meta http - equiv = "Content-Type" content = "text / html; charset = utf-8" />
- myLogin Demo </ title > <Title> myLogin Demo </ title>
- "text/javascript" src = "http://www.google.com/jsapi" ></ script > <Script type = "text / javascript" src = "http://www.google.com/jsapi"> </ script>
- "text/javascript" > google . load ( "jquery" , "1.2.6" ) ;</ script > <Script type = "text / javascript"> google. Load ( "jquery", "1.2.6") </ script>
- "text/javascript" > <Script type = "text / javascript">
- <! --
- google. setOnLoadCallback (
- function () (
- / / Puts the focus on the first input when the page is
- / / Load
- "mylogin" ] . email . focus ( ) ; document. Forms [ "MyLogin"]. email. focus ();
- )
- )
- / **
- * Display information error / warning on our
- * Login form
- * /
- str ) { showError function (str) (
- ) . html ( '<h2>' + str + '</h2>' ) . slideDown ( ) ; $ ( 'Div # error'). Html ( '<h2>' + str + '</ h2>'). SlideDown ();
- )
- / **
- * Validation of data provided in the login form. If all
- * Is correct, the data will be sent to the page logon.php
- * Through Ajax
- *
- * @ Author Giovambattista Fazioli
- * @ Email @ g.fazioli undolog.com
- * @ Web http://www.undolog.com
- * /
- checkLogin function () (
- document . forms [ "mylogin" ] ; var f = document. Forms [ "MyLogin"];
- ^ ( [ \w - ] + ( ? : \ . [ \w - ] + ) * ) @ ( ( ? : [ \w - ] + \ . ) * \w [ \w - ] { 0 , 66 } ) \ . ( [ a - z ] { 2 , 6 } ( ? : \ . [ a - z ] { 2 } ) ? ) $ / i ; var __filter = / ^ ([\ w -] + (?: \. [\ w -] +) *) @ ((?: [\ w -] + \.) * \ w [\ w -] (0 , 66)) \. ([a - z] (2, 6) (?: \. [a - z] (2))?) $ / i;
- / /
- ) . slideUp ( $ ( 'Div # error'). SlideUp (
- function () (
- / /
- f . email . value == '' ) { if (f. email. value =='') (
- ) ; showError ( 'You did not enter l \' email ');
- focus ( ) ; f. email. focus ();
- ; return false;
- )
- ! __filter . test ( f . email . value ) ) { if (! __filter. test (f. email. value)) (
- ) ; showError ( 'The email field is invalid');
- select ( ) ; f. email. select ();
- focus ( ) ; f. email. focus ();
- ; return false;
- )
- f . password . value == '' ) { if (f. password. value =='') (
- ) ; showError ( 'You did not enter the password');
- focus ( ) ; f. password. focus ();
- ; return false;
- )
- ) . show ( 'slow' ) ; $ ( 'Div # ajax-loader'). Show ( 'slow');
- ) . css ( 'cursor' , 'wait' ) ; $ ( 'Body'). Css ( 'cursor', 'wait');
- / / Sending data through POST logon.php Ajax
- 'logon.php' , { email : f . email . value , password : f . password . value } , $. Post ( 'logon.php', (email: f. Email. Value, password: f. Password. Value),
- data ) { function (data) (
- ) . hide ( 'slow' ) ; $ ( 'Div # ajax-loader'). Hide ( 'slow');
- ) . css ( 'cursor' , 'default' ) ; $ ( 'Body'). Css ( 'cursor', 'default');
- data ) { switch (data) (
- : case '0 ':
- / / Access allowed
- href = 'http://mioblog.com/' ; document. location. href = 'http://mioblog.com/';
- break;
- : case '-1':
- ) ; showError ( 'Access Denied. Email or Password Incorrect');
- break;
- : case '-2':
- ) ; showError ( 'Wrong data: Attempt to Hack');
- break;
- )
- )
- )
- / / Cut-off Submit
- ; return false;
- )
- )
- ; return false;
- )
- / / ->
- </ script>
- "stylesheet" href = "css/layout.css" type = "text/css" media = "screen, projection" /> <Link rel = "stylesheet" href = "css / layout.css" type = "text / css" media = "screen, projection" />
- </ Head>
- <Body>
- "login" > <Div id = "login">
