by mikotoiii » Thu May 19, 2016 12:48 pm
The only plugins that we have security wise would be Akismet, and Block Disposable Email. We weren't allowing people to register accounts for our wordpress side until now, and even then it's technically going to be through phpbb3 that they register.
As far as ajax, the only thing that I can think of is that our theme could interfere, though it seems that for the login portion that it posts information directly to the wp-login.php page.
Here's the form that is used on the front side:
Code: Select all
<form name="LoginWithAjax_Form" id="LoginWithAjax_Form" action="http://mysite.com/wp-login.php?" method="post">
<input type="text" name="log" placeholder="Username" id="lwa_user_login" class="input" value="" />
<input type="password" placeholder="Password" name="pwd" id="lwa_user_pass" class="input" value="" />
<input name="rememberme" type="checkbox" id="lwa_rememberme" value="forever">
<label>Remember Me</label>
<a id="LoginWithAjax_Links_Remember" href="http://mysite.com/wp-login.php?action=lostpassword" title="Password Lost and Found">Lost your password?</a>
<button type="submit" class="button-small" name="wp-submit" id="lwa_wp-submit" value="GO " tabindex="100" >GO </button>
<input type="hidden" name="redirect_to" value="http://mysite.com" />
<input type="hidden" name="lwa_profile_link" value="" />
</form>
For logging out from the WP side, our theme is using the following link:
http://mysite.com/wp-login.php?action=l ... ca12cc216b
This seems to cause a redirect loop that requires a purging of the cookies to fix. I'm guessing that it has to do with the wp and phpbb session keys not being properly unset. Logging out from the phpbb3 side properly logs the user out, though it comes with the same caveat as my other post, that it doesn't update the wp admin menu at the top until you refresh the page.
The only plugins that we have security wise would be Akismet, and Block Disposable Email. We weren't allowing people to register accounts for our wordpress side until now, and even then it's technically going to be through phpbb3 that they register.
As far as ajax, the only thing that I can think of is that our theme could interfere, though it seems that for the login portion that it posts information directly to the wp-login.php page.
Here's the form that is used on the front side:
[code]<form name="LoginWithAjax_Form" id="LoginWithAjax_Form" action="http://mysite.com/wp-login.php?" method="post">
<input type="text" name="log" placeholder="Username" id="lwa_user_login" class="input" value="" />
<input type="password" placeholder="Password" name="pwd" id="lwa_user_pass" class="input" value="" />
<input name="rememberme" type="checkbox" id="lwa_rememberme" value="forever">
<label>Remember Me</label>
<a id="LoginWithAjax_Links_Remember" href="http://mysite.com/wp-login.php?action=lostpassword" title="Password Lost and Found">Lost your password?</a>
<button type="submit" class="button-small" name="wp-submit" id="lwa_wp-submit" value="GO " tabindex="100" >GO </button>
<input type="hidden" name="redirect_to" value="http://mysite.com" />
<input type="hidden" name="lwa_profile_link" value="" />
</form>[/code]
For logging out from the WP side, our theme is using the following link:
http://mysite.com/wp-login.php?action=logout&redirect_to=http%3A%2F%2mysite.com&_wpnonce=ca12cc216b
This seems to cause a redirect loop that requires a purging of the cookies to fix. I'm guessing that it has to do with the wp and phpbb session keys not being properly unset. Logging out from the phpbb3 side properly logs the user out, though it comes with the same caveat as my other post, that it doesn't update the wp admin menu at the top until you refresh the page.