Last active
April 25, 2023 12:18
-
-
Save verygoodplugins/4e636fc0e8c68b0d30b42bf8c840290c to your computer and use it in GitHub Desktop.
Allow a true auto-login via a link with a contact ID in it.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Disbale "Allow URL Login" in WP Fusion's settings for this to work properly. | |
/** | |
* True auto login. Format your URLs like: https://mysite.com/?cid=%CONTACTID%&email=%EMAILADDRESS%&key=%ACCESSKEY% | |
* | |
* Where %CONTACTID% is the ID of the contact | |
* %EMAIL% is the email address of the contact | |
* and %ACCESSKEY% is your access key from the bottom of the WP Fusion General settings tab | |
*/ | |
function wpf_true_auto_login() { | |
if ( ! isset( $_GET['cid'] ) ) { | |
return; | |
} | |
if ( ! isset( $_GET['key'] ) || $_GET['key'] !== wpf_get_option( 'access_key' ) ) { | |
return; // verify the access key. | |
} | |
$contact_id = sanitize_text_field( $_GET['cid'] ); | |
$user_id = wp_fusion()->user->get_user_id( $contact_id ); // look up the user ID. | |
if ( empty( $user_id ) || user_can( $user_id, 'manage_options' ) ) { // make sure they're a real user, and not an admin. | |
wp_die( 'Invalid user ID.' ); | |
} | |
$user = get_user_by( 'id', $user_id ); | |
if ( $user->user_email !== urldecode( $_GET['email'] ) ) { | |
wp_die( 'Invalid email.' ); // verify their email. | |
} | |
// Login. | |
wp_set_current_user( $user_id, $user->user_login ); | |
wp_set_auth_cookie( $user_id ); | |
do_action( 'wp_login', $user->user_login, $user ); | |
} | |
add_action( 'after_setup_theme', 'wpf_true_auto_login' ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment