I'm putting up a site using Wordpress and I'd like to piggyback on its sessions. But I'm not finding any plugins, or even documentation. Any suggestions or references before I start hacking it?
A:
Wordpress doesn't seem to use any sessions.
The best way to go about it is to use the action hooks it provides.
Anraiki
2009-10-04 04:16:05
+2
A:
For what I need to do, the best answer involves:
- To allow the cookie for wordpress to persist across subdomains, install the Root Cookie plugin.
- sub1.domain.com has wordpress; sub2.domain.com is another site. From the other site (sub2), I read the cookies to identify who the user is and if the user is logged in
My cookies are as follows:
[wordpress_909bb230b32f5f0473202684d863b2e0] => mshaffer|1255298821|d0249fced9c323835c5bf7e84ad3ffea
[wordpress_logged_in_909bb230b32f5f0473202684d863b2e0] => mshaffer|1255298821|56e9c19541ecb596a1fa0995da935700
Using PHP, I can loop over the cookies, parse the key=>value pairs. These cookies let me know that [mshaffer] has a cookie stored on wordpress, and also is authenticated as logged_in. The expiry of the cookie is 1255298821.
In sub2, I can query the database of wordpress and grab the user info:
SELECT * FROM wp_users WHERE user_login = 'mshaffer' ... grab user_id,user_email from this query
SELECT * FROM wp_usermeta WHERE user_id = '$user_id' ... grab lots of other data from wp
With this info, I can add to my sub2 session variable / cookie and do what I want with the data. I can identify if I am logged in, and my username ... which let's me grab lots of different data. I can now use WordPress authentication in my sub2.domain.com and redirect accordingly.
monte
{x:
mshaffer
2009-10-09 22:22:42
+2
A:
have you seen this? http://www.thinkingoutloud.co.za/content/20091012/php_wordpress_and_session
wordpress doesn;t appear to call session_start() because it wants to be stateless and if register_globals is defined, it automatically destroys your $_SESSION
Steve
2010-03-25 08:43:20
Thanks - from that I learned that you can call session_start() yourself in wp_config, which won't be overwritten by updates. But better than that, I'm using wp_config to instantiate a singleton instance of a "Context" class I'm using to hold a bunch of stuff I'm adding (including e.g. extended user auth tables etc.), and it can call session_start(). Your reference clarified it for me. (Now I need to maintain wp_settings with his patch to retain $_SESSION, or else use the consolidated "$input" array. Or let "Context" maintain and update the session variables.) I hate it when they do that.
le dorfier
2010-03-26 01:43:09