How to bypass wordpress login screen

shasi kanth picture shasi kanth · Feb 6, 2014 · Viewed 15.2k times · Source

Basically i want to auto login the user in wordpress, when he clicks on a link in his email, that bears a parameter of either user id, username or email.

I went researching where the Wordpress stores the session information after login.

In my theme's header.php, when i put:

<?php print_r($_COOKIE); print_r($_SESSION); ?>

and logged in as admin, i got only this one array of $_COOKIE, as wordpress does not use sessions internally.

Array
(
    [wordpress_test_cookie] => WP Cookie check
    [wordpress_logged_in_80d2ab9fd1f16a2a89ddb8a5553b4463] => admin|1391841132|58e4ae330b4ca7aef9d6a8ffa3c3a1fb
)

I also compared the database dumps before and after login, and there is no change. From this, i came to the conclusion that Wordpress stores the session data in the form of cookies.

Now i would like to bypass the login screen of Wordpress, when the user clicks on the link in his email.

I want to know what data is stored inside the above array of cookies. So i can create my own data dynamically and push it in the $_COOKIE array, to auto login the user.

Can anyone throw some light on this? I am not interested in trying any plugins. I want to do it manually for now.

EDIT: I came across this question, that talks about programmatic login of a user, if we just know his username.

Answer

shasi kanth picture shasi kanth · Feb 14, 2014

Well, i could setup a script in the root of my site, that handles the automatic login of a user, when he clicks on the link in his email. The link has 2 parameters: his username and md5 string of his email.

For example, if the username is 'sam' and his email is '[email protected]', the sample link in his email will be like:

http://www.example.com/user-login.php?username=sam&rand=ddb4b1cd8f56f9946b76399abb9d3106

Then finally the user-login.php script goes like this:

<?php
require_once ('wp-config.php');

if(isset($_GET['username']) && $_GET['username'] != '' && 
isset($_GET['rand']) && $_GET['rand'] != '')
{
    $username = trim($_GET['username']);
    $rand = trim($_GET['rand']);

    global $wpdb;
    $user_details = $wpdb->get_row("SELECT id, user_email FROM wp_users 
    WHERE user_login='".$username."'");

    if(! $user_details->id)
    {
        die("Error: Not a valid user");
    }
    else
    {
        $rand_email = md5($user_details->user_email);
        if($rand_email != $rand)
        {
            die("Error: Invalid URL");
        }
        else {
            $user = get_user_by('login', $username );

            if ( !is_wp_error( $user ) )
            {
                wp_clear_auth_cookie();
                wp_set_current_user ( $user->ID );
                wp_set_auth_cookie  ( $user->ID );
                $redirect_to = get_option('siteurl');
                wp_safe_redirect( $redirect_to );
                exit();
            }
        }
    }
}
else {
    die("Error: Missing params");
}
?>

This way, when the user clicks on the link in his email, he will be automatically logged in and navigates to the home page.

Thanks to Sjoerd Linders for providing me an insight in his answer.