wp_authenticate_email_password( WP_User|WP_Error|null $user, string $email, string $password )
Authenticates a user using the email and password.
Parameters
Return
Source
File: wp-includes/user.php
function wp_authenticate_email_password( $user, $email, $password ) {
if ( $user instanceof WP_User ) {
return $user;
}
if ( empty( $email ) || empty( $password ) ) {
if ( is_wp_error( $user ) ) {
return $user;
}
$error = new WP_Error();
if ( empty( $email ) ) {
$error->add( 'empty_username', __( '<strong>ERROR</strong>: The email field is empty.' ) ); // Uses 'empty_username' for back-compat with wp_signon()
}
if ( empty( $password ) ) {
$error->add( 'empty_password', __( '<strong>ERROR</strong>: The password field is empty.' ) );
}
return $error;
}
if ( ! is_email( $email ) ) {
return $user;
}
$user = get_user_by( 'email', $email );
if ( ! $user ) {
return new WP_Error( 'invalid_email',
__( '<strong>ERROR</strong>: Invalid email address.' ) .
' <a href="' . wp_lostpassword_url() . '">' .
__( 'Lost your password?' ) .
'</a>'
);
}
/** This filter is documented in wp-includes/user.php */
$user = apply_filters( 'wp_authenticate_user', $user, $password );
if ( is_wp_error( $user ) ) {
return $user;
}
if ( ! wp_check_password( $password, $user->user_pass, $user->ID ) ) {
return new WP_Error( 'incorrect_password',
sprintf(
/* translators: %s: email address */
__( '<strong>ERROR</strong>: The password you entered for the email address %s is incorrect.' ),
'<strong>' . $email . '</strong>'
) .
' <a href="' . wp_lostpassword_url() . '">' .
__( 'Lost your password?' ) .
'</a>'
);
}
return $user;
}
Changelog
Version | Description |
---|---|
WP-4.5.0 | Introduced. |