我已经看过很多关于如何做到这一点的帖子,但我尝试过的任何事情似乎都不适用于我的情况。我期待着让它发挥作用而发疯。
我正在尝试从不同的 url 登录 wordpress 站点 A,因此当用户登录 wordpress 站点 B 时,他们会自动登录到 wordpress 站点 A。注意:这些站点位于同一服务器上,只是不同的 url。
我已经尝试过 CURL,并且一切正常(发送和接收数据),但是 cookie 似乎没有被正确存储,而且永远不会让我登录到该站点。我正在对密码进行安全保护,我刚刚将其删除以将其发布在这里
所以这里更详细地是我从(站点 B)发送 CURL 的代码
add_filter('wp_authenticate', 'send_login', 100, 3);
function send_login($username, $password) {
// this filter is called on the log in page
// make sure we have a username before we move forward
if (!empty($username)) {
//send login information to other sites
$fields = array( 'username' => $username , 'password' => $password );
echo "<br /> pwd: ". $fields['password'];
$response = do_post_request('http://www.wordpressSiteA.com/wp-content/plugins/login-api/login.php' , $fields );
echo $response;
exit; // i have this for testing purposes so i dont have to keep logging in and out to test
return $user;
}
return $user;
}
function send_data_to_sister_sites($url , $fields ) {
//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.urlencode($value).'&'; }
rtrim($fields_string,'&');
$cookie = "cookie.txt";
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($ch, CURL_COOKIEFILE, '');
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
return $result;
}
然后这里是站点 A 上的 login.php 文件,我也发送 CURL 以登录用户
require_once("../../../wp-blog-header.php");
//check security of this request and check fields are sent properly
if (isset ($_REQUEST['username'] ) && isset($_REQUEST['password']) ) {
$username = $_REQUEST['username'];
$userinfo = get_user_by('login', $username);
if ($userinfo) {
//parse data and decrypt fields
$password = $_REQUEST['password'];
$creds = array();
$creds['user_login'] = $username;
$creds['user_password'] = $password;
$creds['remember'] = false;
//log in user
wp_signon($creds, true);
wp_set_auth_cookie( $userinfo->ID );
wp_set_current_user($userinfo->ID);
// global $current_user;
//get_currentuserinfo();
// echo 'name: ' . $current_user->user_login . '<br />';
if ( is_wp_error($user) )
echo $user->get_error_message();
echo "Success";
} else {
//no user found exit false
echo "no user found";
}
} else { echo "no paramters exist"; }
我已经像这样从站点 A 定期运行这个脚本,它工作正常,用户登录。
www.wordpressSiteA.com/wp-content/plugins/login-api/login.php?username=username&password=password
然而,在 CURL 请求上似乎没有任何保存。谁能想到一些事情来帮助我朝着正确的方向前进。我太近了!
谢谢!