0

I have no idea how anyone who actually read this would equate it with "How do you run WordPress functions in PHP?". I have zero interest in running WordPress functions in PHP. My question is about identifying the user / session who submitted the HTTP request.

It does happen to be true that when you load a page, you can use the WordPress get_current_user_id() function to identify the user. But that doesn't make the question about running WordPress functions.

I'm building a site with WordPress, Javascript, and PHP. I have PHP scripts that recognize the WordPress user id, get_current_user_id(), of the user who is logged in when the page loads. However, when I try to send an HTTP request to execute a PHP script via Javascript XMLHttpRequest, the PHP file doesn't recognize the user id from get_current_user_id().

I thought using PHP sessions would help, but they don't.

So, how do I enable the user to write data?

oftenconfused
  • 132
  • 1
  • 5
  • `get_current_user_id()` is a WP function. If you haven't included WP in your PHP file server dies with `PHP Fatal error: Uncaught Error: Call to undefined function get_current_user_id() i` error. See: https://stackoverflow.com/questions/15304926/how-to-include-wordpress-functions-in-custom-php-file. – mx0 Aug 20 '18 at 15:48
  • Possible duplicate of [How to include Wordpress functions in custom .php file?](https://stackoverflow.com/questions/15304926/how-to-include-wordpress-functions-in-custom-php-file) – mx0 Aug 20 '18 at 15:50

1 Answers1

1

I discovered that the PHP session ID is stored in a cookie. It appears in the cookie string as "...;PHPSESSID=fkldsjflksjlf;...". In my Javascript XMLHttpRequest script, I use the following to extract the session ID from the cookie. Then I send it as a parameter.

function test() {
    var idBegin = document.cookie.indexOf("PHPSESSID=") + 10;
    var sessId = document.cookie.substring(idBegin)
    var idEnd = sessId.indexOf(";");
    sessId = sessId.substring(0, idEnd);

    var request = new XMLHttpRequest();
    request.open("GET", "test.php?sessid="+sessId, true);
    request.onreadystatechange = function () {
        if (request.readyState === 4) {
            if ((request.status === 200) || (request.status === 0)) {
            }
        }
    };
    request.send(null);
}

On the server side, I have a table "UserSessions" in my MySQL database. The table has two columns: SessionID; and UserID. I have a PHP script that executes when the user loads a page. At this point, the get_current_user_id() function is available to get the WordPress user ID and $_COOKIE["PHPSESSID"] is available. The PHPSESSID is what's stored as a cookie on the client.

<?php

$sql = "INSERT INTO UserSessions (SessionID, UserID)";
$sql = $sql . " VALUES (" . $_COOKIE["PHPSESSID"] . ",";
$sql = $sql . get_current_user_id() . ")";

// I user the standard MySQLi stuff to execute the query and
// store the session ID, user ID pair

?>

In PHP the scripts I execute via Javascript, I include the following

<?php

$sql = "SELECT UserID FROM UserSessions ";
$sql = $sql . " WHERE SessionID = " . $_GET["sessid"];

// Again, standard MySQLi stuff to execute the query
// and retrieve the user id based on the session ID.
// I store the retrieved value in variable "$userid"

// When I have the user id, I can use it in other tables
// that have a UserID column

$sql = "SELECT column FROM table ";
$sql = $sql . " WHERE UserID = " . $userid;

$sql = "INSERT INTO table (column) VALUES (data) ";
$sql = $sql . " WHERE UserID = " . $userid;

?>

This doesn't seem like the right way to do it. It works for me. And I don't know how to do it better. By all means, tell me it's incorrect and give me the correct way to do this. Thanks.

oftenconfused
  • 132
  • 1
  • 5