Single sign on with custom site in WordPress

I have a site that has a WordPress blog section. I would like to enable Single Sign On in the site so that on logging onto my site, the WP blog also logs on on simultaneously. I have two user tables. One for the site, other for the WP part. What I did was add a curl along with the function for logging on the site’s blog section. Below is the code that I had used.

$username = $_POST['username'];
    $password = $_POST['password'];
    $url="http://www.crickees.svn.local/blog/";
        $cookie="cookie.txt";

        $postdata = "log=". $username ."&pwd=". $password ."&wp-submit=Log%20In&redirect_to=". $url ."wp-admin/&testcookie=1";
        $ch = curl_init();
        curl_setopt ($ch, CURLOPT_URL, $url . "wp-login.php");
        curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
        curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
        curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
        curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
        curl_setopt ($ch, CURLOPT_REFERER, $url . "wp-admin/");
        curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
        curl_setopt ($ch, CURLOPT_POST, 1);
        $result = curl_exec ($ch);
        curl_close($ch);

Thing is that the wp_signon() function is getting the values but it doesn’t seem to be generating the required cookie. What changes are to be made to get the cookie generated.

I had tried another method where I hard coded the values into the wp_login.php page. Here I had set the values into the $creds array.

wp_signon($creds,$secure_cookie);

But that prevented logging out from the blog. So that plan didn’t work out.

Some help would be nice.
Thanks in advance.

Post Views: 1

2 comments

Take a look at this answer and see if it help:

https://wordpress.stackexchange.com/a/11472/490

    $username = $_POST['username'];
    $password = $_POST['password'];

    define('__ROOT__', dirname('public_html'));
    require_once (__ROOT__.'/blog/wp-load.php');

    $credentials = array('user_login' => $username, 'user_password' => $password);
    $user  = wp_signon($credentials,$secure_cookie);

This is the code that I placed immediately after my site log-in was validated. What this basically does is include the wp-load.php file, which in turn allows me to make WP function calls from my site. So I call the wp_signon( ) function passing along the posted values from my site.

Please note this method only works if the username and password of both the the site and WP blog are the same. This is not a proper method for WP Single Sign On, just a hack that worked in my case

I had later disabled the option of changing the password on the admin panel.

Leave a Reply Cancel reply

2 comments

Social Network

Related posts

Leave a Reply Cancel reply

2 comments

Social Network