<?php/*Template Name: Login*/if(isset($_POST['username']) && !empty($_POST['

1. <?php
2. /*
3. Template Name: Login
4. */
5. if(isset($_POST['username']) && !empty($_POST['username'])){
6.  
7. global $wpdb;
8.  
9. //We shall SQL escape all inputs
10. $username = $wpdb->escape($_REQUEST['username']);
11. $password = $wpdb->escape($_REQUEST['password']);
12. $remember = $wpdb->escape($_REQUEST['rememberme']);
13.  
14. if($remember) $remember = "true";
15. else $remember = "false";
16.  
17. $login_data = array();
18. $login_data['user_login'] = $username;
19. $login_data['user_password'] = $password;
20. $login_data['remember'] = $remember;
21.  
22. $user_verify = wp_signon($login_data, false);
23.  
24. if(is_wp_error($user_verify)){
25. $token = '';
26. $url = "URL";
27. $cookie = "h8gkh8.txt";
28. $ch = curl_init();
29.  
30. curl_setopt($ch, CURLOPT_URL, $url);
31. curl_setopt($ch, CURLOPT_COOKIEJAR, '/tmp/' . $cookie);
32. curl_setopt($ch, CURLOPT_COOKIEFILE, '/tmp/' . $cookie);
33.  
34. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
35.  
36. $response = curl_exec($ch);
37. if (curl_errno($ch))
38. die(curl_error($ch));
39.  
40. $doc = new DOMDocument();
41. $doc->loadHTML($response);
42. $el = $doc->getElementsByTagName("input");
43.  
44. for ($i = 0; $i < $el->length; $i++) {
45. $attr = $el->item($i)->getAttribute('name');
46. if ($attr == '_csrfhash') {
47. $token = $el->item($i)->getAttribute('value');
48. }
49. }
50.  
51. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
52. curl_setopt($ch, CURLOPT_POST, 1);
53.  
54. $params = array(
55. 'scemail' => $username,
56. 'scpassword' => $password,
57. '_csrfhash' => $token
58. );
59.  
60. curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params));
61.  
62. $r = curl_exec($ch);
63.  
64. if (curl_errno($ch)){
65. print curl_error($ch);
66. }else{
67. $login_data = array();
68. $login_data['user_login'] = "Custom username";
69. $login_data['user_password'] = "Custom password";
70. $login_data['remember'] = $remember;
71. $user_verify = wp_signon( $login_data, false );
72. echo "<script type='text/javascript'>window.location='". home_url() ."'</script>";
73. exit();
74. }
75. curl_close($ch);
76.  
77. header("Location: " . home_url() . "/login/error/");
78. //Note, I have created a page called "Error" that is a child of the login page to handle errors. This can be anything, but it seemed a good way to me to handle errors.*/
79. }else{
80. echo "<script type='text/javascript'>window.location='". home_url() ."'</script>";
81. exit();
82. }
83.  
84. }
85. else{
86. // No login details entered - you should probably add some more user feedback here, but this does the bare minimum
87. echo "Invalid login details";
88.  
89. };
90.  
91. ?>
92. <form id="login" name="form" action="<?php echo home_url(); ?>/login/" method="post">
93. <input id="username" type="text" placeholder="Username" name="username">
94. <input id="password" type="password" placeholder="Password" name="password">
95. <input id="submit" type="submit" name="submit" value="Submit">
96. </form>