wp_redirect( string $location, int $status = 302, string $x_redirect_by = 'WordPress' ): bool

Redirects to another page.

Description
Parameters
Return
Source
Hooks
Related
- Uses
- Used By
Changelog
User Contributed Notes
- Feedback
- Feedback

Description

Note: wp_redirect() does not exit automatically, and should almost always be followed by a call to exit;:

wp_redirect( $url );
exit;

Exiting can also be selectively manipulated by using wp_redirect() as a conditional in conjunction with the ‘wp_redirect’ and ‘wp_redirect_status’ filters:

if ( wp_redirect( $url ) ) {
    exit;
}

Top ↑

Parameters

$location string Required: The path or URL to redirect to.
$status int Optional: HTTP response status code to use. Default '302' (Moved Temporarily).

Default: 302
$x_redirect_by string Optional: The application doing the redirect. Default 'WordPress'.

Default: 'WordPress'

Top ↑

Return

bool False if the redirect was canceled, true otherwise.

Top ↑

Source

File: wp-includes/pluggable.php. View all references

function wp_redirect( $location, $status = 302, $x_redirect_by = 'WordPress' ) {
	global $is_IIS;

	/**
	 * Filters the redirect location.
	 *
	 * @since 2.1.0
	 *
	 * @param string $location The path or URL to redirect to.
	 * @param int    $status   The HTTP response status code to use.
	 */
	$location = apply_filters( 'wp_redirect', $location, $status );

	/**
	 * Filters the redirect HTTP response status code to use.
	 *
	 * @since 2.3.0
	 *
	 * @param int    $status   The HTTP response status code to use.
	 * @param string $location The path or URL to redirect to.
	 */
	$status = apply_filters( 'wp_redirect_status', $status, $location );

	if ( ! $location ) {
		return false;
	}

	if ( $status < 300 || 399 < $status ) {
		wp_die( __( 'HTTP redirect status code must be a redirection code, 3xx.' ) );
	}

	$location = wp_sanitize_redirect( $location );

	if ( ! $is_IIS && 'cgi-fcgi' !== PHP_SAPI ) {
		status_header( $status ); // This causes problems on IIS and some FastCGI setups.
	}

	/**
	 * Filters the X-Redirect-By header.
	 *
	 * Allows applications to identify themselves when they're doing a redirect.
	 *
	 * @since 5.1.0
	 *
	 * @param string $x_redirect_by The application doing the redirect.
	 * @param int    $status        Status code to use.
	 * @param string $location      The path to redirect to.
	 */
	$x_redirect_by = apply_filters( 'x_redirect_by', $x_redirect_by, $status, $location );
	if ( is_string( $x_redirect_by ) ) {
		header( "X-Redirect-By: $x_redirect_by" );
	}

	header( "Location: $location", true, $status );

	return true;
}

View on Trac View on GitHub

Top ↑

Hooks

apply_filters( 'wp_redirect', string $location, int $status )

Filters the redirect location.

apply_filters( 'wp_redirect_status', int $status, string $location )

Filters the redirect HTTP response status code to use.

apply_filters( 'x_redirect_by', string $x_redirect_by, int $status, string $location )

Filters the X-Redirect-By header.

Top ↑

Uses

Uses
Uses	Description
wp_sanitize_redirect() wp-includes/pluggable.php	Sanitizes a URL for use in a redirect.
status_header() wp-includes/functions.php	Sets HTTP status header.
__() wp-includes/l10n.php	Retrieves the translation of $text.
wp_die() wp-includes/functions.php	Kills WordPress execution and displays HTML page with an error message.
apply_filters() wp-includes/plugin.php	Calls the callback functions that have been added to a filter hook.

