Hack the CMS with Ajax and Sessions


Here is a technique that has worked for us, but I’m tempted to put this in the Fail category because it’s such bad form. However, what works, works and in this case it’s pretty easy.

Take WordPress as an example CMS. You can gain access to its session variables from your own .php code by adding this to the top of your custom php page:

[cc lang=”php” width=”598″ line_numbers=”true”]
require_once(‘../../../wp-load.php’); //path to wp-load.php

Just as a note specific to WordPress. Typically some WordPress plug-in will initiate the session, but if that is not the case for you then just add this to your wp-config.php file:

[cc lang=”php” width=”598″ line_numbers=”true”]
if(!isset(session_id())) session_start();

So here is the tricky part. Now that you have access to the session, you can use ajax to post data from input fields you add to your WordPress pages into session variables. Yes this is a horrible hack, however, it allows you to modify the behavior of CMS plug-ins without having to reverse engineer tons of plug-in code.

Here’s an example. We had a shopping cart plug-in for WordPress that didn’t handle PO Box shipping the way our clients wanted. So we needed a little checkbox on the checkout page that allowed a user to specify whether the address they were shipping to was a PO Box so that UPS shipping options could be filtered out (UPS won’t ship to PO Boxes).

So, we added a checkbox to the checkout page, and included the following javascript/jquery:
[cc lang=”javascript” width=”598″ line_numbers=”true”]
//using ajax to set a session variable used to determine whether po box shipper should be used
if($(this).attr(‘checked’)) {src=1} else {src=0};
$.post(“”, {“poboxcheck”: src}, function(data) {

So when the checkbox is clicked, it posts data via ajax (no form submit) to a .php page that looks like this:

[cc lang=”php” width=”598″ line_numbers=”true”]
global $Shopp;
$_SESSION[‘poboxcheck’] = $_POST[‘poboxcheck’];
//echo print_r($Shopp);

In the routines that display available shipping options to the user, the session variable is checked and UPS options get filtered out if its set to true. Not only that, but you will notice that the plugin objects are also available to the .php by setting it to global. This allows you to directly muck with the plug-in’s internals. In this case we are setting a flag that forces the recalculation of shipping costs.

You may have also noticed the two commented lines in the above code. These are used as a debugging mechanism. When the form post is done the .php can return a dump of pertinent variables/objects. In this case the cart object for the logged in user gets dumped and can be stuffed into a hidden div on the page.


The author admin