Want to make a custom wordpress login form. It uses WordPress optimized security/ hackproof functionality to check and validate before logging a registered user.
<?php /** * Template Name: Login */ get_header(); ?> <?php $error_login = ''; if( is_user_logged_in() ) { wp_redirect( site_url() ); exit(); } else { if( isset($_POST['submit']) ) { $username = sanitize_text_field($_POST['username']); $password = sanitize_text_field($_POST['password']); $creds = array(); $creds['user_login'] = $username; $creds['user_password'] = $password; $creds['remember'] = ( isset( $_POST['chkme'] ) ) ? true : false; $user = wp_signon( $creds, false ); if($user && !is_wp_error($user)) { wp_redirect( site_url() ); exit; } elseif($username == '' || $password == '') { $error_login = 'Username or Password or both field/s is/are blank.'; } else{ $error_login="Invalid email & password"; } } ?>
<div id="content"> <p><?php echo $error_login; ?></p> <form name="login" action="<?php echo get_permalink(); ?>" method="POST"> <legend>Login Form</legend> <p> <label>Username</label> <input type="text" name="username" value="<?php echo ( ! empty( $_POST['username'] ) )? $_POST['username']:''; ?>" /> </p> <p> <label>Password</label> <input type="password" name="password" /> </p> <p><input type="checkbox" name="chkme" value=""/> Remember login credentials</p> <p><input type="submit" name="submit" value="Login" /></p> </form> </div> <?php } ?> <?php get_footer(); ?>