WordPress auto login user and header already sent error

I’m using the “Theme My Login” plugin with the GNU Licensed “Remove Email Verification” plugin code. I am successfully redirecting logins to my custom pages and auto-activating a user.

I want to automatically log the new user in after I auto-activate, but I can’t figure out how. Here’s my code and I’ve singled out my call to my auto-login function.

This code does not log the user in and gives me ‘Warning: Cannot modify header information – headers already sent by…’ errors.

Any advice appreciated.

function activate_on_user_signup($user, $user_email, $key, $meta) {
	
	global $current_site, $current_blog;
	
	// Output buffer in case we need to email instead of output
	$html = '';
	
	// Rather than recreate the wheel, just activate the user immediately
	$result = wpmu_activate_signup($key);
	
	if ( is_wp_error($result) ) {
		if ( 'already_active' == $result->get_error_code() || 'blog_taken' == $result->get_error_code() ) {
		    $signup = $result->get_error_data();
			$html .= '<h2>' . __('Hello, your account has been created!') . "</h2>n";
		    if( $signup->domain . $signup->path == '' ) {
		    	$html .= sprintf(__('<p class="lead-in">Your account has been activated. You may now <a href="%1$s">login</a> to the site using your chosen username of "%2$s".  Please check your email inbox at %3$s for your password and login instructions. If you do not receive an email, please check your junk or spam folder. If you still do not receive an email within an hour, you can <a href="%4$s">reset your password</a>.</p>'), 'http://' . $current_blog->domain . $current_blog->path . 'wp-login.php', $signup->user_login, $signup->user_email, 'http://' . $current_blog->domain . $current_blog->path . 'wp-login.php?action=lostpassword');
			} else {
		    	$html .= sprintf(__('<p class="lead-in">Your account at <a href="%1$s">%2$s</a> is active. You may now login to your account using your chosen username of "%3$s".  Please check your email inbox at %4$s for your password and login instructions.  If you do not receive an email, please check your junk or spam folder.  If you still do not receive an email within an hour, you can <a href="%5$s">reset your password</a>.</p>'), 'http://' . $signup->domain, $signup->domain, $signup->user_login, $signup->user_email, 'http://' . $current_blog->domain . $current_blog->path . 'wp-login.php?action=lostpassword');
			}
		} else {
			
			$html .= '<h2>' . __('An error occurred during the signup') . "</h2>n";
		    $html .=  '<p>'.$result->get_error_message().'</p>';
		}
	} else {
		extract($result);
		
		$user = new WP_User( (int) $user_id);
    
    
    /* 
    * THIS ISN'T WORKING
    * 
    * automatically log in user that just was activated
    */
	  auto_login($user, $password);
    
    
    
    
    
		$html = '<h2>' . sprintf(__('Hello %s, your account has been created!'), $user->user_login ) . "</h2>n";
		
		$html .= '<div id="signup-welcome">';
		$html .= '<p><span class="h3">' . __('Username:') . '</span>' . $user->user_login . '</p>';
		$html .= '<p><span class="h3">' . __('Password:') . '</span>' . $password . '</p>';
		$html .= '</div>';
		$html .= '<p class="view">You can now go <a href="http://amberelizabeth.ca/events/community/add" class="button addeventbutton">add an event!</a></p>';
		
		add_user_to_blog( 1, $user_id, 'subscriber');
		
		//delete from signups table
		global $wpdb;
		$wpdb->delete(
    			$wpdb->signups,
    			array( 'user_login' => $user->user_login )
		);
	}
	
	// Check if we are passed in an admin area
	if(!is_admin() || !(isset($_POST['_wp_http_referer']) && strstr($_POST['_wp_http_referer'], 'user-new.php'))) {
		echo $html;
	}
	
	// Now we need to hijack the sign up message so it isn't displayed
	ob_start();

    	if ( is_wp_error( $user ) ) {
        	echo $user->get_error_message();
    	}
	
	return false; // Returns false so that the activation email isn't sent out to the user
}

function auto_login($user, $password) {

    if (!is_user_logged_in())
    {
        //get user's ID
        $user_id = $user->ID;
        //login
        wp_set_current_user($user_id, $user->user_login);
        wp_set_auth_cookie($user_id);
        do_action('wp_login', $user->user_login);
       
    } else {}

}

Read more here: WordPress auto login user and header already sent error

Leave a Reply

Your email address will not be published. Required fields are marked *