Leave a Reply

15 comments

  1. Use the global $pagenow, which is a common global set by WordPress at runtime:

    if ( $GLOBALS['pagenow'] === 'wp-login.php' ) {
    // We're on the login page!
}

    You can also check the type of login page, for example registration:

    if ( $GLOBALS['pagenow'] === 'wp-login.php' && ! empty( $_REQUEST['action'] ) && $_REQUEST['action'] === 'register' ) {
    // We're registering
}

    Following code is considered legacy and should not be used (wp-register.php was deprecated & subsequently removed quite a while back):

    if ( in_array( $GLOBALS['pagenow'], array( 'wp-login.php', 'wp-register.php' ) ) )
    run_my_funky_plugin();

  2. My preferred way:

    if( is_wplogin() ){
   ...
}

    code:

    function is_wplogin(){
    $ABSPATH_MY = str_replace(array('','/'), DIRECTORY_SEPARATOR, ABSPATH);
    return ((in_array($ABSPATH_MY.'wp-login.php', get_included_files()) || in_array($ABSPATH_MY.'wp-register.php', get_included_files()) ) || (isset($_GLOBALS['pagenow']) && $GLOBALS['pagenow'] === 'wp-login.php') || $_SERVER['PHP_SELF']== '/wp-login.php');
}

    Why it’s safest?

    1. Sometimes, if you try to check login page using REQUEST_URI(or SCRIPT_PATH), you will get INCORRECT VALUES, because many plugins change LOGIN & ADMIN urls.

      2) $pagenow will give you incorrect value too in that case!

    Notes:

    • In some cases, it might not work if you output login-form (i.e. with shortcode or etc) manually on other template files/pages.

    Core Update:

    Since WordPress Version 6.1 (Nov 2022) is an additional function inside the core – is_login that check the wp_login_url.

  3. More modern way to do that, it should work even when the wp-login URL is changed by plugins and when WP is in a subfolder, etc:

    if(stripos($_SERVER["SCRIPT_NAME"], strrchr(wp_login_url(), '/')) !== false){
    /* ... */
}

  5. $GLOBALS['pagenow'] doesn’t work, use $_SERVER['PHP_SELF'].

    if ( in_array( $_SERVER['PHP_SELF'], array( '/wp-login.php', '/wp-register.php' ) ) ){
    // do something.
}

    and if your wordpress is not installed in the web root folder, you should use some params like YOUR_WP_PATH/wp-login.php to replace the elements in array.

  6. I have implemented it using WordPress own wp_login_url() method as follows:

    public static function is_wp_login() {
  $login_path = rtrim( strtolower( parse_url( wp_login_url( '', true ), PHP_URL_PATH ) ), '/' );
  return ( rtrim( strtolower( $_SERVER[ 'REQUEST_URI' ] ), '/' ) == $login_path );
}

    Just comparing both paths (because it’s difficult to be absolutely sure about the use of SSL as it may be terminated) should be enough … It does mean, however, that a plugin or theme developer who changes the default login form must have done so the proper way …

  7. None of the current answers worked for me.

    What I’ve done was check if $_GET array has a ‘page’ key and if its value is ‘sign-in’.

    if (isset($_GET['page']) && $_GET['page'] == 'sign-in'){
   // you're on login page
}

  8. If you need to add some code for login page, you can use a hook for it

    <?php add_action( 'login_head', 'login_head_add_css' );
    function login_head_add_css() {
        ?>
        <style>
            body {
                background-image: url('/background.png');
            }
            .login h1 a{
                background-image: url('/logo.png');
                background-size: 300px !important;
                background-position: center top;
                background-repeat: no-repeat;
                color: #444;
                height: 120px;
                font-size: 20px;
                font-weight: 400;
                line-height: 1.3;
                margin: 0 auto 25px;
                padding: 0;
                text-decoration: none;
                width: 300px !important;
                text-indent: -9999px;
                outline: 0;
                overflow: hidden;
                display: block;
            }

        </style>
        <?php
    } ?>

  9. This file has so many action hooks. Thanks WordPress devs!

    Here’s a listing of the most common ones to get you started in the order they execute.

    • login_enqueue_scripts
    • login_head
    • login_header
    • login_init
    • login_form_{$action}
      • confirm_admin_email
      • postpass
      • logout
      • lostpassword
      • retrievepassword
      • resetpass
      • rp
      • register
      • login
      • confirmaction
    • login_form
    • login_footer

  10. An alternative method:

    /**
 * Determines whether current page is login page.
 * @return bool True if current page is login page.
 */
final public static function isLoginPage(): bool
{
    return function_exists('login_header');
}

    Function login_header is defined in file wp-login.php. We are assuming, that login page is not included as this is separate WP page, which shall be called directly. Probably one of the most bulletproof solutions.

  11. Here’s a more readable version of @T.Todua answer. I just formatted it nicely, made the cheapest checks first and returned early:

    function isLoginPage()
{
    // $_SERVER['PHP_SELF'] is equal to "/wp-login.php"?
    if ($_SERVER['PHP_SELF'] == '/wp-login.php') {
        return true;
    }

    // $GLOBALS['pagenow'] is equal to "wp-login.php"?
    if (isset($GLOBALS['pagenow']) && $GLOBALS['pagenow'] === 'wp-login.php') {
        return true;
    }


    $ABSPATH_MY = str_replace(array('', '/'), DIRECTORY_SEPARATOR, ABSPATH);

    // Was wp-login.php or wp-register.php included during this execution?
    if (
        in_array($ABSPATH_MY . 'wp-login.php', get_included_files()) ||
        in_array($ABSPATH_MY . 'wp-register.php', get_included_files())
    ) {
        return true;
    }

    return false;
}

    If you want the least performance impact, leave only the first two checks.

    Also, if you are running this check after the template has loaded, you can simply use:

    function isLogin() {
    if (!did_action('wp_loaded')) {
      return null;
    }
    return did_action('login_head');
}

  12. I am only interested in register page, not in login page. So this might not be wanted by everybody.

    $GLOBALS[‘pagenow’] returns index.php for me. Maybe because of buddypress or my theme.

    So I used

    is_page('register')

    If you inspect the body of the registration page, it also has the ID as well, so if it says page-id-4906, you can use it this way if it works better:

    is_page('4906')

  13. This is my preferred method, it will handle any slug you decide to use for the login page. It also handles custom login forms if you decide not to use the default WordPress login form since is_login() won’t work if you don’t include the login script. Uses global $wp instead of the $_SERVER array.

    global $wp;

if( trailingslashit( trailingslashit( site_url() ) . $wp->request ) !== wp_login_url() ) {
    // You are on the login page
}

  15. OK, I’m changing my answer to accommodate an alternate solution on detecting wp-login part of a url, that comes really handy if your theme uses a custom login page template or you have the login page modified by a plugin… A few solutions proposed here worked, so I’ve came with something that works for me on an ordinary WordPress site (not tested on Multisite).

    As simple as:

    if( stripos($_SERVER['SCRIPT_NAME'], strrchr( wp_login_url(), '/') ) !== false ) {
    ...
}