I’m encountering an issue with my WordPress site where I need to fetch the current user’s ID using an ajax request. This is for a points tracking system that identifies users for games.
The strange part is that when I access the PHP page directly in my browser, it correctly shows the user ID like 5 or 12. However, when I attempt the same request via ajax, it consistently returns 0, indicating that the user seems not logged in.
Here’s the function I use to retrieve the user ID:
function get_active_user() {
require_once(ABSPATH . WPINC . '/pluggable.php');
global $current_user;
get_currentuserinfo();
return $current_user->ID;
}
When I access the URL directly in the browser, it returns the real user ID, but ajax requests keep giving me 0. What could be the reason for this discrepancy?
The issue you’re experiencing stems from cookie handling differences between direct browser requests and AJAX calls. When you visit the PHP file directly, your browser automatically includes authentication cookies that WordPress uses to identify logged-in users. However, AJAX requests don’t always transmit these cookies by default, especially when making cross-origin requests. The Access-Control-Allow-Origin: * header you’ve added actually makes things worse for authentication because it prevents credentials from being sent. You should either remove this header entirely if making same-origin requests, or change it to specifically allow your domain and add Access-Control-Allow-Credentials: true. Additionally, modify your AJAX call to include credentials by adding xhrFields: { withCredentials: true } to your jQuery post request. This ensures that authentication cookies are transmitted with the request. A better approach would be to use WordPress’s built-in AJAX handling system with wp_ajax_ hooks instead of creating a separate PHP file, as this properly handles authentication and nonces for security.
You’re running into a classic WordPress authentication problem. The core issue is that your standalone PHP file doesn’t inherit the WordPress session context properly when called via AJAX. Even though you’re including wp-load.php, the user authentication state isn’t being established correctly.
I’ve dealt with this exact scenario before and found that the most reliable solution is to abandon the separate PHP file approach entirely. Instead, hook into WordPress’s native AJAX system using wp_ajax_ actions. Create a function in your theme’s functions.php or plugin file, then register it with add_action(‘wp_ajax_get_user_id’, ‘your_function’) and add_action(‘wp_ajax_nopriv_get_user_id’, ‘your_function’). Then point your AJAX request to admin-ajax.php with the action parameter.
Also, your get_currentuserinfo() function is deprecated. Use wp_get_current_user() instead, or simply get_current_user_id() which returns exactly what you need. The WordPress AJAX system handles all the authentication complexity automatically and maintains proper session context.
yeah this happend to me too. try adding credentials: 'include' to your ajax call or use $.ajaxSetup({xhrFields: {withCredentials: true}}) before making the request. cookies arent sent automaticaly with cross-origin ajax which is why you get 0 instead of actual user id.