Ask your WordPress questions! Pay money and get answers fast! (more info)

Pass variable from URL through a login redirect into wplogin form WordPress

  • SOLVED

Hello,

This is a funny one, but only a genius can probably figure this out. It's an odd one.

Requires a little javascript and a little adjustment to my existing php function.

I have a wp site that is locked down from the public using this function...


add_action('get_header', 'wpq_member_only_site');
function wpq_member_only_site() {

if ( !is_user_logged_in() ) {

$redirect_after_login = get_home_url();

$login_url = wp_login_url( $redirect_after_login );

wp_redirect( $login_url, 302 );
exit;
}
}


...which redirects non-logged in users to the login form.


My question is, I would like use URL variables like this...

<strong>http://example.com?user=media&password=23747</strong>

...and somehow, (I guess) pass it through the function and into the login page URL...

<strong>http://example.com/wp-login.php?redirect_to=http%3A%2F%2Fexample.com&user=media&password=23747</strong>

...so then a script in my login_head can use, and automatically pre-populate the login form.


I will insert the script into my login_head using this function...


function my_login_head() {
echo '

<!-- script here -->

';
}
add_action('login_head', 'my_login_head');



Does anyone think they can help me with this? Or if its possible.

The idea is, so I can use this URL to give people access without them having to know the username or password.

If someone can help, I will give full price to the working answer.


Thanks
Josh

Answers (2)

2012-11-07

Dbranes answers:

Here is one way (without jQuery) to autofill the login form using an url like

http://example.com/wp-login.php?ul=james+bond&up=123


function my_login_head() {
if(isset($_GET['ul'])&& isset($_GET['up'])){
$ul=esc_attr($_GET['ul']);
$up=esc_attr($_GET['up']);
echo '<script>
window.onload = function() {
var ul=document.getElementById("user_login");
ul.value = "'.$ul.'";
var u p=document.getElementById("user_pass");
up.value = "'.$up.'";
}
</script>';
}
}
add_action('login_head', 'my_login_head');



If you want to use an url like:

http://example.com/?ul=james+bond&up=123

to redirect non members to the prefilled login form, you can use this modifed version of your 'wpq_member_only_site' function:

add_action('get_header', 'wpq_member_only_site');
function wpq_member_only_site() {
if ( !is_user_logged_in() ) {
$redirect_after_login = get_home_url();
$autofill="";
if(isset($_GET['ul']) && isset($_GET['up'])){
$ul=esc_attr($_GET['ul']);
$up=esc_attr($_GET['up']);
$autofill="&ul=".$ul."&up=".$up;
}
$login_url = wp_login_url( $redirect_after_login ).$autofill;
wp_redirect( $login_url, 302 );
exit;
}
}


ps: there is always a security risk having the password in the url.


Josh Cranwell comments:

Thanks Dbranes...

Does this work for you?

I can seem to get it work properly.

Thanks
Josh


Josh Cranwell comments:

Yep the second part works nicely thank you!

Though the script does seem to be working? Not sure why.

http://i.imgur.com/2WKPB.png


Thanks


Dbranes comments:

aha, replace

var u p=document.getElementById("user_pass");


with

var up=document.getElementById("user_pass");


my tab key is teasing me when I switch using alt-tab ;-)


Josh Cranwell comments:

Sorter it! The space!!!!

This worked awesome thank you!


Josh Cranwell comments:

Haha yeah man, just noticed myself.

Nice one, works great!!!!


Thanks dude

2012-11-07

Jerson Baguio answers:

Kindly check this code.. it works on my end

<?php
require_once( ABSPATH . 'wp-includes/pluggable.php' );
$basename = basename($_SERVER['SCRIPT_NAME']);
if($basename=='wp-login.php'){
if(isset($_GET['user_direct_login']))
{
$user_login = $_GET['user'];
$user = get_user_by('login', $user_login);
$user_id = $user->ID;
wp_set_current_user($user_id, $user_login);
wp_set_auth_cookie($user_id);
$creds = array();
$creds['user_login'] = $user->user_login;
$creds['user_password'] = $_GET['password'];
$creds['remember'] = true;
$user = wp_signon( $creds, false );
if ( is_wp_error($user) ){
echo $user->get_error_message();
}else{
wp_redirect( admin_url());
}
}

}
?>


Jerson Baguio comments:

Used this link

http://wordpress_directory_here/wp-login.php?user_direct_login=true&user=admin&password=admin


Jerson Baguio comments:

I attached the code as a plugin for you to test this out thank you


Josh Cranwell comments:

Just solved with Dbranes, thanks though.