How to buy password typed with password encrypted in Wordpress

Asked

Viewed 75 times

0

I am developing a system with Wordpress and need to verify the current user password on the edit password screen, however I am having problems with the encryption used in wordpress. I tested the code below published in Codex itself, but I did not succeed.

<?php
$wp_hasher = new PasswordHash(8, TRUE);

$password_hashed = '$P$B55D6LjfHDkINU5wF.v2BuuzO0/XPk/';
$plain_password = 'test';

if($wp_hasher->CheckPassword($plain_password, $password_hashed)) {
    echo "YES, Matched";
} else {
    echo "No, Wrong Password";
}
?>

https://codex.wordpress.org/Function_Reference/wp_hash_password

Any hint?

1 answer

1


Very easy to solve this problem, there is a function in wordpress that facilitates a lot, follows the bottom:

wp_check_password( $password, $hash, $user_id);

$password, receive decrypted password. $hash, get the encrypted password. $user_id, does not take the wordpress function to pick up the user id.

Example:

<?php
global $wpdb;
$user_ID = get_current_user_id();
// Pega do banco a senha criptografada
$result = $wpdb->get_results( "SELECT * FROM  wp_users WHERE id=$user_ID" );
foreach ( $result as $page )
{
   // Variável com a hash
   $senhahash = $page->user_pass.'<br/>';

}
$senhadigitada = "suasenha";
$result = wp_check_password($senhadigitada, $senhahash, $user_ID);
if ($result==1){
    echo "sua senha esta correta";
}else{
    echo "Sua Senha esta Incorreta";
}
?>
  • With the line $senhahash = $page->user_pass.'<br/>'; is giving error, change to $senhahash = $page->user_pass;

Browser other questions tagged

You are not signed in. Login or sign up in order to post.