- "logo" >< h1 title = "myLogin" >< span > myLogin </ span ></ h1 ></ div > <Div id = "logo"> <h1 title = "myLogin"> <span> myLogin </ span> </ h1> </ div>
- "error" style = "display:none" >< h2 >...</ h2 ></ div > <Div id = "error" style = "display: none"> <h2 >...</ h2> </ div>
- "mylogin" name = "mylogin" method = "post" action = "logon.php" onsubmit = "return( checkLogin() )" > <Form id = "MyLogin" name = "MyLogin" method = "post" action = "logon.php" onsubmit = "return (checkLogin ())">
- "100%" border = "0" cellspacing = "8" cellpadding = "4" > <Table width = "100%" border = "0" cellspacing = "8" cellpadding = "4">
- <Tr>
- "right" >< label for = "email" > email :</ label ></ td > <Td align = "right"> <label for = "email"> email: </ label> </ td>
- input type = "text" name = "email" id = "email" /></ td > <Td> <input type = "text" name = "email" id = "email" /> </ td>
- </ Tr>
- <Tr>
- "right" >< label for = "password" > password :</ label ></ td > <Td align = "right"> <label for = "password"> Password: </ label> </ td>
- input type = "password" name = "password" id = "password" /></ td > <Td> <input type = "password" name = "password" id = "password" /> </ td>
- </ Tr>
- <Tr>
- "2" align = "center" >< input type = "submit" name = "send" id = "send" value = "Invia" /></ td > <Td colspan = "2" align = "center"> <input type = "submit" name = "send" id = "send" value = "Submit" /> </ td>
- </ Tr>
- </ Table>
- "ajax-loader" style = "display:none" >< img src = "css/images/ajax-loader.gif" /></ div > <Div id = "ajax-loader" style = "display: none"> <img src = "css / images / ajax-loader.gif" /> </ div>
- </ Form>
- </ Div>
- </ Body>
- </ Html>
Note: the file
index.phpas you can see by looking at the code, could also be a normal HTML file. However, in the event that one day we want to insert some piece of PHP code, we already have the file extension.
The party JavaScript can:
- Perform a series of checks on the fields email and password (see also Validate email in Javascript and PHP)
- Blocks sending (on submit) automatic and uses Ajax via jQuery, to send data in
POSTatlogon.php
layout.css
The layout can fix it as best you believe. I propose a simple version to customize as you wish:
- body (
- , Helvetica , sans-serif ; font-family: Arial, Helvetica, sans-serif;
- 12px font-size: 12px
- )
- div # login table (
- 32px 0 0 0 ; margin: 32px 0 0 0;
- )
- div # error (
- 8px auto margin: 8px auto
- )
- div # error h2 (
- block ; display: block;
- #fc3 ; background: # FC3;
- 1px solid #f60 ; border: 1px solid # F60;
- 12px ; padding: 12px;
- 16px ; font-size: 16px;
- #a50 ; color: # a50;
- )
- div # ajax-loader (
- / * To change according to the type of
- Ajax loader that you downloaded
- * /
- 220px ; width: 220px;
- 0 auto ; margin: 0 auto;
- )
logon.php
Page logon.php is called directly by the use of Ajax from the page index.php seen before. In the version presented here, there are no controls on the "validity" of past data in POST; is done a simple check of "presence" via the function isset() However, given that the party is subject to various Javascript tampering, you can also add a further check on the server side / php. See in this regard Classes Javascript and PHP to validate un'indirizzo mail
- / **
- * Runs a user login and password by email Wordpress
- *
- * @ Author Giovambattista Fazioli
- * @ Email @ g.fazioli undolog.com
- * @ Web http://www.undolog.com
- * /
- / / Invoke WordPress bootstrap
- ( '../wp-config.php' ) ; @ Require_once ( '.. / wp-config.php');
