Beefy Boxes and Bandwidth Generously Provided by pair Networks
"be consistent"

Re: Grab username from WP Cookie

by jcb (Parson)
on Apr 01, 2020 at 01:40 UTC ( #11114871=note: print w/replies, xml ) Need Help??

in reply to Grab username from WP Cookie

It is possible, but your Perl code will need access to the Wordpress database to look up the session. As another monk mentioned, you cannot depend on the cookie alone and must look up the user's session in the database. Cookies can be faked and trusting a username from a cookie is asking for malicious visitors to abuse your site.

Replies are listed 'Best First'.
Re^2: Grab username from WP Cookie
by htmanning (Pilgrim) on Apr 01, 2020 at 07:28 UTC
    This is on a private server with no risk of data loss. It's a very simple reservations system and I'm trying to use the Wordpress login instead of making people login again. I just need the username, not the password.

    How would I look up the session without reading the cookie? Not sure how this would work.


      You have to use the cookie as a search key to look up the session information wherever WordPress stores it. You need the cookie, but the cookie is an opaque token rather something you meaningfully read to extract information.

      Are you asking how to get the cookie in the first place? Is this system on the same domain, such that the user's browser will send the WordPress cookie?

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://11114871]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (3)
As of 2022-01-25 06:03 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (65 votes). Check out past polls.