function check_form_nonce($field) { $nonce = $_REQUEST['_wpnonce']; if (!wp_verify_nonce($nonce, $field)) { $flash_message = new Flash_Message(); $flash_message->set(__('Cheating?', 'wpcdi'), 'error'); $flash_message->flash_messages(); return; } }
private static function login_form() { $flash_messages = new Flash_Message(); $post = array(); if (isset($_POST['submit_user_login'])) { check_form_nonce('wp-custom-login'); $post = $_POST; if (self::submit_login_form($post)) { unset_post(); $post = array(); } } $password = array_get($post, 'password'); $remember_me = array_get($post, 'remember_me'); $username = array_get($post, 'username'); ?> <form method="post"> <?php $flash_messages->flash_messages(); ?> <?php wp_nonce_field('wp-custom-login'); ?> <div class="form-group"> <label for="username"><?php _e('Username', 'wp'); ?> </label> <input type="text" class="form-control" name="username" id="username" placeholder="username" value="<?php echo $username; ?> " required> </div> <div class="form-group"> <label for="password"><?php _e('Password', 'wp'); ?> </label> <input type="password" name="password" class="form-control" id="password" placeholder="password" value="<?php echo $password; ?> " required> </div> <div class="checkbox"> <label> <input type="checkbox" value="1" name="remember_me" <?php checked(1, $remember_me); ?> > <?php _e('Remember me', 'wp'); ?> </label> </div> <input type="submit" value="Submit" class="btn btn-default" name="submit_user_login"> </form> <?php }