- ( '../wp-includes/pluggable.php' ) ; @ Require_once ( '.. / wp-includes / pluggable.php');
- ( '../wp-includes/registration.php' ) ; @ Require_once ( '.. / wp-includes / registration.php');
- 0 ; $ error = 0;
- / / I connect to the database
- mysql_connect ( DB_HOST , DB_USER , DB_PASSWORD ) ; $ db = @ mysql_connect (DB_HOST, db_user, DB_PASSWORD);
- / / Select id DB
- / / Get ID and user_login via email
- "SELECT `ID`, `user_login` FROM `wp_users` $ q = "SELECT` id `,` user_login `FROM` `wp_users
- $_POST [ 'email' ] . "'" ; WHERE `user_email` = ' ". $ _POST [' Email ']."' ";
- mysql_query ( $q ) ; $row = mysql_fetch_array ( $wp_r ) ; $wp_n = mysql_num_rows ( $wp_r ) ; $ wp_r = mysql_query ($ q); $ row = mysql_fetch_array ($ wp_r); $ wp_n = mysql_num_rows ($ wp_r);
- / / Found
- $wp_n > 0 ) { if ($ wp_n> 0) (
- wp_authenticate ( $_POST [ 'email' ] , $_POST [ 'password' ] ) ; $ result = wp_authenticate ($ _POST [ 'email'], $ _POST [ 'password']);
- ! is_wp_error ( $result ) ) { if (! is_wp_error ($ result)) (
- [ "ID" ] , true ) ; wp_set_auth_cookie ($ row [ "ID"], true);
- , $row [ "user_login" ] ) ; do_action ( 'wp_login', $ row [ "user_login"]);
- ; echo "0";
- "-1" ; ) Else echo "-1";
- { ) Else (
- ; echo "-1";
- )
- { ) Else (
- ; echo "-2";
- )
This code allows a login similar to that done with the system Wordpress. It is interesting to note that the first thing to do is include the kernel of WordPress so you can use part of his duties. In this way we will be in effect a "piece" of WordPress. Being a file processed by Ajax, this resrituisce three values: 0, -1 and -2, respectively:
- everything ok, login allowed
- username or password
- Hacking attempt?
Related Post
Loading ... 
Excellent guide! Congratulations for the clarity and immediacy with which you express yourself
Apart from the improvements or utility, let's face it, customize it is always fun and enjoyable
Hi!
Are in the midst of creating my first blog using WordPress.
I have a lot of knowledge of linquaggi web programming, scripting and SQL.
However, not having experience with CMS, I found the problem in front of a search box to login to access the restricted members only.
Reading the article I understood the functionality of files and I have done everything to the letter, creating files and folders in the root of my webspace FTP files, including the "ajax-loader.gif" (I state that my ISP is Netsons) .
At this point, how to log in to see the sidebar? What else should I do?
Thanks in advance for the answers!
@ Sniper Wolf: Thanks!
It's always nice that someone appreciates the effort ...
@ EmaWebDesign: correct ... I wanted to write the same thing in the reasons but I see that you are perceived equally, without explicitly saying
@ Alexander: To view the log in the front end of your blog, you suffciente you play, with the necessary modifications to the layout, the contents of the file "index.php" by including, for example, in "sidebar". The important thing is to respect the logic of the operation but the form with fields
INPUT(email and password) you can basically put it anywhere you want.If you want to insert in "sidebar" of WordPress, for esemopio, just edit the file "sidebar.php" which is in the folder of your theme.
Previous Undolog.com [...] [...]
Hello! excuse the ignorance on .. but I need to input a registration form within my own site .. made in flash. Not knowing php programming could you give me some advice? E 'complex thing? Thank you!
