Check if wp-login is current page

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

Use the global $pagenow, which is a common global set by WordPress at runtime:

if ( $GLOBALS['pagenow'] === 'wp-login.php' ) {
    // We're on the login page!
}

You can also check the type of login page, for example registration:

if ( $GLOBALS['pagenow'] === 'wp-login.php' && ! empty( $_REQUEST['action'] ) && $_REQUEST['action'] === 'register' ) {
    // We're registering
}

Following code is considered legacy and should not be used (wp-register.php was deprecated & subsequently removed quite a while back):

if ( in_array( $GLOBALS['pagenow'], array( 'wp-login.php', 'wp-register.php' ) ) )
    run_my_funky_plugin();

Method 2

My preferred way:

if( is_wplogin() ){
   ...
}

code:

function is_wplogin(){
    $ABSPATH_MY = str_replace(array('\','/'), DIRECTORY_SEPARATOR, ABSPATH);
    return ((in_array($ABSPATH_MY.'wp-login.php', get_included_files()) || in_array($ABSPATH_MY.'wp-register.php', get_included_files()) ) || (isset($_GLOBALS['pagenow']) && $GLOBALS['pagenow'] === 'wp-login.php') || $_SERVER['PHP_SELF']== '/wp-login.php');
}

Why it’s safest?

Sometimes, if you try to check login page using REQUEST_URI(or SCRIPT_PATH), you will get INCORRECT VALUES, because many plugins change LOGIN & ADMIN urls.
2) $pagenow will give you incorrect value too in that case!

Notes:

In some cases, it might not work if you output login-form (i.e. with shortcode or etc) manually on other template files/pages.

Method 3

More modern way to do that, it should work even when the wp-login URL is changed by plugins and when WP is in a subfolder, etc:

if(stripos($_SERVER["SCRIPT_NAME"], strrchr(wp_login_url(), '/')) !== false){
    /* ... */
}

Method 4

$GLOBALS['pagenow'] doesn’t work, use $_SERVER['PHP_SELF'].

if ( in_array( $_SERVER['PHP_SELF'], array( '/wp-login.php', '/wp-register.php' ) ) ){
    // do something.
}

and if your wordpress is not installed in the web root folder, you should use some params like YOUR_WP_PATH/wp-login.php to replace the elements in array.

Method 5

I have implemented it using WordPress own wp_login_url() method as follows:

public static function is_wp_login() {
  $login_path = rtrim( strtolower( parse_url( wp_login_url( '', true ), PHP_URL_PATH ) ), '/' );
  return ( rtrim( strtolower( $_SERVER[ 'REQUEST_URI' ] ), '/' ) == $login_path );
}

Just comparing both paths (because it’s difficult to be absolutely sure about the use of SSL as it may be terminated) should be enough … It does mean, however, that a plugin or theme developer who changes the default login form must have done so the proper way …

Method 6

None of the current answers worked for me.

What I’ve done was check if $_GET array has a ‘page’ key and if its value is ‘sign-in’.

if (isset($_GET['page']) && $_GET['page'] == 'sign-in'){
   // you're on login page
}

Method 7

If you need to add some code for login page, you can use a hook for it

<?php add_action( 'login_head', 'login_head_add_css' );
    function login_head_add_css() {
        ?>
        <style>
            body {
                background-image: url('/background.png');
            }
            .login h1 a{
                background-image: url('/logo.png');
                background-size: 300px !important;
                background-position: center top;
                background-repeat: no-repeat;
                color: #444;
                height: 120px;
                font-size: 20px;
                font-weight: 400;
                line-height: 1.3;
                margin: 0 auto 25px;
                padding: 0;
                text-decoration: none;
                width: 300px !important;
                text-indent: -9999px;
                outline: 0;
                overflow: hidden;
                display: block;
            }

        </style>
        <?php
    } ?>

Method 8

An alternative method:

/**
 * Determines whether current page is login page.
 * @return bool True if current page is login page.
 */
final public static function isLoginPage(): bool
{
    return function_exists('login_header');
}

Function login_header is defined in file wp-login.php. We are assuming, that login page is not included as this is separate WP page, which shall be called directly. Probably one of the most bulletproof solutions.

Method 9

Here’s a more readable version of @T.Todua answer. I just formatted it nicely, made the cheapest checks first and returned early:

function isLoginPage()
{
    // $_SERVER['PHP_SELF'] is equal to "/wp-login.php"?
    if ($_SERVER['PHP_SELF'] == '/wp-login.php') {
        return true;
    }

    // $GLOBALS['pagenow'] is equal to "wp-login.php"?
    if (isset($GLOBALS['pagenow']) && $GLOBALS['pagenow'] === 'wp-login.php') {
        return true;
    }


    $ABSPATH_MY = str_replace(array('\', '/'), DIRECTORY_SEPARATOR, ABSPATH);

    // Was wp-login.php or wp-register.php included during this execution?
    if (
        in_array($ABSPATH_MY . 'wp-login.php', get_included_files()) ||
        in_array($ABSPATH_MY . 'wp-register.php', get_included_files())
    ) {
        return true;
    }

    return false;
}

If you want the least performance impact, leave only the first two checks.

Also, if you are running this check after the template has loaded, you can simply use:

function isLogin() {
    if (!did_action('wp_loaded')) {
      return null;
    }
    return did_action('login_head');
}

Method 10

I am only interested in register page, not in login page. So this might not be wanted by everybody.

$GLOBALS[‘pagenow’] returns index.php for me. Maybe because of buddypress or my theme.

So I used

is_page('register')

If you inspect the body of the registration page, it also has the ID as well, so if it says page-id-4906, you can use it this way if it works better:

is_page('4906')

Method 11

This file has so many action hooks. Thanks WordPress devs!

Here’s a listing of the most common ones to get you started in the order they execute.

login_enqueue_scripts
login_head
login_header
login_init
login_form_{$action}
- confirm_admin_email
- postpass
- logout
- lostpassword
- retrievepassword
- resetpass
- rp
- register
- login
- confirmaction
login_form
login_footer

Method 12

OK, I’m changing my answer to accommodate an alternate solution on detecting wp-login part of a url, that comes really handy if your theme uses a custom login page template or you have the login page modified by a plugin… A few solutions proposed here worked, so I’ve came with something that works for me on an ordinary WordPress site (not tested on Multisite).

As simple as:

if( stripos($_SERVER['SCRIPT_NAME'], strrchr( wp_login_url(), '/') ) !== false ) {
    ...
}

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes

Article Rating