Show 3 more uses Hide more uses

Top ↑

Used By

Used By
Used By	Description
do_favicon() wp-includes/functions.php	Displays the favicon.ico file content.
WP_Recovery_Mode_Link_Service::handle_begin_link() wp-includes/class-wp-recovery-mode-link-service.php	Enters recovery mode when the user hits wp-login.php with a valid recovery mode link.
resume_theme() wp-admin/includes/theme.php	Tries to resume a single theme.
resume_plugin() wp-admin/includes/plugin.php	Tries to resume a single plugin.
wp_media_attach_action() wp-admin/includes/media.php	Encapsulates the logic for Attach/Detach actions.
WP_List_Table::set_pagination_args() wp-admin/includes/class-wp-list-table.php	Sets all the necessary pagination arguments.
wp_dashboard_setup() wp-admin/includes/dashboard.php	Registers dashboard widgets.
activate_plugin() wp-admin/includes/plugin.php	Attempts activation of plugin in a “sandbox” and redirects on success.
redirect_post() wp-admin/includes/post.php	Redirects to previous page.
do_dismiss_core_update() wp-admin/update-core.php	Dismiss a core update.
do_undismiss_core_update() wp-admin/update-core.php	Undismiss a core update.
WP_Customize_Manager::after_setup_theme() wp-includes/class-wp-customize-manager.php	Callback to validate a theme once it is loaded
spawn_cron() wp-includes/cron.php	Sends a request to run cron through HTTP request that doesn’t halt page loading.
wp_safe_redirect() wp-includes/pluggable.php	Performs a safe (local) redirect, using wp_redirect() .
auth_redirect() wp-includes/pluggable.php	Checks if a user is logged in, if not it redirects them to the login page.
wp_old_slug_redirect() wp-includes/query.php	Redirect old slugs to the correct permalink.
wp_not_installed() wp-includes/load.php	Redirects to the installer if WordPress is not installed.
wp_redirect_admin_locations() wp-includes/canonical.php	Redirects a variety of shorthand URLs to the admin.
redirect_canonical() wp-includes/canonical.php	Redirects incoming links to the proper URL based on the site url.
maybe_redirect_404() wp-includes/ms-functions.php	Corrects 404 redirects when NOBLOGREDIRECT is defined.
wpmu_admin_do_redirect() wp-includes/ms-deprecated.php	Redirect a user based on $_GET or $_POST arguments.

Show 16 more used by Hide more used by

Top ↑

Changelog

Changelog
Version	Description
5.4.0	On invalid status codes, wp_die() is called.
5.1.0	The `$x_redirect_by` parameter was added.
1.5.1	Introduced.

Top ↑

User Contributed Notes

Skip to note 1 content

You must log in to vote on the helpfulness of this noteVote results for this note: 35You must log in to vote on the helpfulness of this note

Contributed by J.D. Grimes — 8 years ago
wp_redirect() does not validate that the $location is a reference to the current host. This means that this function is vulnerable to open redirects if you pass it a $location supplied by the user. For this reason, it is best practice to always use wp_safe_redirect() instead, since it will use wp_validate_redirect() to ensure that the $location refers to the current host. Only use wp_redirect() when you are specifically trying to redirect to another site, and then you can hard-code the URL.
```
// We don't know for sure whether this is a URL for this site,
// so we use wp_safe_redirect() to avoid an open redirect.
wp_safe_redirect( $url );

// We are trying to redirect to another site, using a hard-coded URL.
wp_redirect( 'https://example.com/some/page' );
```
Log in to add feedback
Skip to note 2 content

You must log in to vote on the helpfulness of this noteVote results for this note: 10You must log in to vote on the helpfulness of this note

Contributed by Codex — 8 years ago
Examples
```
<?php wp_redirect( home_url() ); exit; ?>
```
Redirects can also be external, and/or use a “Moved Permanently” code :
```
<?php wp_redirect( 'http://www.example.com', 301 ); exit; ?>
```
The code below redirects to the parent post URL which can be used to redirect attachment pages back to the parent.
```
<?php wp_redirect( get_permalink( $post->post_parent ) ); exit; ?>
```
Log in to add feedback
Skip to note 3 content

You must log in to vote on the helpfulness of this noteVote results for this note: 6You must log in to vote on the helpfulness of this note

Contributed by KZeni — 3 years ago

Unless this is patched to perform this natively in the future, be sure to include nocache_headers(); before the wp_redirect if you want to make sure the visitor’s browser doesn’t cache the redirect page result (can even happen when this is set to use a 302 redirect) which may cause the redirect to happen for longer than desired.

