I've an external app that is using Xenforo 2 session data to determine who is currently logged into my forums. This works fine as I'm able to do a lot of stuff in my app (like creating a thread, making a post etc) and then have it reflected in my forums as well.
But the only thing missing is the theme. I was wondering if that can somehow be used in my external app as well so that when a user redirects from the forums to my app, he doesn't notice the change.
This is for Xenforo v2 btw.
Related
I programmed a Backend for an app. In the Backend is of course the login/registration endpoint.
The problem is that my client had the new idea of synchronizing his Wordpress Blog with the app. And now he wants that when an user registers himself in the App, then he can log in the Wordpress and when an user registers himself in the Wordpress Blog, he can log in the App.
My problem is that I'm not specialized either in Wordpress nor in PHP. I was watching the wp-login.php file, but didn't find a good result.
I'm thinking of using the Backend Endpoint with Wordpress, I can guess that Wordpress could work as a client. Then I could use the same Login-Backend-Function with the App and with Wordpress and it should work.
I was reading this kind of post in Internet, but is not that way, I don't want to register an user in Wordpress from the app, but the other way, I would like to register an user in the App or in Wordpress and log him in the App or Wordpress, but using the Django Endpoints of the Backend.
I did't think that it would be so complicated.
Maybe someone already tried something like that and can say me how I should program it.
I continued searching in Internet and found this post.
Then, I easy changed the do_register_user function of the second page of the post the way I needed.
I have a Moodle(3.0) website and a WordPress blog (3.5.4). I need to implement SSO between these two.
Here is the basic idea why I want to do it:
Some of the courses in Moodle contain external content (load a page with resources in iframe). At the bottom of the iframe page, that is loaded there is a bbPress embedded (Forum plugin for WordPress).
I need the SSO, so when user logs in his moodle account and choose to view certain resource to be able to participate in the forum topic under the resource without the need of login again.
I've read Authenticate Users From Moodle Into WordPress, and tried to configure External database Authentication Method in Moodle, but so far no luck.
I've found an WordPress plugin Edwiser Bridge, but it makes quite the opposite (integrates Moodle within WordPress) - which is of no use to my particular case.
I will much appreciate every help I can get. Thanks
I ended up building an API, which makes the handshake between Moodle and Wordpress.
I've modified the moodle/login/index.php page and wp-login.php to send requests to the API when logging in.
Every time someone logs in either platform a request is being sent to the API. It tries to log the user programmatically and start a session cookie for the user. (if the username and password match in the db).
When user is being registered the user data is stored in both databases (Moodle and Wordpress).
NOTE: This is not exactly SSO, but it solved my problem and its working.
I'm developing a Wordpress plugin that requires API credentials for Facebook.
Ordinarily I'd advise the users of the plug-in to sign up for their own API keys and allow them to be entered as plug-in options, however this plug-in requires extended permissions. Which as I'm currently in the process of finding out are an absolute ball-ache to get, take up-to 7 businesses days to have reviewed and the reviewers don't actually read the requested instructions on how the application is being used.
Can I write a plugin that is basically a wrapper around my hosted version of the code, this way I can allow users of the plugin the benefits of the extended permissions without giving away my APP ID and APP SECRET
Thinking something like...
require_once("https://www.myplugin.com/FacebookPlugin.php");
Here's the obvious problem, this wouldn't work for hosted versions of Wordpress as they don't have access to plug-ins anyway and I believe it would require the owner to allow remote file inclusion, which is putting a lot of trust in me as the host of the remote file not to execute nasty scripts on their server.
So how do I offer the functionality of my plugin to other users?
I think this question is closely related to this question.
I do not think there's more you can do, except still having your separate server which can be triggered using HttpRequest::send from within the plugin, and ship encrypted Keys from there each time somebody is accessing your plugin.
Might be a performance-Killing approach, though, especially if your server is not that fast.
thanks for reading! Here's what I'm up to.
I'm writing a WordPress plugin that makes use of the PHP SDK (latest version 3.1.1) that Facebook provides. My application is registered with Facebook as a website because it infact acts like a website, even though it's embedded in WordPress.
This SDK comes with an example.php that is very straightforward and easy to understand. If I put this file on my server, it just works. I made sure that the certificate file and the SDK files are in the right place and accessible by the script.
However, if I do the exact same thing from within a WordPress plugin (from the admin page of the plugin), the Facebook backend won't return the user id but will always return 0 instead. The problem with FB returning 0 is pretty common, but the reasons for it seem to vary a lot.
I have to mention that this behavior wasn't always like this. It began just a few weeks ago. I'm suspecting that the FB backend somehow checks for indirect API calls and that calling it from within a WordPress plugin seems to violate FBs auth rules in some way (CSRF issue?). But I'm not sure.
Has anybody got a clue what's going on here?
Here's my guess:
Facebook will not be able to access the backend of your WordPress blog since it requires authentication. So the example.php code will not be visible to it from a WordPress admin panel.
When served raw on your server, there are no such access controls and Facebook is able to reach the page.
If this is the case, my suggestion would be to turn this into a non-admin plugin, perhaps by adding a rewrite rule using the WP_Rewrite class.
I was working on a site of Cakephp which was successfully delivered.But recently Client again appered and asked me to put the Wordpress blog in it,to cover up the Blogging thing in his site.He wants to share the authentication between the Cakephp and WP.Whoever registers in his site,then Logins in it and if he clicks on the Blog Tab,he must be redirected to the WP blog with the session still there.After some googling I have installed it in /app/webroot/blog folder but I am not able to edit the .htaccess file.
Please help me in the right direction,that how to share the authentication betwenn Cake Php and Wordpress, and the second one how to customize the .htaccess file so that URL's look good.
Thanks in advance..!
Here is one way of doing it. In CakePHP you can have access to multiple databases. Why not configure cake to have access to WP and use their login on the entire website? You can link the user information to the ID in the WP database and tie it to the content in the CakePHP specific database. Since you are using CakePHP, this should actually be quite simple too.