birgire · July 27, 2016 14:29
diff --git a/so-38602177.php b/so-38602177.php
 <?php
 /**
 * @version: 	1.0.3
 * @see  	http://stackoverflow.com/questions/38551606/do-not-submit-form-after-wrong-code/38602177
 */
  
 add_filter( 'login_form', function() 
 {
 	$options = get_option( 'authcode_settings' );

 	if( ! empty( $options['code'] ) ) printf(
 		'<p class="login-authenticate">
 			<label for="auth_key">%s</label>
 			<input type="text" name="so38551606_auth_key" id="so38551606_auth_key" class="input" value="" size="20" autocomplete="off" />
 		</p>',
 		esc_html__( 'Authentication Code', 'mydomain' )
 	);
 } );

 add_filter( 'authenticate', function( $user ) 
 {
 	$options = get_option( 'authcode_settings' );

 	$submit_code = filter_input( INPUT_POST, 'so38551606_auth_key', FILTER_SANITIZE_STRING );

 	$is_valid_auth_code = ! empty( $options['code'] ) && ( $options['code'] === $submit_code );
    	
 	if( $is_valid_auth_code )
 		return $user;
 	
 	if( is_wp_error( $user ) )
 		$user->add( 
 			'invalid_auth_code', 
 			sprintf(
 				'<strong>%s</strong>: %s',
 				esc_html__( 'ERROR', 'mydomain' ),
 				esc_html__( 'Authentication code is invalid.', 'mydomain' )
 			)
 		); 
 	else
 		$user = new WP_Error(
 			'invalid_auth_code', 
 			sprintf(
 				'<strong>%s</strong>: %s',
 				esc_html__( 'ERROR', 'mydomain' ),
 				esc_html__( 'Authentication code is invalid.', 'mydomain' )
 			)
 		); 

    return $user;

 }, 100 );
	<?php
	/**
	* @version: 1.0.3
	* @see http://stackoverflow.com/questions/38551606/do-not-submit-form-after-wrong-code/38602177
	*/

	add_filter( 'login_form', function()
	{
	$options = get_option( 'authcode_settings' );

	if( ! empty( $options['code'] ) ) printf(
	'<p class="login-authenticate">
	<label for="auth_key">%s</label>
	<input type="text" name="so38551606_auth_key" id="so38551606_auth_key" class="input" value="" size="20" autocomplete="off" />
	</p>',
	esc_html__( 'Authentication Code', 'mydomain' )
	);
	} );

	add_filter( 'authenticate', function( $user )
	{
	$options = get_option( 'authcode_settings' );

	$submit_code = filter_input( INPUT_POST, 'so38551606_auth_key', FILTER_SANITIZE_STRING );

	$is_valid_auth_code = ! empty( $options['code'] ) && ( $options['code'] === $submit_code );

	if( $is_valid_auth_code )
	return $user;

	if( is_wp_error( $user ) )
	$user->add(
	'invalid_auth_code',
	sprintf(
	'<strong>%s</strong>: %s',
	esc_html__( 'ERROR', 'mydomain' ),
	esc_html__( 'Authentication code is invalid.', 'mydomain' )
	)
	);
	else
	$user = new WP_Error(
	'invalid_auth_code',
	sprintf(
	'<strong>%s</strong>: %s',
	esc_html__( 'ERROR', 'mydomain' ),
	esc_html__( 'Authentication code is invalid.', 'mydomain' )
	)
	);

	return $user;

	}, 100 );