Short version: I want to integrate a Yii app into a WordPress site via WP shortcode, while also having the ability to access the WordPress user object and S2Member permissions within the Yii app.
I have a new project in front of me that involves taking a WordPress site and moving some functionality in to a separate application. The gist of it is this: they have a WordPress site with S2Member. In this WP site they have a database of items that are only accessible to paid members.
Due to the complexity of these items (complex attributes and relations), they really belong in a separate application with a custom administration interface for managing the items. The plan is to build out a separate Yii application for this purpose. That’s the easy part since there is no concern around having a separate application for management purposes.
The more difficult requirement is that I’ll need to build a search and result listing interface to be displayed within the WordPress site. I’ve read a handful of articles on integrating Yii and WordPress with WP shortcodes, but one item I haven’t seen discussed is how to work with WP objects (specifically users and permissions) within the integrated Yii application.
I recently built an application that integrates with SugarCRM, and by building out custom CUserIdentity, CAuthManager, and
CWebUser classes I was able to implement Single Sign On between my application and Sugar. I’m hoping to do something similar with this application and WordPress + S2Member so my application is able to access the WP Objects, the WP user via Yii::app()->user, and check WP (S2Member) permissions via Yii::app->user->checkAccess().
So my question is: has anyone here done something similar and able to provide some pointers or perhaps share their classes? I have some room in the budget for compensation as well, as I figure this could easily save me a couple of days of development time.
At this moment in time it seems like the best option would be to restrict access to the Yii functions via WordPress/S2Member functionality, use WordPress shortcodes within secured pages, and just assume, within the Yii app, that if a user is accessing the app then they are authenticated. There really isn’t any reason (at the moment) that I absolutely need access to WP objects, but I could see this being a need in the future. Besides, I really don’t like the security through obscurity method of doing things.