[wp-hackers] Use WP as an authentication system

Alex Hempton-Smith hempsworth at googlemail.com
Mon Feb 16 01:44:33 GMT 2009


Sure thing Mike, I've got it pretty much working but I just need to change
where the sign-in form redirects to, so things run completely smoothly.
I have a really stripped down sign-in form like this:

<form name="loginform" id="loginform" action="<?php bloginfo('wpurl');
?>/wp-login.php" method="post">
<input type="text" name="log" id="user_login" class="input" value="<?php
echo attribute_escape(stripslashes($user_login)); ?>" />
<input type="password" name="pwd" id="user_pass" class="input" value=""
size="20" />
<input type="submit" name="wp-submit" id="wp-submit" value="Log In" />
<input type="hidden" name="redirect_to" value="http://staff.example.com" />
</form>

But when it's used in the subdomain, it logs me in but redirects me to the
admin panel - completely ignoring the redirect_to!
Also, with log-out links I'm adding "&redirect_to=http://staff.example.com"
to the URL but it's not working either.

Am I missing something?

-- Alex


On Mon, Feb 16, 2009 at 1:28 AM, <mikeschinkel at newclarity.net> wrote:

> Alex,
>
> When you get it all working any chance you could document how you did it on
> a blog or somewhere? I think it would be a very valuable technique in
> general and could help a lot of people.
>
> -Mike
>
> Sent from my iPhone
>
> On Feb 15, 2009, at 5:34 PM, Alex Hempton-Smith <hempsworth at googlemail.com>
> wrote:
>
>  By the way, I changed the cookie attributes in the
>> Firefox developer toolbar, and the authentication is now working.
>> I just need to stop WP saving the cookies with the original settings.
>>
>> -- Alex
>>
>>
>> On Sun, Feb 15, 2009 at 10:24 PM, Alex Hempton-Smith <
>> hempsworth at googlemail.com> wrote:
>>
>>  Brilliant, so I changed the cookie path from "/wp/wp-admin" to "/", and
>>> changed the host from "www.example.com" to ".example.com".
>>> How would I force WP to save the cookies like this?
>>>
>>> -- Alex
>>>
>>>
>>>
>>> On Sun, Feb 15, 2009 at 9:34 PM, Gaarai <gaarai at gaarai.com> wrote:
>>>
>>>  The cookie is most likely being set just for the domain that your
>>>> WordPress resides on. The subdomain is treated as a different domain.
>>>>
>>>> So, you might look at modifying the cookie to be set for a domain of ".
>>>> domain.com". Note the dot (.) in front of the domain name. This should
>>>> ensure that the cookie will work for all subdomains.
>>>>
>>>>
>>>> Chris Jean
>>>> http://gaarai.com/
>>>> http://wp-roadmap.com/
>>>>
>>>>
>>>>
>>>> Alex Hempton-Smith wrote:
>>>>
>>>>  Thanks Mike, I've defined ABSPATH and when I visit the page I get sent
>>>>> to
>>>>> the WP login page. I log in, it redirects me to the Dashboard. When I
>>>>> go
>>>>> back to the subdomain it just shows me the login page again.
>>>>> Why's it doing this you think?
>>>>>
>>>>> -- Alex
>>>>>
>>>>>
>>>>> On Sun, Feb 15, 2009 at 9:18 PM, <mikeschinkel at newclarity.net> wrote:
>>>>>
>>>>>
>>>>>
>>>>>  admin.php includes wp-load.php and assumes it's relative directory.
>>>>>> Either
>>>>>> define ABSPATH to your WordPress root or explicitly require()
>>>>>> wp-load.php
>>>>>> using the correct directory before requiring admin.php and that should
>>>>>> solve
>>>>>> it.
>>>>>>
>>>>>> -Mike
>>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>>
>>>>>> On Feb 15, 2009, at 2:11 PM, Alex Hempton-Smith <
>>>>>> hempsworth at googlemail.com>
>>>>>> wrote:
>>>>>>
>>>>>> I'm having real trouble with this... I get errors when I try to
