WP Signon from external resource/php code
|Reported by:||TeckniX||Owned by:|
Wordpress has a lot of different functions available in the codec, such as the wp_signon.
The code to login a user from within the wordpress folder looks like:
$creds = array(); $creds['user_login'] = $username; $creds['user_password'] = $password; $creds['remember'] = true; $user = wp_signon( $creds, false ); wp_set_current_user($user->ID);
If this is done outside of the wordpress user folder, by including the wp-config.php file
including the wp-config, like the following: global $wpdb; define('WP_USE_THEMES', false); require_once '/path/to/www/blog/wp-config.php'; wp();
then the cookies aren't created successfully and you can't properly login/logout a user.
There are a log of constants that set this up, yet the cookies aren't set properly, you are missing the wordpress_logged_in_COOKIEHASH essential cookie.
Such flexible function should work properly