A WordPress-centric search engine for devs and theme authors



wp_hash_password ›

Since2.5.0
Deprecatedn/a
wp_hash_password ( $password )
Parameters:
  • (string) $password Plain text user password to hash
    Required: Yes
Returns:
  • (string) The hash string of the password
Defined at:
Codex:

Create a hash (encrypt) of a plain text password.

For integration with other applications, this function can be overwritten to instead use the other package password checking algorithm.


Source

function wp_hash_password( $password ) {
		global $wp_hasher;

		if ( empty( $wp_hasher ) ) {
			require_once ABSPATH . WPINC . '/class-phpass.php';
			// By default, use the portable hash from phpass.
			$wp_hasher = new PasswordHash( 8, true );
		}

		return $wp_hasher->HashPassword( trim( $password ) );
	}
endif;

if ( ! function_exists( 'wp_check_password' ) ) :
	/**
	 * Checks the plaintext password against the encrypted Password.
	 *
	 * Maintains compatibility between old version and the new cookie authentication
	 * protocol using PHPass library. The $hash parameter is the encrypted password
	 * and the function compares the plain text password when encrypted similarly
	 * against the already encrypted password to see if they match.
	 *
	 * For integration with other applications, this function can be overwritten to
	 * instead use the other package password checking algorithm.
	 *
	 * @since 2.5.0
	 *
	 * @global PasswordHash $wp_hasher PHPass object used for checking the password
	 *  against the $hash + $password
	 * @uses PasswordHash::CheckPassword
	 *
	 * @param string     $password Plaintext user's password
	 * @param string     $hash     Hash of the user's password to check against.
	 * @param string|int $user_id  Optional. User ID.
	 * @return bool False, if the $password does not match the hashed password
	 */