If user is logged in to site/subsite, and you check this function:
require(__DIR__."/wp-load.php");
var_dump(is_user_logged_in());
it returns true. However, if called from outside folder:
require(__DIR__."/subfolder/wp-load.php");
var_dump(is_user_logged_in());
It doesn't recognize authorization. What are the acceptable ways to achieve that, without using REST-API? (I doubt it just needs pointing some sub-directory for cookie).
If user is logged in to site/subsite, and you check this function:
require(__DIR__."/wp-load.php");
var_dump(is_user_logged_in());
it returns true. However, if called from outside folder:
require(__DIR__."/subfolder/wp-load.php");
var_dump(is_user_logged_in());
It doesn't recognize authorization. What are the acceptable ways to achieve that, without using REST-API? (I doubt it just needs pointing some sub-directory for cookie).
Share Improve this question asked Oct 13, 2020 at 9:58 T.ToduaT.Todua 5,8609 gold badges52 silver badges79 bronze badges1 Answer
Reset to default 1If WordPress is installed in /subfolder/
, then the authentication cookies will by default only valid for that path.
So if needed, you can allow the cookies in parent directory by setting the cookie constants like COOKIEPATH
.
For example, if I had WordPress installed at example/wp/
and I wanted the authentication works at example/
, then I'd define the following in wp-config.php
: (but I don't know much about the differences between the SITECOOKIEPATH
and COOKIEPATH
, other than that the former seems to be specific to Multisite)
define( 'COOKIEPATH', '/' );
define( 'SITECOOKIEPATH', '/' );
define( 'ADMIN_COOKIE_PATH', '/wp/wp-admin' );
But the thing is, you'd need to logout first before applying the above changes, and so does with all other users who were already logged-in on your site, i.e. log out before you applied the above changes.
So you'd want to just invalidate all (existing) WordPress cookies by changing the security keys like LOGGED_IN_KEY
— all users will have to login again, but at least, they'd be able to login properly.