login to wordpress with Get variables instead of Post in WordPress

Im using swish-e to index my corporate site and documents. Problem is that i need to login to wordpress via get variables.
Wordpress login uses post variable but i need to login with GET variables

http://mysite.com/wp-login.php?log=username&pwd=password
Read More
Should I global $wpdb outside of any of my plugin’s functions scope?
How can I disable/hide certain themes in multisite?
Use WordPress Login for a non-wordpress site

There is any easy way to do it? I dont mind changing core files, is there is no other option.

I took a look at wp-login.php but i dont have a clue on how to do this.

Regards

Post Views: 2

1 comment

Using GET variables for usernames and passwords is never a good idea. But anyway, something like the following should work

if(isset($_GET['log']) && isset($_GET['pwd'])){
    $creds = array();
    $creds['user_login'] = $_GET['log'];
    $creds['user_login'] = $_GET['pwd'];
    $creds['remember'] = true; //Do you want the log-in details to be remembered?

    $user = wp_signon( $creds, false );
    if ( is_wp_error($user) )
       echo $user->get_error_message(); //Display error message if log-in fails
}

You can put this in a template and then create a page using that template to create an alternative log-in page. In that case, you’ll want to go to : http://[url of page]?log=username&pwd=password

To get http://mysite.com/wp-login.php?log=username&pwd=password, you will have to put the above code in the wp-login.php core file. Rather than adapting the code (which will be overwritten when you next update WordPress), I recommend using a hook. Like, so (put this in your functions.php or a plug-in):

add_action('init', 'GET_login');
function GET_login() {
    //Check that we are on the log-in page
    if(in_array($GLOBALS['pagenow'], array('wp-login.php'))):

    //Check that log and pwd are set
        if(isset($_GET['log']) && isset($_GET['pwd'])):
            $creds = array();
            $creds['user_login'] = $_GET['log'];
            $creds['user_password'] = $_GET['pwd'];
            $creds['remember'] = true; //Do you want the log-in details to be remembered?

            //Where do we go after log-in?
            $redirect_to = admin_url('profile.php');

            //Try logging in
            $user = wp_signon( $creds, false );

            if ( is_wp_error($user) ){
                //Log-in failed
            }else{
                //Logged in, now redirect
                $redirect_to = admin_url('profile.php');
                wp_safe_redirect($redirect_to);
            exit();
            }
        endif;
    endif;
    //If we are not on the log-in page or credentials are not set, carry on as normal
}

Explanation:
Our function is run using init hook. It first checks that we are on the ./wp-login.php page, and then that the log and pwd variables are set. If not, we carry on as normal. If they are, we attempt a log-in, using wp_signon. If we are successful, we are redirected (wherever you like), otherwise if it fails, we do something (display errors, maybe?).

Hope that helps

Leave a Reply Cancel reply

1 comment

Social Network

Related posts

Leave a Reply Cancel reply

1 comment

Social Network