[wp-hackers] Re: Sharing Users/authentication
clwoodard at gmail.com
Sat Aug 25 14:47:24 GMT 2007
Some more news:
I've gone through the files I toyed with and the only ones I modified
for this hack/plug-in were wp-config and my plug-in. I did some
testing and was able to pull all the information into the plug-in so
that's the only thing that has changed! Now, for authentication/login
the user can log into WP using the smf_member's table.
Now, here come the issues:
I have to find a way to log the user into SMF at the same time.
I have to find a way to get WP to use the SMF cookie instead of its
I have to find a way to delete/update/insert users into the SMF table.
It looks like, for the last one, I'll have to hack the admin-db,
wp-login, and registration files since it would be a good idea to fix
the reset/lost password parts as well.
For the login stuff, it looks like I can use the action system to add
to the wp_login and wp_logout functions. I believe that's where I need
to update the SMF table with the data necessary (killing sessions,
setting logged off, etc.) I'll be using one of the SMF bridges (mambo,
actually) to see how that was done.
For the cookie stuff, I might have to override the wp_set_cookie()
function but it doesn't seem like I will even need to do this if I can
get the SMF cookie to work. Since I overrode this function already to
store the password the way SMF does (
sha1(strtolower($username).$password) where $password is clear text as
is the username) versus the double-md5() hashed way that WP does it.
So, I think I can ignore this... I can always check to see if the SMF
cookie exists. If it does, I can just set the WP cookie information
based on it before the cookie check.
Well, anyway, my plug-in is partially working and it looks like I'll
have to modify the main files... unless there's a filter or action
that can preempt update/insert/delete in WP...
More information about the wp-hackers