BGaming games.REGISTER NOW GET FREE 888 PESOS REWARDS!

grahasdsiweb
(@grahasdsiweb)

2 years ago
Hi!

I tried to make a custom login form for my website and working on auto login part. As I’ve tried to search and implement according to this code, the auto login still doesn’t work. Is there any reference or something miss in the reference above?
Thanks for advance.
- This topic was modified 2 years ago by grahasdsiweb.

Viewing 7 replies - 1 through 7 (of 7 total)

Moderator

(@bcworkz)

Assuming you have already determined the user’s ID, all you should need to do is call wp_set_current_user() and wp_set_auth_cookie() with appropriate values.

If you provide a code snippet for where you determine the ID and make those calls, we could test it for ourselves to help identify where your trouble might be.

Thread Starter

grahasdsiweb

(@grahasdsiweb)

2 years ago

Hi @bcworkz
Thanks for replying.
I’ve tried the code below. It got the text “Right here” but still not logged in. Would you like to check if there is something wrong in my code?

$user = get_user_by('email', $_POST['login-email']);
$password = '01234567';
if ($user != null) {
    $result = json_decode(json_encode($user), true);
    $creds = array();
    $creds['user_login'] = $result["data"]["user_login"];
    $creds['user_password'] = $password;
    $creds['remember'] = false;
    $login = wp_signon($creds, false);
    if ($login) {
        if (!is_wp_error($login)) {
            wp_set_current_user($result["data"]["ID"], $result["data"]["user_login"]); 
            wp_set_auth_cookie($result["data"]["ID"]);    
            do_action('wp_login', $result["data"]["user_login"], $login);
            echo "Right here";
        } else {
            echo "Invalid login credentials.";
        }
    } else {
        echo 'Not login';
    }

Moderator

bcworkz

(@bcworkz)

2 years ago

Works for me, with a caveat. I didn’t feel like making a form to POST from, so I used $_REQUEST['login-email'] and passed the email as an URL query string. Unless there’s something wrong with your form, it should amount to the exact same data passed.

Where is the POST data coming from and where is it submitted to? When this code executes is important. Too early and WP is unstable. Too late and it causes headers already sent errors. FWIW I executed your code from “init” action.

You don’t need to call wp_set_auth_cookie() if you use wp_signon(), it does it for you. I commented it out when testing. I don’t think doing it again would make any difference, but for full disclosure I tested without it.

Thread Starter

grahasdsiweb

(@grahasdsiweb)

2 years ago

I’ve tried to just hard code the email below and it’s worked. Got the printf current user too.

But another problem is when I’ve tried to open the website url in another tab in the same window, it’s still not count as logged in with the user before.

$email = '[email protected]';
    $user = get_user_by('email', $email);
    $password = '012345678';
    if ($user != null) {
        $result = json_decode(json_encode($user), true);
        $creds = array();
        $creds['user_login'] = $email;
        $creds['user_password'] = $password;
        $creds['remember'] = false;
        $login = wp_signon($creds, false);
        if ($login) {
            if (!is_wp_error($login)) {
                wp_set_current_user($result["data"]["ID"], $result["data"]["user_login"]);
                do_action('wp_login', $result["data"]["user_login"], $login);
                $current_user = wp_get_current_user();
                printf(__('Username: %s', 'textdomain'), esc_html($current_user->user_login)) . '<br />';
            } else {
                echo "Invalid login credentials.";
            }
        } else {
            echo 'Not login';
        }
    }

Moderator

bcworkz

(@bcworkz)

2 years ago

Hmmmm… still works for me in any other tab of the same browser. The only change this time is I used an email and password valid for my site. I executed your code in a callback to the “init” action.

The only reason I can imagine why we would get differing behavior is where and when your code is executed.

Thread Starter

grahasdsiweb

(@grahasdsiweb)

2 years ago

Would you mind to shared the code you’ve tried? I still can’t fully grasp on the init hook.

Moderator

bcworkz

(@bcworkz)

2 years ago

add_action('init', function() {
$email = '[email protected]';
    $user = get_user_by('email', $email);
    $password = '012345678';
    if ($user != null) {
        $result = json_decode(json_encode($user), true);
        $creds = array();
        $creds['user_login'] = $email;
        $creds['user_password'] = $password;
        $creds['remember'] = false;
        $login = wp_signon($creds, false);
        if ($login) {
            if (!is_wp_error($login)) {
                wp_set_current_user($result["data"]["ID"], $result["data"]["user_login"]);
                do_action('wp_login', $result["data"]["user_login"], $login);
                $current_user = wp_get_current_user();
                printf(__('Username: %s', 'textdomain'), esc_html($current_user->user_login)) . '<br />';
            } else {
                echo "Invalid login credentials.";
            }
        } else {
            echo 'Not login';
        }
    }
});

Obviously I used a valid email and password for my site. This does prevent others from logging in as anyone else. I know this is just a proof of concept. Ideally execution would be more conditional. I’m assuming this user has more than read capability and you realize this severely weakens site security but you have your reasons and understand the risk.

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Custom Auto Login Form’ is closed to new replies.

Custom Auto Login Form

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics