I’m trying to create a login system for my wordpress blog which uses the users google account info to login so they can leave comments and vote on posts and so on. I have the php code on how to do this with and it works when I use it as a static html page but don’t know where to add it in wordpress for it to work properly without errors, I tried to add it in the header.php but that doesn’t seem to be right and some errors are generated sometimes,
<?php
//Googles API
require_once 'google-api-php-client/src/Google_Client.php';
require_once 'google-api-php-client/src/contrib/Google_Oauth2Service.php';
//start session
session_start();
$client = new Google_Client();
$client->setApplicationName("Google UserInfo PHP Starter Application");
// Visit https://code.google.com/apis/console?api=plus to generate your
// oauth2_client_id, oauth2_client_secret, and to register your oauth2_redirect_uri.
// $client->setClientId('insert_your_oauth2_client_id');
// $client->setClientSecret('insert_your_oauth2_client_secret');
// $client->setRedirectUri('insert_your_redirect_uri');
// $client->setDeveloperKey('insert_your_developer_key');
$client->setClientId('473410134519.apps.googleusercontent.com');
$client->setClientSecret('******');
$client->setRedirectUri('http://www.pharzan.com/bitlog');
$client->setDeveloperKey('AIzaSyBLKLt******');
$oauth2 = new Google_Oauth2Service($client);
if (isset($_GET['code'])) {
$client->authenticate($_GET['code']);
$_SESSION['token'] = $client->getAccessToken();
$redirect = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
header('Location: ' . filter_var($redirect, FILTER_SANITIZE_URL));
return;
}
if (isset($_SESSION['token'])) {
$client->setAccessToken($_SESSION['token']);
}
if (isset($_REQUEST['logout'])) {
unset($_SESSION['token']);
$client->revokeToken();
}
if ($client->getAccessToken()) {
$user = $oauth2->userinfo->get();
// These fields are currently filtered through the PHP sanitize filters.
// See http://www.php.net/manual/en/filter.filters.sanitize.php
$email = filter_var($user['email'], FILTER_SANITIZE_EMAIL);
$img = filter_var($user['picture'], FILTER_VALIDATE_URL);
$personMarkup = "$email<div><img src='$img?sz=50'></div>";
$name=filter_var($user['given_name'], FILTER_SANITIZE_STRING);
//Get user details if user is logged in
$user_id = $user['id'];
$user_name = filter_var($user['name'], FILTER_SANITIZE_SPECIAL_CHARS);
$email = filter_var($user['email'], FILTER_SANITIZE_EMAIL);
$profile_url = filter_var($user['link'], FILTER_VALIDATE_URL);
$profile_image_url = filter_var($user['picture'], FILTER_VALIDATE_URL);
$personMarkup = "$email<div><img src='$profile_image_url?sz=50'></div>";
// The access token may have been updated lazily.
$_SESSION['token'] = $client->getAccessToken();
} else {
$authUrl = $client->createAuthUrl();
}
?>
then I need to use such code to display the user markup image and to see if they are logged in or not.
<?php if(isset($personMarkup)): ?>
<img class='markup' src='<?php echo $profile_image_url;?>'> </img>
<?php endif ?>
<?php //USER NOT LOGGED IN
if(isset($authUrl)) {
print "<a class='login' href='$authUrl' title="Login with google" </a> ";
print "<script>console.log('.$authUrl.');</script>";
}
else {
print '<a class="log_out" href="?logout"> Logout?</a>';
print "<script>console.log('.$authUrl.');</script>";
}
?>
My problem is I don’t know where to include this code in wordpress,
If I put it in the header the first part gets loaded every time and produces errors on the
start_session()
part and also if I need to process the information in different parts of the page, say once in the header and once in the footer I don’t know how to include the code.
WordPress authentication is a lot more complex than a .php file that handles all this stuff. There’s no one file.
Also, changing any core file is highly discouraged as it makes updating WordPress impossible or very difficult.
If you decide on implementing your own plugin that adds Google OAuth login then a good starting point is the codex.
I would recommend against this though. The functionality you are looking after is already implemented by other people in free, open-source plugins. You could also have a look at those for a starting point.