First of all I put up an announcement into the admin interface half-a-day in advance (could have done couple days) so that anyone who logs in knows it’s coming. WordPress MultiUser has a neat action hook called admin_notices which you can call in a plugin. So I put together this simple one:

<code>
<?php
add_action('admin_notices','displayAnnouncement');
function displayAnnouncement() {
  $msg = '
    <div style="background: #ff0000;color: #000000;font-size: 12pt;">
      <p>your message goes here</p>
    </div>
  ';
  echo trim($msg);
}
?>
</code>

Then I created an offline page that all the visitors would be redirected to, while I was working on the site. I just created a folder called “offline”, copied the main page’s theme (CSS and images) and whipped up a nice .html document (no PHP) telling users that the site is temporarily unavailable due to maintenance.

After all the users knew not to log in and the offline page was ready for the public, it was time for the redirect. The beauty in the following few lines of code is that it redirected everyone BUT me – so I could use and test the site all I wanted without anyone seeing any ugly unprofessional errors. So here goes what I inserted at the top of index.php, wp-admin/admin.php (included in all the admin pages) and wp-login.php. If you have wp-signup.php enabled, I’d put it there too.

<code>
<?php
$ip = $_SERVER['REMOTE_ADDR'];
if ('xxx.xxx.xxx.xxx' <> $ip ) {
  header('Location: http://your-WPMU-url/offline/');
  wp_redirect('http://your-WPMU-url/offline/'); 
}
?>
</code>

*Replace the xxx.xxx.xxx.xxx with your IP address.
**I used the wp_redirect just to be sure it works – you know, in case some other headers get passed before the regular redirect.

Now I was ready for the upgrade and maintenance. (Just a note – if you plan to overwrite any of the files that contain your custom redirect during your maintenance/upgrade, don’t forget to include the redirect in the new ones as well :-) – at least until you are done with the maintenance.)

I was asked to set up WordPress MultiUser (WPMU) for a project for Cornerstone University. They already had most of their online services integrated into a single sign-on using phpCAS and asked me to integrate WPMU with it as well. This document attempts to enable others to easily duplicate the same integration. I will also list some of the implications that I had to address as a consequence of the integration.

• Before you start
• CAS modification
• Authentication
• Admin username
• Welcome email

Before you start

Download phpCAS and after extracting it, copy the folder esup-phpcas-x.x.xx/source/CAS into the ./wp-content/mu-plugins folder of your WPMU install so that the path to CAS.php is ./wp-content/mu-plugins/CAS/CAS.php.

Make sure, that you have access to your MySQL database either through phpMyAdmin or another similar tool or at least that you can execute queries through the command line.

CAS modification

In the CAS that you copied into your mu-plugins folder: Comment out the following section in the beginning of CAS/PGTStorate/pgt-db.php so that it looks like this:


/*
if (!class_exists('DB')) {
include_once('DB.php');
}
*/


(Otherwise you’ll see errors.)

Authentication

Make a backup copy of your current ./wp-login.php and replace the content of the original file with my wp-login.php.

Make a backup copy of your current ./wp-content/mu-plugins/pluggable.php and replace it with my pluggable.php. Edit the file and modify the CASloginURL and CASlogoutURL variables based on your setup.

Admin username

Most likely your username in your CAS user directory is not ‘admin’. At least mine wasn’t. In order for you to be able to log in to your WPMU install, you’ll have to edit the users table (wp_users) to change the username (user_login) of admin (ID = 1) to your CAS user directory username.

Since your username is no longer ‘admin’, WPMU may not consider you a site administrator (administrator of the site and all blogs). If this is the case, you will have to modify the function is_site_admin() in ./wp-includes/wpmu-functions.php to include the following clause:

$userid = get_current_user_id();
if ($userid == 1) return true;

What this will accomplish is that the person with userid = 1 (the person who installed WPMU) is considered a site admin regardless of their username.

Once you are the site admin again, you can add more users to have the same permissions in the Site Admin | Options section of the WPMU control panel / dash board. If that still doesn’t give them site admin permissions, you can hardcode their username in the same is_site_admin() function, although I would not recommend that. You would just insert some thing like this inside the is_site_admin() function:

if ($user_login === 'a12345') {return true;}

Welcome email

When you create a new blog in the site admin area, an email is sent to the new user created at the same time. The email contains a random password generated by WordPress – a password that will not work, because you are using CAS instead of the WordPress authentication. So in order to avoid any confusion, you’ll have to change the text of this Welcome email. Even though it may seem that the place you could edit that text is in the site admin area, the text is actually hard-coded into a php file. So to make the change you’ll have to edit it there.

Copy the function wp_new_user_notification from ./wp-includes/pluggable.php and insert it into ./wp-content/mu-plugins/pluggable.php at the end of the file. The functions in pluggable.php in wp-includes are preceded by
if ( !function_exists) (meaning if it was already defined earlier) because you can first define them in pluggable.php in mu-plugins which gets executed earlier in the sequence.

All that to say: if you want to modify a function that’s in ./wp-includes/pluggable.php, you are best off to copy it to ./wp-content/mu-plugins/pluggable.php first and modify it there so that you have as many of your WPMU modifications in one place – the mu-plugins folder – as possible.

But back to our wp_new_user_notification function. Now that it’s in ./wp-content/mu-plugins/pluggable.php, modify the line that says:

$message .= sprintf(__('Password: %s'), $plaintext_pass) . "\r\n";

to say something like:

$message .= sprintf(__('Password: (use your domain password)'), $plaintext_pass) . "\r\n";

That should be it. If you discover other things that may have to be addresses due to the integration, please let me know so that I can add them here for everyone to benefit from.

If you make any improvements, I kindly ask that you send them to me as a courtesy.

First, add a username field to the form where you create blogs.
(./wp-admin/wpmu-blogs.php)

Right above this line: (in my file it’s line 567):

insert this line:

Then to receive/process the variable after you submit the
form, edit the file that processes the form.
(./wp-admin/wpmu-edit.php)

In the case ‘addblog’, right below this line:

$blog = $_POST['blog'];

Insert this line:

$username = wp_specialchars($blog['username'] );
Then change the line that says

$user_id = wpmu_create_user($domain, $password, $email );

to this:

$user_id = wpmu_create_user( $username, $password, $email );

That’s it!

In the file ./wp-includes/post-template.php you’ll have to modify the function get_the_content() so that instead of:

if ( !empty($post->post_password) ) {

it will say

if ( !empty($post->post_password) AND !is_site_admin()) {