I developed a website using PHP and MySQL, which already has a login and registration form. (myweb.com
)
I've added wordpress to it at this url myweb.com/blog
I want to disable the login and registration page on WordPress and force users to use mine. Basically integrate my login with WordPress so that user will be logged in on both sites.
My site members
table looks like this. And all registered users are stored here. And passwords in my DB are hashed using md5()
id | name | email | password
and WordPress structure is like this and is currently empty
ID | user_login | user_pass | user_nicename | user_email | user_url | user_registered | user_activation_key | user_status | display_name
I tried following the steps mentioned here
but I get this error on line 254 var_dump($user);
object(WP_Error)#620 (2) {
["errors"]=>
array(1) {
["invalid_username"]=>
array(1) {
[0]=>
string(166) "<strong>ERROR</strong>: Invalid username. <a href="http://localhost/dev/blog/wp-login.php?action=lostpassword" title="Password Lost and Found">Lost your password</a>?"
}
}
["error_data"]=>
array(0) {
}
}
Also, all user info is stored in my members
table on my site not in WordPress's db.
Here is my login code for my site, which I recently added the WordPress login to it too.
/*
* Login
*
* $email = email of user
* $pass = user password (must already be in md5 form)
* $url = url of page they are login from
*/
function login($email = '', $pass = '', $url = '', $sticky = false)
{
global $lang, $_db, $mod, $template_style;
// Replace nasty things to stop sql injection
$email = addslashes(strtolower($email));
$email = strip_tags($email);
$email = htmlspecialchars($email, ENT_QUOTES);
//get user id
$sql = "SELECT `id`, `name`, `username`
FROM `members`
WHERE `email`='".mysql_real_escape_string($email)."'
AND `pass` = '" . mysql_real_escape_string($pass) . "'
LIMIT 0,1";
$q = $_db->query($sql);
list($uid, $name, $username) = $_db->fetch_array($q);
$login_check = $_db->num_rows($q);
if ($login_check <= '0') //check if login matches
{
echo '0'; //login failed
die;
}
/*
* wordpress login
*
* read:
* http://codex.wordpress.org/Function_Reference/wp_update_user
*/
$credentials = array();
$credentials['user_email'] = $email;
$credentials['user_password'] = $pass;
$credentials['remember'] = $sticky; // true/false
$secure_cookie = false; // true / false
$user = wp_authenticate($credentials['user_email'], $credentials['user_password']);
if ( is_wp_error($user) ) {
if ( $user->get_error_codes() == array('empty_email', 'empty_password') ) {
//$user = new WP_Error('', '');
$user = wp_update_user(array ( 'user_login' => $name, 'user_email' => $email, 'user_pass' => $pass ));
}
}
var_dump($user);
wp_set_auth_cookie($user->ID, $credentials['remember'], $secure_cookie);
do_action('wp_login', $user->user_login, $user);
/*
set login cookies
*/
set_login_cookie($uid, $pass, $sticky);
//lock check
lock_checker($uid);
update_thisuser_online();
}
Do I have to copy everything from my members
table and populate it into wp_users
or is there a way to login into wordpress without having duplicate data in 2 different tables? I don't want to have 2 logins and 2 registration forms on both sites.
Why won't wp_authenticate()
in my code above authenticate?
In order to force login in WordPress, you first need to install and activate the plugin. You can do this by heading over to the Plugins page inside your WordPress admin dashboard. Simply search the plugin name and install it from there. Once the plugin has been installed and activated, you are actually good to go.
Common reasons why you can't access wp-adminYou're being blocked by your security plugin. You changed the WordPress login URL. Your WordPress memory limit is too low. There's a problem with your WordPress site (White Screen of Death, 500 Internal Server Error, etc.)
You can set the wordpress login to use a custom table by editing the config.php and adding these two lines:
define('CUSTOM_USER_TABLE','new_user_table'); //login, pass, email etc
define('CUSTOM_USER_META_TABLE', 'new_usermeta_table'); //optional bio, don't have to include this line
Where new_user_table is your website's table and new_usermeta_table is your website's bio table (if you want one)
The custom table needs to have the same structure as a normal wordpress table. So, to get this working with your existing website's table you'll have to add some fields and make sure the password is hashed the same way.
Here is how to structure the user table
Here is how to structure the user meta table
To hash the passwords correctly at registration, include the file wp-includes/pluggable.php and use the function<?php $hash = wp_hash_password( $password ) ?>
For existing passwords that are not hashed correctly, you'll have to set up an email password reset.
Or. if you'd like to retain your current password hashes (not recommended for security reasons but doable) you can change the wordpress hashing function. In wp-includes/pluggable.php change:
if ( !function_exists('wp_hash_password') ){
function wp_hash_password($password) {
//apply your own hashing structure here
return $password;
}
}
And change:
if ( !function_exists('wp_check_password') ){
function wp_check_password($password, $hash, $user_id = '') {
//check for your hash match
return apply_filters('check_password', $check, $password, $hash, $user_id);
}
}
For details on wp_check_password Go Here
Alternatively
You can skip messing around with your custom user table and have the wordpress login apply to the rest of your site. To do this, simple use the following code:
<?php
include 'wp-config.php';
if ( is_user_logged_in() ) {
echo 'Welcome, registered user!';
} else {
header( 'Location: http://google.com' ) ;
};
?>
Make sure that 'wp-config.php' is the full relative path to the file, then place this code in every page on your non wordpress site. replace the echo with whatever content is to be displayed for a logged in user, and replace the header with whatever is to be displayed for a guest. If the content is simple html you can do the following:
<?php
include 'wp-config.php';
if ( is_user_logged_in() ) {
?>
<html>
<head></head>
<body><p>Welcome Registered user</p></body>
</html>
<?php
} else {
?>
<html>
<head></head>
<body><p>Please log in</p></body>
</html>
<?php
};
?>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With