If I remember, when a user is logged in using wp-loing.php, it is redirected. So, the correct flow should be:
- User log in
- In next page load (when user is redirected), hook on
init
and check if the user is correctly logged in, if so, start session and populate $_SESSION. - Hook on
wp_login
andwp_logout
to destroy session (also inwp_login
, if user log in another account it will destroy previous session and start new one on nextinit
).
So, I think this should work:
//Start session and populated variables for logged-in users
add_action('init', 'StartSession', 1);
function StartSession() {
//Check if current user is logged in WordPress
if( is_user_logged_in() ) {
if(!session_id()) {
session_start();
}
//You may need some check here of inside tngwp_processlogin() to avoid running
//the same process over and over again if it is not needed
tngwp_processlogin();
}
}
//Destroy session if user logout or login in another account
add_action( 'wp_login', 'tngwp_session_destroy' );
add_action( 'wp_logout', 'tngwp_session_destroy' );
function tngwp_session_destroy() {
// destroy the session
session_destroy();
}
function tngwp_processlogin() {
global $wpdb, $current_user;
define('PATH', $_SERVER['DOCUMENT_ROOT']);
get_currentuserinfo();
$username = $current_user->user_login;
$tng_folder = $_SERVER['DOCUMENT_ROOT'] . '/genealogy/';
include($tng_folder.'config.php');
include($tng_folder."subroot.php");
$session_language = $_SESSION['session_language'];
$session_charset = $_SESSION['session_charset'];
$languages_path = "languages/";
include($tng_folder.'getlang.php');
$tng_user = $wpdb->get_row("
SELECT *
FROM tng_users
WHERE username="$username"",
ARRAY_A
);
$newdate = date ("Y-m-d H:i:s", time() + ( 3600 * $time_offset ) );
$userid = $tng_user['userID'];
$wpdb->update(
'tng_users',
array( 'lastlogin' => $newdate ),
array( 'userID' => $userid ),
array( '%s' ),
array( '%d' )
);
$newroot = ereg_replace( "https://wordpress.stackexchange.com/", "", $rootpath );
$newroot = ereg_replace( " ", "", $newroot );
$newroot = ereg_replace( "\.", "", $newroot );
setcookie("tnguser_$newroot", $tng_user['username'], time()+31536000, "https://wordpress.stackexchange.com/");
setcookie("tngpass_$newroot", $tng_user['password'], time()+31536000, "https://wordpress.stackexchange.com/");
setcookie("tngpasstype_$newroot", $tng_user['password_type'], time()+31536000, "https://wordpress.stackexchange.com/");
$_SESSION['currentuser'] = $tng_user['username'];
if ( $tng_user['role']=='admin' ) {
$_SESSION['allow_admin'] = 1;
setcookie("tngloggedin_$newroot", "1", 0, "https://wordpress.stackexchange.com/");
}
else { $_SESSION['allow_admin'] = 0; }
$logged_in = $_SESSION['logged_in'] = 1;
$allow_edit = $_SESSION['allow_edit'] = ($tng_user['allow_add'] == 1 ? 1 : 0);
$allow_add = $_SESSION['allow_add'] = ($tng_user['allow_add'] == 1 ? 1 : 0);
$tentative_edit = $_SESSION['tentative_edit'] = $tng_user['tentative_edit'];
$allow_delete = $_SESSION['allow_delete'] = ($tng_user['allow_delete'] == 1 ? 1 : 0);
$allow_media_edit = $_SESSION['allow_media_edit'] = ($tng_user['allow_edit'] ? 1 : 0);
$allow_media_add = $_SESSION['allow_media_add'] = ($tng_user['allow_add'] ? 1 : 0);
$allow_media_delete = $_SESSION['allow_media_delete'] = ($tng_user['allow_delete'] ? 1 : 0);
$_SESSION['mygedcom'] = $tng_user['mygedcom'];
$_SESSION['mypersonID'] = $tng_user['personID'];
$allow_living = $_SESSION['allow_living'] = $tng_user['allow_living'];
$allow_private = $_SESSION['allow_private'] = $tng_user['allow_private'];
$allow_ged = $_SESSION['allow_ged'] = $tng_user['allow_ged'];
$allow_pdf = $_SESSION['allow_pdf'] = $tng_user['allow_pdf'];
$allow_profile = $_SESSION['allow_profile'] = $tng_user['allow_profile'];
$allow_lds = $_SESSION['allow_lds'] = $tng_user['allow_lds'];
$assignedtree = $_SESSION['assignedtree'] = $tng_user['gedcom'];
$assignedbranch = $_SESSION['assignedbranch'] = $tng_user['branch'];
$currentuser = $tng_user['username'];
$_SESSION['currentuser'] = $currentuser;
$currentuserdesc = $_SESSION['currentuserdesc'] = $tng_user['description'];
$session_rp = $_SESSION['session_rp'] = $rootpath;
$wpdb->flush();
return $tngusername;
}