Password protected posts / pages form action issue
Opened this issue · 1 comments
Today I have found a bug in the starter-theme/templates/single-password.twig. I was getting 502 on WP Engine for password-protected pages and posts. After some research, it turned out that WP Engine is appending an extra query string to the action URL. Currently, we have:
<form action="{{ site.site_url }}/wp-login.php?action=postpass" method="post">
I was able to fix it by adding this piece of code in my single.php and page.php:
$context['form_action'] = esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) );
Doing it this way allows hooks to alter the URL.
The form action field looks like this:
<form action="{{ form_action }}" method="post">
I got the idea from this issue: https://toolset.com/forums/topic/password-protected-post-bug-with-wpengine/
What do you think would be the best way to handle this? Is it better to provide a globally accessible variable like site.password_proteced_url or just modify the single.php and page.php as well as the templates/single-password.twig. Or maybe you have another suggestion? Let me know and I'll create a pull request.