For example, this can be problematic when used to redirect to a login page when trying to access protected content since the visitor can then log in to find that they’re still taken back to the login page when trying to go back to that page they were trying to go to due to the redirect having been potentially cached by their web browser (again, even with it being a 302 redirect.) Having nocache_headers(); before the redirect prevents this potential issue.
Top ↑
Feedback
- Ticket #50422 is looking to address this natively for future versions of WordPress so this may not be required in the future, but this is advisable/required for now and shouldn’t be problematic if/when WordPress chooses to adopt the proposed update. — By KZeni — 3 years ago
- This seems to fix an issue with a login page and protected content that was only happening in Firefox. I’m not sure if it caches more aggressively than Chrome and Edge, but adding this function call got the redirects going to the right place consistently. — By Sarah Lewis — 3 years ago
Log in to add feedback
Skip to note 4 content

You must log in to vote on the helpfulness of this noteVote results for this note: 4You must log in to vote on the helpfulness of this note

Contributed by yonifre — 5 years ago
template_redirect Action
```
function my_logged_in_redirect() {
	
	if ( is_user_logged_in() && is_page( 12 ) ) 
    {
        wp_redirect( get_permalink( 32 ) );
        die;
    }
	
}
add_action( 'template_redirect', 'my_logged_in_redirect' );
```
Log in to add feedback

Contributed by Martin Kilarski — 2 years ago

/**
 * Redirect categories, tags, date, author and specific custom taxonomies to homepage
 */
function my_redirect_taxonomy_archive() {
    // redirect category, tag, date, author archives
	if (
		is_category() ||
		is_tag() ||
		is_date() ||
		is_author()
	){
		wp_redirect( home_url(), 301 );
	} else if ( is_tax() ) { // redirect custom taxonomy term archives
		$archive_taxonomies_to_redirect = [
			'book',
			'event',
		];

		foreach($archive_taxonomies_to_redirect as $taxonomy) {
			if ( is_tax( $taxonomy ) ) {
				wp_redirect( home_url(), 301 );
			}
		}
	}
}
add_action( 'template_redirect', 'my_redirect_taxonomy_archive' );

Skip to note 6 content

You must log in to vote on the helpfulness of this noteVote results for this note: -4You must log in to vote on the helpfulness of this note

Contributed by hkkcngz — 3 years ago
get_permalink() is only really useful for single pages and posts, and only works inside the loop.

WP Redirect to Current Page
```
global $wp;
wp_redirect( get_permalink( home_url( $wp->request ) ) ); 
```
Top ↑
Feedback
- get_permalink() expects an integer or WP_Post object for its parameters, and home_url() returns a string (the home URL as the function name indicates). To perform the redirect, remove get_permalink() call:
  
  wp_redirect( home_url( $wp->request ) );
  
  — By crstauf — 3 years ago
- This comment from @hkkcngz above has multiple problems & questionable aspects. get_permalink() can be used anywhere (not just in a loop like @hkkcngz incorrectly stated). It’s what’s then being passed as a parameter to that function (or is otherwise using the default paramenter[s]) that may be dependent on being in a loop or not. Also, @crstauf is correct in that the code from @hkkcngz is actually broken on top of everything since it isn’t using get_permalink() properly per it passing the wrong type of value for the get_permalink() parameter with home_url() providing a URL rather than a post ID or object as specified on https://developer.wordpress.org/reference/functions/get_permalink/ (with get_permalink() then actually not being required whatsoever per home_url() already getting the permalink/URL that wp_redirect() is wanting.) — By KZeni — 3 years ago
Log in to add feedback

You must log in before being able to contribute a note or feedback.

Developer Resources

wp_redirect( string $location, int $status = 302, string $x_redirect_by = 'WordPress' ): bool

Contents

Description

Parameters

Return

Source

Hooks

Changelog

User Contributed Notes

Feedback

Feedback