Well I “got around it” but I’m not happy with the way I did.
I validate a user with a login.php page that looks like this (called from my ios app)
<?php
header("Content-type: text/json");
header('Cache-Control: no-cache');
header('Expires: Mon, 01 Jan 1996 00:00:00 GMT');
$username = $password = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
require_once('wp-load.php');
if (isset($_POST['username'])) {
$username = $_POST['username'];
}
if (isset($_POST['password'])) {
$password = $_POST['password'];
}
$user = get_user_by('login',$username);
$validUser = false;
if ( $user and wp_check_password($password, $user->data->user_pass, $user->ID) )
$validUser = true;
$result[]= array (
"username" => $username,
"password" => $password,
"user" => $user,
"rc" => 0,
"valid user" => $validUser,
"type" => "Login Result"
);
echo json_encode($result);
}
else {
$result[]= array (
"rc" => 1,
"type" => "Login Result",
"error_msg" => "request was not a post"
);
echo json_encode($result);
}
?>
Then I just placed a PHP page on the server that would get the info once I got back a valid login from the login.php
JSON api page:
<?php
header("Content-type: text/json");
header('Cache-Control: no-cache');
header('Expires: Mon, 01 Jan 1996 00:00:00 GMT');
$username = $password = "";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
require_once('wp-load.php');
$username = ""; // user admin username
$password = ""; // admin password
$user = get_user_by('login',$username);
$validUser = false;
if ( $user and wp_check_password($password, $user->data->user_pass, $user->ID) )
$validUser = true;
$query = new WP_Query( 'pagename=xxxxx' ); // where xxxxx is your wordpress page that you want returned
$result[]= array (
"rc" => 0,
"valid user" => $validUser,
"type" => "Login Result",
"url return" => $query
);
echo json_encode($result);
}
else {
$result[]= array (
"rc" => 1,
"type" => "Login Result",
"error_msg" => "request was not a post"
);
echo json_encode($result);
}
?>