>>>>>> include
>>>>>>
>>>>>>
>>>>>>  the
>>>>>>> following code:
>>>>>>> require_once('../wp/wp-admin/admin.php');
>>>>>>>
>>>>>>> Saying:
>>>>>>> Warning: require_once(../wp-load.php) [function.require-once]: failed
>>>>>>> to open stream: No such file or directory in...
>>>>>>>
>>>>>>> Does anybody have any experience of using WP in this way?
>>>>>>>
>>>>>>> -- Alex
>>>>>>>
>>>>>>>
>>>>>>> On Sun, Feb 15, 2009 at 5:49 PM, Gaarai <gaarai at gaarai.com> wrote:
>>>>>>>
>>>>>>> I'm about to head out, but I wanted to give you a tip to get you
>>>>>>> started.
>>>>>>>
>>>>>>>
>>>>>>>  I recommend checking out the wp-admin/index.php file. This should
>>>>>>>> serve
>>>>>>>> as
>>>>>>>> a template for your custom app.
>>>>>>>>
>>>>>>>> You'll also need to look at the $_REQUEST['redirect_to'] query arg
>>>>>>>> so
>>>>>>>> that
>>>>>>>> you can properly redirect your user once they've logged in. You can
>>>>>>>> find
>>>>>>>> more about it by looking in the wp-login.php file.
>>>>>>>>
>>>>>>>> Chris Jean
>>>>>>>> http://gaarai.com/
>>>>>>>> http://wp-roadmap.com/
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Alex Hempton-Smith wrote:
>>>>>>>>
>>>>>>>> Hi all,
>>>>>>>>
>>>>>>>>
>>>>>>>>  I'm building a set of custom apps/scripts for our charity and I
>>>>>>>>> would
>>>>>>>>> like
>>>>>>>>> to make these available at "staff.example.com". I have a regular
>>>>>>>>> install
>>>>>>>>> of
>>>>>>>>> WP in "example.com/wp/". The staff subdomain's content is actually
>>>>>>>>> in
>>>>>>>>> /home/
>>>>>>>>> example.com/staff/.
>>>>>>>>>
>>>>>>>>> Instead of re-invent the wheel I (and to have the same
>>>>>>>>> usernames/passwords),
>>>>>>>>> I would like to use the authentication system from the WP install
>>>>>>>>> on
>>>>>>>>> my
>>>>>>>>> own
>>>>>>>>> custom PHP stuff in the subdomain. And then be able to use normal
>>>>>>>>> WP
>>>>>>>>> functions within my own app, like checking if they're logged in,
>>>>>>>>> getting
>>>>>>>>> usernames etc.
>>>>>>>>>
>>>>>>>>> What do I need to do to allow my users to log into the main
>>>>>>>>> install,
>>>>>>>>> and
>>>>>>>>> then be logged into the custom area?
>>>>>>>>>
>>>>>>>>> I know it'll be more than just including 'wp-blog-header.php',
>>>>>>>>> because
>>>>>>>>> of
>>>>>>>>> cookies etc?
>>>>>>>>>
>>>>>>>>> Many thanks if anyone can help!
>>>>>>>>>
>>>>>>>>> -- Alex
>>>>>>>>> _______________________________________________
>>>>>>>>> wp-hackers mailing list
>>>>>>>>> wp-hackers at lists.automattic.com
>>>>>>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>  wp-hackers mailing list
>>>>>>>> wp-hackers at lists.automattic.com
>>>>>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>>
>>>>>>>>
>>>>>>>>  wp-hackers mailing list
>>>>>>> wp-hackers at lists.automattic.com
>>>>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>  _______________________________________________
>>>>>> wp-hackers mailing list
>>>>>> wp-hackers at lists.automattic.com
>>>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>>>
>>>>>>
>>>>>>
>>>>>>  _______________________________________________
>>>>> wp-hackers mailing list
>>>>> wp-hackers at lists.automattic.com
>>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>>
>>>>>
>>>>>
>>>>>  _______________________________________________
>>>> wp-hackers mailing list
>>>> wp-hackers at lists.automattic.com
>>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>>>
>>>>
>>>
>>>  _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>


More information about the wp-hackers mailing list