Having fun with WordPress login. Box or not.
Posted by Leonid Mamchenkov on August 12, 2007
Graphic designer David Airey recently posted a nice tip on how to customize the look of the WordPress login box. While it’s easy to apply and quite handy for a number of situations as it is, I’d like to take it a bit further.
Update: here is another take at customizing WordPress login (Binary Moon)- clean, simple, and with its own plugin.
First of all, if you are following David’s instructions, keep in mind that WordPress login box is not just an image or two. It has a style of its own. That style covers the “Username”, “Password”, and “Remember me” strings, and an error message, which appears when you enter an incorrect username or password. That style assumes a dark background. So if you will make your own images with light background, you might have some troubles seeing those strings. The error message being the easiest to forget about.
There are a few ways to work around this issue.
The plugin way
Perhaps, the easiest and simplest way is to have a plugin, which loads your custom style. WordPress has an action hook called ‘login_head‘ which is executed before the </head> tag of the login page is printed out. Here is an example with the simplistic style change. Feel free to go wild.
The custom login procedure
Another way to go about this issue is to replace the login screen with your own. All you need to know about how WordPress does it, you can learn from the wp-login.php file in the root folder of your WordPress installation. Basically, it just defines what to do when
- user wants to login
- user wants to logout
- user forgot password
- user resets password
- user wants to register (hint: custom registration forms)
You can start by copying wp-login.php (into my-login.php or just login.php or whatever you decide to call it). Once you have it working properly, you can edit the .htaccess file (you probably have it there already for your fancy URLs’ mod_rewrite rules anyway), and add a redirection from the old wp-login.php to your own version.
Non-admin member area
And, of course, nobody forces you to use WordPress login box on your web site anyway. It’s fine for most blogs to have a login page, which redirects the user to the administration interface upon successful login. But it’s not always what you want to do.
There are many web sites out there, that allow users to register, login, and see the same web site (not an administration interface) with a few more options. If you are building a web site with WordPress platform, you can have that too.
First of all, see how WordPress logs user in. Open the wp-login.php file around line 166. That’s where it starts. If you run your eyes through the next few lines, you’ll notice the following interesting bits:
- an action hook ‘wp_authenticate‘ (hint: you can plugin your functionality in here)
- wp_login() function call (hint: is there anything else I should tell you about?)
- an action hook ‘wp_login‘ and wp_redirect() function call (hint: both are upon successful login)
- wp_get_cookie_login() function call (hint: this is how you get login info from cookie)
- wp_setcookie() function call (hint: is there anything you want to save?)
Altogether, those are about 30 lines of code that you should spend some time understanding. Once you have them figured out, there is nothing you cannot do with WordPress login procedure - custom screens, redirects, security logs - all these are in your power.
August 12, 2007 at 4:26 am
tell me what do you think about this one:
http://www.shayowo.com/wp-login.php
August 12, 2007 at 4:32 am
wangjel,
looks nice. A couple of issues that I’ve noticed with it are - a “Back to” link doesn’t have the site’s name and the error message on incorrect login looks kind of rough. I guess it’s the default WordPress style, which doesn’t fit your design. Fix those two and you’ll have a really cool login box. :)
August 12, 2007 at 9:07 am
Thanks for the tips! redesigned mine now to to mimic the theme of the whole site. http://www.thejesusmyth.com/wp-login.php
August 12, 2007 at 11:46 am
Cool! :)
August 12, 2007 at 2:32 pm
Hi Leonid,
Thanks very much for the mention. It’s always nice to know that I’m producing something of interest over on my blog.
Those are some pretty comprehensive tips you give! Kudos.
August 12, 2007 at 10:13 pm
Great job!
The best tuning :-)
August 13, 2007 at 2:59 am
[...] Having fun with WordPress login. Box or not. Graphic designer David Airey recently posted a nice tip on how to customize the look of the WordPress login box. While […] [...]
August 13, 2007 at 3:33 am
[...] Having fun with WordPress login. Box or not. Graphic designer David Airey recently posted a nice tip on how to customize the look of the WordPress login box. While […] [...]
August 13, 2007 at 5:02 pm
That’s a really nice tip. Thanks Leonid!
August 13, 2007 at 8:21 pm
Marios,
glad to see you here :)
August 14, 2007 at 4:17 pm
I’m using the binarymoon plugin (I ran across that a few days ago), which makes the process of simply theming your login page very simple and keeps you out of the code.
It works great - except for the link to WordPress (http://digivation.net/wp-login.php) - a user would expect that clicking on the logo would take you back to the site’s homepage, not to WordPress. Thanks for providing the suggestion of creating a new login page, as I didn’t think of that (in my brief study I looked at possible hooks for the login page but didn’t find any way to easily change that link).
Another option is creating a widget (wink wink) that allows users to login directly from any page on the site, without the need to visit a separate page. Add a little AJAX majik to the mix and you’ve just improved the login experience of WordPress…
August 14, 2007 at 4:27 pm
oh and this plugin is good for managing your 301 redirects (and keeping track of all those 404 errors)
August 14, 2007 at 5:45 pm
Matthew,
here is a plugin which does AJAX-ified login box:
http://bösmos.se/ajaxlogin/?p=4
Sounds like something you might be interested in. :)
August 14, 2007 at 6:51 pm
ahh yes… I seem to remember running across that…and I think (for the sake of knowledge) that I’ll get busy writing a non-AJAX login widget - sounds like something fun to tackle over my lunch break!
August 15, 2007 at 11:13 pm
Is there a way I can require my wordpress users to login to view index.php? I run a private blog (restricted by .htaccess) and would also like to require account creation.
Here’s the workflow I’d like…
If user is not logged in, display wp-login.php.
After user is logged in, user is directed index.php
August 15, 2007 at 11:46 pm
Rossi,
yes, it is possible. There are a number of ways to accomplish this. I bet there are even plugins to do this. But if I was to implement it from scratch, I’d do it in the theme files.
We’ll cover user management and access levels in one of the upcoming posts…
August 23, 2007 at 8:29 pm
How to Create your Custom WordPress Login Image from Scratch
Although I agree that WordPress deserves all the publicity they can get, I want my site logo to show on the login screen, and not WordPress because it’s my site, and I want people to know that they are logging into my site. In this how to artic…
January 22, 2008 at 7:16 pm
This is a very neat tutorial, but how do you make it match the website, so that it looks like any normal page except that it has login content?
April 25, 2008 at 9:54 am
hi, i re-defined the wp_setcookie and wp_login function in mu-plugins…
when i am checking the isuer namd password(ldap) and making redirect..i got this error.. :(
The page isn’t redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
* This problem can sometimes be caused by disabling or refusing to accept
cookies.
pleaseeeeeeeeeeeeeeeeeeeee anyone can help….?