admin管理员组

文章数量:1320661

If user is logged in to site/subsite, and you check this function:

require(__DIR__."/wp-load.php");
var_dump(is_user_logged_in());

it returns true. However, if called from outside folder:

require(__DIR__."/subfolder/wp-load.php");
var_dump(is_user_logged_in());

It doesn't recognize authorization. What are the acceptable ways to achieve that, without using REST-API? (I doubt it just needs pointing some sub-directory for cookie).

If user is logged in to site/subsite, and you check this function:

require(__DIR__."/wp-load.php");
var_dump(is_user_logged_in());

it returns true. However, if called from outside folder:

require(__DIR__."/subfolder/wp-load.php");
var_dump(is_user_logged_in());

It doesn't recognize authorization. What are the acceptable ways to achieve that, without using REST-API? (I doubt it just needs pointing some sub-directory for cookie).

  • wp-load.php
  • authorization
Share Improve this question asked Oct 13, 2020 at 9:58 T.ToduaT.Todua 5,8609 gold badges52 silver badges79 bronze badges
Add a comment  | 

1 Answer 1

Reset to default 1

If WordPress is installed in /subfolder/, then the authentication cookies will by default only valid for that path.

So if needed, you can allow the cookies in parent directory by setting the cookie constants like COOKIEPATH.

For example, if I had WordPress installed at example/wp/ and I wanted the authentication works at example/, then I'd define the following in wp-config.php: (but I don't know much about the differences between the SITECOOKIEPATH and COOKIEPATH, other than that the former seems to be specific to Multisite)

define( 'COOKIEPATH',        '/' );
define( 'SITECOOKIEPATH',    '/' );
define( 'ADMIN_COOKIE_PATH', '/wp/wp-admin' );

But the thing is, you'd need to logout first before applying the above changes, and so does with all other users who were already logged-in on your site, i.e. log out before you applied the above changes.

So you'd want to just invalidate all (existing) WordPress cookies by changing the security keys like LOGGED_IN_KEY — all users will have to login again, but at least, they'd be able to login properly.

本文标签: wp loadphpCheck user logged in from outside of WP folder

版权声明:本文标题:wp load.php - Check user logged in from outside of WP folder 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742065481a2418808.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。