Make WordPress Core

Opened 7 years ago

Closed 5 years ago

Last modified 5 years ago

#17723 closed defect (bug) (invalid)

WP Signon from external resource/php code

Reported by: TeckniX Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.1.3
Component: Users Keywords:
Focuses: Cc:


Wordpress has a lot of different functions available in the codec, such as the wp_signon.

The code to login a user from within the wordpress folder looks like:

$creds = array();
$creds['user_login'] = $username;
$creds['user_password'] = $password;
$creds['remember'] = true;
$user = wp_signon( $creds, false );

If this is done outside of the wordpress user folder, by including the wp-config.php file

including the wp-config, like the following:
global $wpdb;
define('WP_USE_THEMES', false);
require_once '/path/to/www/blog/wp-config.php';

then the cookies aren't created successfully and you can't properly login/logout a user.

There are a log of constants that set this up, yet the cookies aren't set properly, you are missing the wordpress_logged_in_COOKIEHASH essential cookie.

Such flexible function should work properly

Change History (3)

#1 follow-up: @c3mdigital
5 years ago

  • Resolution set to invalid
  • Status changed from new to closed

wp_set_auth_cookie() does this. Also when including WordPress you should start with wp-blog-header.php

#2 @ocean90
5 years ago

  • Milestone Awaiting Review deleted

#3 in reply to: ↑ 1 @SergeyBiryukov
5 years ago

Replying to c3mdigital:

Also when including WordPress you should start with wp-blog-header.php

I guess wp-load.php is a more common recommendation.

Note: See TracTickets for help on using tickets.