我已经看过很多关于如何做到这一点的帖子,但我尝试过的任何内容似乎都不适用于我的情况。我很生气,希望能让它发挥作用。
我正在尝试从不同的网址登录wordpress网站A,因此当用户登录到wordpress网站B时,他们会自动登录到wordpress网站A.注意:网站在同一台服务器上只是不同的网址。
我已经尝试过CURL并且已经使一切正常工作(发送和接收数据)但是它似乎并没有正确存储cookie并且永远不会将我登录到网站上。我正在对密码进行安全保护,我只是把它放在这里发布
所以这里更详细的是我从(站点B)发送CURL的代码
add_filter('wp_authenticate', 'send_login', 100, 3);
function send_login($username, $password) {
// this filter is called on the log in page
// make sure we have a username before we move forward
if (!empty($username)) {
//send login information to other sites
$fields = array( 'username' => $username , 'password' => $password );
echo "<br /> pwd: ". $fields['password'];
$response = do_post_request('http://www.wordpressSiteA.com/wp-content/plugins/login-api/login.php' , $fields );
echo $response;
exit; // i have this for testing purposes so i dont have to keep logging in and out to test
return $user;
}
return $user;
}
function send_data_to_sister_sites($url , $fields ) {
//url-ify the data for the POST
foreach($fields as $key=>$value) { $fields_string .= $key.'='.urlencode($value).'&'; }
rtrim($fields_string,'&');
$cookie = "cookie.txt";
//open connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_COOKIEJAR, $cookie);
curl_setopt($ch, CURL_COOKIEFILE, '');
//set the url, number of POST vars, POST data
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_POST,count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS,$fields_string);
//execute post
$result = curl_exec($ch);
//close connection
curl_close($ch);
return $result;
}
然后这是在Site A上的login.php文件我也发送了CURL来登录用户
require_once("../../../wp-blog-header.php");
//check security of this request and check fields are sent properly
if (isset ($_REQUEST['username'] ) && isset($_REQUEST['password']) ) {
$username = $_REQUEST['username'];
$userinfo = get_user_by('login', $username);
if ($userinfo) {
//parse data and decrypt fields
$password = $_REQUEST['password'];
$creds = array();
$creds['user_login'] = $username;
$creds['user_password'] = $password;
$creds['remember'] = false;
//log in user
wp_signon($creds, true);
wp_set_auth_cookie( $userinfo->ID );
wp_set_current_user($userinfo->ID);
// global $current_user;
//get_currentuserinfo();
// echo 'name: ' . $current_user->user_login . '<br />';
if ( is_wp_error($user) )
echo $user->get_error_message();
echo "Success";
} else {
//no user found exit false
echo "no user found";
}
} else { echo "no paramters exist"; }
我已经定期运行此脚本从站点A这样调用它,它运行正常,用户登录。
www.wordpressSiteA.com/wp-content/plugins/login-api/login.php?username=username&password=password
但是在CURL请求中似乎没有任何保存。任何人都可以想到有什么能帮助我朝着正确的方向前进。我太近了!
谢谢!
答案 0 :(得分:0)
答案 1 :(得分:0)
由于它们位于同一台服务器上,因此可以在两个站点之间共享会话,但不能通过读取cookie来共享。例如,您可以在两个站点上的数据库中存储会话ID,IP和上次访问时间,并在两者中读取该数据库表,如果相同的IP并且在短时间内访问并且没有注销,则基于该会话创建新会话id并记录用户。这可能会为某些安全问题打开大门,但可以完成。