WP_REST_Users_Controller::check_user_password() WordPress Method
The WP_REST_Users_Controller::check_user_password() method is used to check whether a given password is valid for a given user. This is useful for checking whether a user has typed in their password correctly when logging in, or for checking whether a given password reset link is valid.
WP_REST_Users_Controller::check_user_password( string $value, WP_REST_Request $request, string $param ) #
Check a user password for the REST API.
Description
Performs a couple of checks like edit_user() in wp-admin/includes/user.php.
Parameters
- $value
(string)(Required)The password submitted in the request.
- $request
(WP_REST_Request)(Required)Full details about the request.
- $param
(string)(Required)The parameter name.
Return
(string|WP_Error) The sanitized password, if valid, otherwise an error.
Source
File: wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php
public function check_user_password( $value, $request, $param ) {
$password = (string) $value;
if ( empty( $password ) ) {
return new WP_Error(
'rest_user_invalid_password',
__( 'Passwords cannot be empty.' ),
array( 'status' => 400 )
);
}
if ( false !== strpos( $password, '\\' ) ) {
return new WP_Error(
'rest_user_invalid_password',
sprintf(
/* translators: %s: The '\' character. */
__( 'Passwords cannot contain the "%s" character.' ),
'\\'
),
array( 'status' => 400 )
);
}
return $password;
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 4.7.0 | Introduced. |