If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
I realized I left out alot while reading part1, so i’m covering more here, an possibly in additional posts
disable plugins if not in wordpress
You’ll need to use wordpress on the backend from time to time, mostly for login / logout functionality. You should build a connector class to handle this. When using wordpress via your class outside of your actual wordpress install you should disable you wordpress plugins. why? less to load, and i’ve found some plugins have issues when loaded by wordpress outside of the actual wordpress installation.
in wp-settings.php near line 231 replace
if ( get_option(’active_plugins’) ) {
$current_plugins = get_option(’active_plugins’);
if ( is_array($current_plugins) ) {
foreach ($current_plugins as $plugin) {
if (” != $plugin && file_exists(ABSPATH . PLUGINDIR . ‘/’ . $plugin))
include_once(ABSPATH . PLUGINDIR . ‘/’ . $plugin);
}
}
}
with
if(!defined(’NO_PLUGINS’)){
if ( get_option(’active_plugins’) ) {
$current_plugins = get_option(’active_plugins’);
if ( is_array($current_plugins) ) {
foreach ($current_plugins as $plugin) {
if (” != $plugin && file_exists(ABSPATH . PLUGINDIR . ‘/’ . $plugin))
include_once(ABSPATH . PLUGINDIR . ‘/’ . $plugin);
}
}
}
}
What we just did was change the plugin loading portion of wordpress to not load plugins if we define the NO_PLUGINS flag.
Loading wordpress for your connector class
In your class file you should load the required wordpress files before your class. Something like:
if(!defined(’DB_NAME’)) {
define(’NO_PLUGINS’,true);
require_once(FS_WORDPRESS.’/wp-config.php’);
}
I’m checking for wordpress by looking to see if the DB_NAME is defined. This check will tell if we’re already in wordpress, its not rocket scienece just a check for a wordpress only varibale. If it’s not defined then plugins are disabled. simple right?
login user to wordpress at site login.
When a user logs into your site, they should automaticly be logged into wordpress. this is of course assuming that your not trying to actually keep wordpress seprated, but then again that defeats the purpose of this thing that somehow turned into a tut (pardon me i seriously need some sleep)
wordpress was loaded via the previous code, now we’ll still need to load the specific files that contain our required wordpress functions.
require_once( ABSPATH . WPINC . ‘/registration.php’);
require_once(FS_LIBRARY.’/User.inc’);
By loading the registration.php file we’ll now have all the functions needed for handling wordpress login, logout, and registration functions. Why do we want to register a user? simple new users (or old users if you don’t want to write an import script.
the following is of course assuming that your site is setup correctly. when a new or current user attempts to login we’ll check to see if that user can in fact login or exists. if the user exists its safe to assume that they have updated their password on the main site, so we’ll update their password, and attempt to login again. for users who aren’t already in the wordpress db, we’ll run the wordpress registration functions ( removing their validation requirement of course ). because wordpress is running as an addon to your current saite, your actual site should be handling user checking etc, and only allow valid users access to this area, and only if their username matches the user session ( sorry not covering all that right now).
heres some sample code, please note your passwords shouldn’t be in plain text format, but this sampleuses plain text passcodes to show how. you can remove the md5 functions and do your own thing from there
/*this function adds a user to wordpress, their is no error checking as users are checked, updated, created at login*/
function register($username, $password, $email){
global $wpdb;
//make sure we have a user
if(!empty($username) && !username_exists( $username )){
/*create user and update their wordpress account to not require activation*/
@create_user($username, $password, $email);
$wpdb->query(”UPDATE $wpdb->users SET user_pass = MD5(’$password’), user_activation_key = ” WHERE user_login = ‘$username’”);
}
}
/*this function is only called from the login function in your site user class
at the point its called we have a valid user, so we need to make sure the user can access wordpress*/
function login($user_login, $user_pass){
global $wpdb, $_SERVER;
//attempt login
$logged_in=@wp_login($user_login, $user_pass);
/*if login fails but user name exist
then user was created by an admin
so we’ll reset their wordpress password and update their email address, just in case they changed it*/
if(!$logged_in && username_exists( $user_login )){
$user =&new YourUserClass($user_login);
$wpdb->query(”UPDATE $wpdb->users SET user_pass = MD5(’$user_pass’), user_email=’”.$user->emailAddress().”‘ WHERE user_login = ‘$user_login’”);
}else{
/*the user hasn’t been added to wordpress, add them */
$user =&new YourUserClass($user_login);
WordPressConnector::register($user->userName(), $user->password(), $user->emailAddress());
}
do_action_ref_array(’wp_authenticate’, array(&$user_login, &$user_pass));
//ok we now have a valid wordpress user
//if not logged in then login user
$logged_in=(!$logged_in) ? @wp_login($user_login, $user_pass) : $logged_in;
if($logged_in){
wp_setcookie($user_login, $user_pass, false, ”, ”, true);
do_action(’wp_login’, $user_login);
}
return $logged_in;
}
function logout(){
global $_SERVER;
wp_clearcookie();
do_action(’wp_logout’);
your_site_redirect_function();
}
If you have any questions, leave a comment, or just leave a comment if this was helpful.
Sid