@ David: If we talk of "registration form" I think once that you interact in some way with the server, such as registering users to a MySQL database. If so, you are unfortunately forced to use a "language" server side, such as PHP, ASP, etc ... The front-end, however, that the
formof registration, you can offer both Flash and HTML simple. This, ultimately, does nothing more than "send" data to the server that performs the actual recording; through PHP, ASP, etc ...The thing in itself is not "complex", but if you know a "minimum" programming could be at least difficult.
Hello ... congratulations for the site and the example ...
I did not understand a thing ... the form called post logon.php the file that makes the query and returns a result ... but where is the "caller" index.php takes the values that logon.php sends?
thanks!
@ Luciano:
Are taken from the form itself when the user compiles the data, ie when you enter username and password.
Interesting, I would usatoi but a little 'more' jQuery ...
For example, you could use instead of:
a more 'simple:
incidentally by jQuery:
well it means something 
"WRITE LASS DO MORE ...."
@ Santino Bivacqua:
is what I thought too. However, access to fields in a
formis pretty simple (and fast) even without using jQuery. Not that there is to optimize in this case, however access to:is of type array / index, and then more rapidly:
jQuery, in fact, must "flow" all the DOM before intercept 's
Also, if you want to apply some effect jQuery is it imperative to use your display 
inputcorrectly. Surely this is not a critical case, since the DOM (page) small, and then you can use either jQuery or easy access to the basic functionality of Javascript.However you're right, it is useful to write less
but sorry I do not know how it works internally jQuery, but I think that if you use the ID, starting with # jQuery understand and use
document.getElementById('id')then is not that jQuery through all the nodes until you find the one thing he need is the browser's JavaScript engine that is dedicated to providing the data .....maybe it only does so if you disclose the name of a class type
$('.class')since there is no equivalentgetElementByClassName.... unfortunatelyIn any case, pick one or the other, is just to have a unique way to program, since I know most do not use jQuery 'methods of DOM, much more' wordy ... I make an example, try to write with the methods of the DOM code to remove a row of a table with jQuery enough
Santino @ Bivacqua: Right
if the ID you are absolutely right ... would be interesting to run at the test ... almost ... 
wordpress el es muy bueno, pero no he encontrado the forma de bajar la carga que este en los servidores generates, aun estamos a problem solucionar en un portal de que entretenimeto generates with tan solo unas altas cargas UNICAS 10mil visitas por dia, alguien sabe you como solucionar esto espero la ayuda por que ni en wordpress tienen solucion a esto
This only happens to me or anyone who logs the script regardless of password field?
Hello, I came across your blog doing research in the login of WordPress and I must say that this tutorial - I congratulate you because it's done very well - I find it very useful, however, are slightly rusty in programming for this I wanted to ask, given that you know a fleet
If
I have a way to log on WordPress platform, and another private in the same instant.
Let me explain: I have this shelf in my closet that I will and I plan to do so through the login of this could, at the same time, run two log both the private platform to Wordpress (having identical user and pass on both) .
. Hello Nicola
At first I thought to include in your site a hidden form of private platform that would allow me to have a copy of data to log in so we say "sneaky" to Wordpress too but then I was struck by your guide and perhaps there a smarter way to send data and make sure to login to WordPress through some other site ... I do not know if I have explained myself well and I hope you answer me
@ Redemption: Hello Nicola, I know of course your private platform, but the procedure is certainly feasible. In theory, all the code that you server (for WordPress) is present in this post. What you have to decide just where do the "two" login contemporaries.
If you have full access to your platform, you may enter the code to access your private platform file logon.php proposed in this post, for example.
@ Giovambattista Fazioli:
Thanks for your answer!
I should begin to make this for yourself you have given me good hope for the implementation and I am grateful
.
I ask you one last thing, can I somehow create a user queries the user table directly from the database of wp, or are there other reports and keys to be created within the db?
As you understand I somehow also export the users from the private platform wp
.
nice guide but Nos Ola I realized a fundamental thing where I put all the files? wordpress folder? How do I?