Check out the wp_cookie_constants() and ms_cookie_constants() functions, to see available cookies. We can try this in the wp-config.php file: // Here we just simulate how it’s done in the core define( ‘COOKIEHASH’, md5( ‘http://example.tld’ ) ); // Then we override the cookie names: define( ‘USER_COOKIE’, ‘wpse_user_’ . COOKIEHASH ); define( ‘PASS_COOKIE’, ‘wpse_pass_’ . COOKIEHASH ); … Read more
You could check for this cookie wp-settings-1 it lasts for 1 day and then also check if wordpress_test_cookie is available. Or you could just write a simple plugin that checks if the user is logged in and adds a longer term cookie to check against.
I’ve worked out a solution. There may be a more elegant way to achieve this, but I had trouble getting anything else to work. I’ve placed the following code at the beginning of the header.php file for all pages. The objective is to funnel site visitors through an event registration page, prior to accessing the … Read more
When you log in to the admin WordPress sets cookies (in PHP) to keep you logged in while you navigate around your site. If this fails, you get the error message, “Cookies are blocked or not supported by your browser.” This could fail in a couple different ways, but before we dig into those situations, … Read more
It looks like you’re missing the nonce part, as explained in the Authentication chapter, in the REST API Handbook: Cookie authentication is the basic authentication method included with WordPress. When you log in to your dashboard, this sets up the cookies correctly for you, so plugin and theme developers need only to have a logged-in … Read more
Here (with some trepidation) is a sketch of a use-once link solution that might be safeish enough if one can depend on the ip being fairly constant (at least in the short-term) to the phone, using a query var and a transient based on $_SERVER[‘REMOTE_ADDR’], though as @Wyck and @G. M. say, any such backdoor … Read more
I’ll skip steps related to sharing DB and sharing users data and meta, based on assumption that you’ve done it correctly. Let’s concentrate on wp-config.php of both sites. These are defines that MUST BE IDENTICAL for both sites: define(‘COOKIE_DOMAIN’, ‘.domain.com’); // your main domain define(‘COOKIEPATH’, “https://wordpress.stackexchange.com/”); define(‘COOKIEHASH’, md5(‘domain.com’)); // notice absence of a ‘.’ in … Read more
You have to set cookies before any headers are sent out. From the manual: setcookie() defines a cookie to be sent along with the rest of the HTTP headers. Like other headers, cookies must be sent before any output from your script (this is a protocol restriction). This requires that you place calls to this function prior to … Read more