login

12 Common use WordPress Code Snippet

WordPress is a popular and widely used open-source content management system (CMS) that allows users to create and manage websites and blogs. WordPress is based on PHP and uses a MySQL database to store and retrieve content. Here are some common-use WordPress PHP Snippets that can help you to customize your website, and quickly add specific functionalities to your website. You can add the snippets to functions.php when you use it.

1. Disable WordPress auto-update

define("AUTOMATIC_UPDATER_DISABLED", true); // auto-update disable wp-config.php 

add_filter("pre_site_transient_update_core", "fake_update_callback"); // turnoff core reminder  
add_filter("pre_site_transient_update_plugins", "fake_update_callback"); // turnoff plugin reminder
add_filter("pre_site_transient_update_themes", "fake_update_callback"); // turnoff theme reminder

remove_action("admin_init", "_maybe_update_core");    // disable WordPress update check
remove_action("admin_init", "_maybe_update_plugins"); // disable WordPress Plugin Check
remove_action("admin_init", "_maybe_update_themes");  // disable WordPress theme update

function fake_update_callback(){
    return null;
}

2. URL dangerous code prevention

if (
    strpos($_SERVER["REQUEST_URI"], "eval(") || strpos($_SERVER["REQUEST_URI"], "base64") || strpos($_SERVER["REQUEST_URI"], "/**/")
) {
    @header("HTTP/1.1 414 Request-URI Too Long");
    @header("Status: 414 Request-URI Too Long");
    @header("Connection: Close");
    @exit;
}

3. Disable WordPress same user login session in multiple locations simultaneously

function pcl_user_has_concurrent_sessions(){
    return (is_user_logged_in() && count(wp_get_all_sessions()) > 2);
}

add_action("init", function () {
    // Don't allow other users to login from different location simultaneously beside the administrator
    if (!current_user_can("manage_options")) {
        if (!pcl_user_has_concurrent_sessions()) {
            return;
        }
        $newest = max(wp_list_pluck(wp_get_all_sessions(), "login"));
        $session = pcl_get_current_session();
        if ($session["login"] === $newest) {
            wp_destroy_other_sessions();
        } else {
            wp_destroy_current_session();
        }
    }
});

4. Disable WordPress fatal error handler (WSOD)

define( "WP_DISABLE_FATAL_ERROR_HANDLER", true ); // wp-config.php
add_filter( "wp_fatal_error_handler_enabled", "__return_false" ); // functions.php

5. Enable uploading different types of document

add_filter("upload_mimes", function ($mimes) use ($string) {
    $arr = explode(",", $string);
    foreach ($arr as $k) {
        $kv = explode("=", trim($k));
        if (count($kv) == 2) $mimes[trim($kv[0])] = trim($kv[1]);
    }
    return $mimes;
}, 99);

6. Disable XML-RPC

add_filter("xmlrpc_enabled", "__return_false");
add_filter("xmlrpc_methods", function ($methods) {
    unset($methods["pingback.ping"]);
    return $methods;
});

7. Disable Feed

function wpjam_feed_disabled(){
    wp_die("Feed has been turnoff!");
}

add_action("do_feed", "wpjam_feed_disabled", 1);
add_action("do_feed_rdf", "wpjam_feed_disabled", 1);
add_action("do_feed_rss", "wpjam_feed_disabled", 1);
add_action("do_feed_rss2", "wpjam_feed_disabled", 1);
add_action("do_feed_atom", "wpjam_feed_disabled", 1);

8. Disable Rest API

add_filter("json_enabled", "__return_false");
add_filter("json_jsonp_enabled", "__return_false");
add_filter("rest_enabled", "__return_false");
add_filter("rest_jsonp_enabled", "__return_false");
remove_action("init", "rest_api_init");
remove_action("rest_api_init", "rest_api_default_filters", 10);
remove_action("parse_request", "rest_api_loaded");
remove_action("wp_head", "rest_output_link_wp_head", 10);
remove_action("template_redirect", "rest_output_link_header", 11);
remove_action("auth_cookie_malformed", "rest_cookie_collect_status");
remove_action("auth_cookie_expired", "rest_cookie_collect_status");
remove_action("auth_cookie_bad_username", "rest_cookie_collect_status");
remove_action("auth_cookie_bad_hash", "rest_cookie_collect_status");
remove_action("auth_cookie_valid", "rest_cookie_collect_status");

add_filter("rest_authentication_errors", function () {
    return new WP_Error("rest_disabled", __("The REST API on this site has been disabled."), ["status" => rest_authorization_required_code()]);
});

9. Redirect after logout

//Redirect to the login page after logout
function redirect_custom_login_page() {
    wp_redirect(site_url() . "/sign-in");
    exit();
}
add_action("wp_logout", "redirect_custom_login_page");

10. Remove rarely use code from wp_header

remove_action("wp_head", "wp_generator");
foreach (["rss2_head", "commentsrss2_head", "rss_head", "rdf_header", "atom_head", "comments_atom_head", "opml_head", "app_head"] as $action) {
    remove_action($action, "the_generator");  //remove WP version from the header 
}
remove_action("wp_head", "rsd_link");                        //remove RSD LINK from head
remove_action("wp_head", "wlwmanifest_link");                //remove windows Live Writer from head 

remove_action("wp_head", "feed_links_extra", 3);            //remove links of feed from head 

remove_action("wp_head", "index_rel_link");                //
remove_action("wp_head", "parent_post_rel_link", 10);
remove_action("wp_head", "start_post_rel_link", 10);
remove_action("wp_head", "adjacent_posts_rel_link_wp_head", 10);

remove_action("wp_head", "wp_shortlink_wp_head", 10, 0);    //remove shortlink from head
remove_action("wp_head", "rest_output_link_wp_head", 10);    // remove WP RSET API address

remove_action("template_redirect", "wp_shortlink_header", 11);        //disable shortlink Header tag。
remove_action("template_redirect", "rest_output_link_header", 11);    // disable output tags in Header Link

11. Hide the menu from the dashboard

$list = ["upload.php"]; // 
add_action("admin_menu", function () use ($list) {
    foreach ($list as $v) {
        remove_menu_page($v);
    }
    global $menu;
    foreach ($menu as $v) {
        if ($v[4] == "wp-menu-separator") {
            unset($menu[4]);
        }
    }
});

12. Remove the WordPress logo from the default login page

add_filter("login_title", function ($a) {
    return str_replace("WordPress", home_url(), $a);
});
add_action("login_head", function () {
echo "
    
    #login {width: 392px;}
    #login h1 a {display: none !important;}
    #backtoblog,#nav {display: none}
    .login {
        background: #21607d;
    }
    input[type=text],input[type=password] {
     border-color: #c3e3ff;
    }
    .login form .input, .login input[type=password], .login input[type=text] {
        border-radius: 0;
    }
    
    ";
});

We are dedicated to providing valuable information, tutorials, and resources to help WordPress Beginners to understand more about WordPress and Woocommerce.

Facebook Youtube

Get Start

SUPPORT

© WPCOLLEGE 2024
WPCOLLEGE is a Project to share knowledge of WordPress and Woocommerce. We are not affiliated with Automattic or WordPress.

Scroll to Top