Autologin a WordPress user in your PHP script

I was having some problems using the WordPress function wp_insert_post in a cron job I was working on, and I remembered having read somewhere that the wp_insert_post -function reacted differently depending on whether or not a user was logged in or not, so I found the code that automatically logged in a user, which I then added to the top of my PHP-script, and voila, the problem was solved:

require('wp-blog-header.php');
$user_login = 'admin';
$user = get_userdatabylogin($user_login);
$user_id = $user->ID;
wp_set_current_user($user_id, $user_login);
wp_set_auth_cookie($user_id);
do_action('wp_login', $user_login);

Now, remember to set the proper path for the wp-blog-header.php file. (I know, there are other ways of loading the WordPress functions).

Secondly, remember to set the correct username. In this example I have used the default ‘admin’.

Notice how you do not need to enter the password for the user? This is powerful stuff, but be careful where you use it.

home title 4 Responses home title
  1. searbe says:
    30/06/2009 at 04:56

    Fantastic :) Needed this so users can be logged in after an ajax-based registration. Thanks for taking the time to post it

    Reply
    • myWordPress says:
      30/06/2009 at 08:29

      You are welcome, glad you like it and commented. Comments like this motivate me to continue distributing tips and tricks when I encounter them.

      Best of luck with the code, glad it helped :-)

      Reply
  2. Patricia Jocobi says:
    22/10/2009 at 18:36

    This is great, just what I was looking for, Thanks a lot!

    I will use it to integrate a blog using Wordpress to my site, I’ve already have a user login authentication, and don’t to use wordpress login

    I’m populating my site users table to wp_user table

    Do you think I would have a security issue if I use it for this purpose?

    Reply
  3. myWordPress says:
    23/10/2009 at 07:28

    I don’t think there would be a security issue as such, obviously you need to secure your own login-system, but if you already do that, the data you send to WordPress should be fine.

    You should also note that by maintaining a separate user-login system, you have two databases you need to keep synchronized, making sure to add, modify and delete users in both.

    Although it is clearly your own business, I suggest to take a look at fully using WordPress as your userdatabase. I do that on linklaunder.com (which is not active at the moment, unfortunately), where I use a few plugins to ensure a double-opt-in system where users actively agree to the disclaimer, privacy policy, etc. This is through the use of the plugin “Register Plus”.

    It is very easy to use a bit of php-code in your template files, to use WordPress to process user-level, and provide individual user data to logged in users.

    Just my suggestion, let me know if you need some help, should you choose to go that direction.

    Thank you for visiting, and leaving a comment! :-)

    Reply
home title Leave a Reply home title

PRIVACY POLICY: Your privacy is important to us. We will never sell or rent your email address and you can unsubscribe at any time.

If you check the check-box above and leave a comment, you will sign up to our newsletter, but do not worry, we only send out very few e-mails. We usually only send you an e-mail when we launch a new product, want to touch base with our e-mail readers or we have found a really really cool product we want to tell you about.

line
footer
Powered by Wordpress | Designed by Elegant Themes