API tools faq
paste
Guest User

Untitled

a guest
Feb 9th, 2019
126
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.33 KB | None | 0 0
raw download clone embed print report
  1. require '/var/www/store/wp-includes/user.php';
  2. $credentials = array();
  3. $credentials['user_login'] = $_POST['username'];
  4. $credentials['user_password'] = $_POST['password'];
  5. $credentials['remember'] = true;
  6. $autologin_user = wp_signon( $credentials, is_ssl() );
  7.  
  8. $url_wp = 'https://domain.tld/store/';
  9. //$postdata = "log=" . $username . "&pwd=" . $password . "&wp-submit=Log%20In&redirect_to=" . $url_wp . "wp-admin/&testcookie=1";
  10. $postdata = "log=" . $username . "&pwd=" . $password . "&wp-submit=Log%20In&redirect_to=" . $url_wp;
  11. $ch = curl_init();
  12. curl_setopt ($ch, CURLOPT_URL, $url_wp . "wp-login.php");
  13. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
  14. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36");
  15. curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
  16. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  17. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 0);
  18. curl_setopt ($ch, CURLOPT_REFERER, $url_wp . "wp-login.php");
  19. curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
  20. curl_setopt ($ch, CURLOPT_POST, 1);
  21. $result = curl_exec ($ch);
  22. curl_close($ch);
  23.  
  24. $curl = curl_init();
  25. curl_setopt_array($curl, array(
  26. CURLOPT_URL => "https://domain.tld/store/wp-json/jwt-auth/v1/token?username=ambro&password=123456789012345",
  27. CURLOPT_RETURNTRANSFER => true,
  28. CURLOPT_ENCODING => "",
  29. CURLOPT_MAXREDIRS => 10,
  30. CURLOPT_TIMEOUT => 30,
  31. CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  32. CURLOPT_CUSTOMREQUEST => "POST",
  33. CURLOPT_POSTFIELDS => "",
  34. ));
  35. $response = curl_exec($curl);
  36. $err = curl_error($curl);
  37. curl_close($curl);
  38.  
  39. // get the token and other data
  40. $wp_api_response = json_decode($response, true);
  41. // $wp_api_response['token'];
  42. // $wp_api_response['user_email'];
  43. // $wp_api_response['user_nicename'];
  44. // $wp_api_response['user_display_name'];
  45.  
  46. // with the token now we need to send a request to login
  47. // "Authorization: Bearer ".$wp_api_response['token']
  48. // "Authorization: Bearer " . $wp_api_response['user_display_name'].$wp_api_response['token']
  49.  
  50. // store the token in a cookie
  51. setcookie(
  52. 'office_wp_auth',
  53. $wp_api_response['token'], // cookie value
  54. time() + (86400 * 30), // 30 days
  55. '/', // the cookie will be available within the entire domain.
  56. '',
  57. TRUE, // Only send cookie over HTTPS, never unencrypted HTTP
  58. TRUE // Don't expose the cookie to JavaScript
  59. );
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!