Pass variable from URL through a php login redirect function into wp-login form inputs

1 Views

This is a funny one, but only a genius can probably figure this out. It’s an odd one.

Requires a little javascript and a little adjustment to my existing php wordpress function.

Read More

I have a wp site that is locked down from the public using this function… 

add_action('get_header', 'wpq_member_only_site');
function wpq_member_only_site() {

    if ( !is_user_logged_in() ) {

        $redirect_after_login = get_home_url();

        $login_url = wp_login_url( $redirect_after_login );

        wp_redirect( $login_url, 302 );
        exit;
    }

}

…which redirects non-logged in users to the login form.

My question is, I would like use URL variables like this…

http://example.com?user=media&password=23747

…and somehow, (I guess) pass it through the function and into the login page URL…

http://example.com/wp-login.php?redirect_to=http%3A%2F%2Fexample.com&user=media&password=23747

…so then a script in my login_head can use, and automatically pre-populate the login form.

I will insert the script into my login_head using this function… 

function my_login_head() {
  echo '

      <!-- script here -->
  ';
}
add_action('login_head', 'my_login_head');

Does anyone think they can help me with this? Or know if its possible.

The idea is, so I can use this URL to give people access without them having to know the username or password.

Any ideas or help would be awesome, thanks!

Post Views: 1

Related posts

Leave a Reply

2 comments

  1. For url like this…

    http://example.com/wp-login.php?ul=media&up=5434535

    function my_login_head() {
        if(isset($_GET['ul'])&& isset($_GET['up'])){
                $ul=esc_attr($_GET['ul']);
                $up=esc_attr($_GET['up']);
                echo '<script>
                        window.onload = function() {
                                var ul=document.getElementById("user_login");
                                ul.value = "'.$ul.'";
                                var up=document.getElementById("user_pass");
                                up.value = "'.$up.'";
                        }
                </script>';
        }
}
add_action('login_head', 'my_login_head');

    If you want to use an url like:

    http://example.com/?ul=media&up=5434535

    to redirect non members to the prefilled login form, you can use this modifed version of the original ‘wpq_member_only_site’ function:

    add_action('get_header', 'wpq_member_only_site');
function wpq_member_only_site() {
        if ( !is_user_logged_in() ) {
                $redirect_after_login = get_home_url();
                $autofill="";
                if(isset($_GET['ul']) && isset($_GET['up'])){
                        $ul=esc_attr($_GET['ul']);
                        $up=esc_attr($_GET['up']);
                        $autofill="&ul=".$ul."&up=".$up;
                }
                $login_url = wp_login_url( $redirect_after_login ).$autofill;
                wp_redirect( $login_url, 302 );
                exit;
        }
}

  2. Having written this, it seems like you might be able to do this via another method: Just call the wp_signon() function, so you don’t need to mess around with wp-login.php. Just wp_signon($credentials) and then wp_redirect($wherever).

    You could do this on any page, so your thumb drive technique could link to site.com/member-login/?query=string. /member-login would be a custom template that handles this info.

    What I might suggest: create a hash to make this a little more obscure. Then it would look like: /member-login/?x=Ajzf29xjz4jfjAJkdSlj3 or whatever.

    Anyway… back to my original answer. It sounds like you’re close…

    wp_redirect('wp-login.php?redirect_to=http%3A%2F%2Fexample.com&user=media&password=23747');

    In your login head function, try tracing out these $_GET variables to make sure they’re coming through. I don’t think jQuery is loaded on this page, so you’d want to echo a jQuery include <script> if you’re going to use that.

    Your login head function:

    <script src="jquery.js"></script>
<script>
$(document).ready(function(){
    $("form selector").val("<?php echo $_GET['user']; ?>");
});

    Something like that?

    Here’s the thing:

    They still have to click the submit button.

    You know you can log a user in using a simple function call?
    wp_signon()