Thread Starter
b a
(@mpa4hu)
Do I ask it too simply? Do I need to provide any additional iformation?
Is there any way to do it without hacking core itself?
How wordpress secures my login by its own?
Thread Starter
b a
(@mpa4hu)
OKay so here is a wp_autentificate action in wp_signon:
function wp_signon( $credentials = '', $secure_cookie = '' ) {
if ( empty($credentials) ) {
if ( ! empty($_POST['log']) )
$credentials['user_login'] = $_POST['log'];
if ( ! empty($_POST['pwd']) )
$credentials['user_password'] = $_POST['pwd'];
if ( ! empty($_POST['rememberme']) )
$credentials['remember'] = $_POST['rememberme'];
}
if ( !empty($credentials['remember']) )
$credentials['remember'] = true;
else
$credentials['remember'] = false;
// TODO do we deprecate the wp_authentication action?
do_action_ref_array('wp_authenticate', array(&$credentials['user_login'], &$credentials['user_password']));
var_dump($credentials['user_password']);
if ( '' === $secure_cookie )
$secure_cookie = is_ssl();
$secure_cookie = apply_filters('secure_signon_cookie', $secure_cookie, $credentials);
global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie
$auth_secure_cookie = $secure_cookie;
add_filter('authenticate', 'wp_authenticate_cookie', 30, 3);
$user = wp_authenticate($credentials['user_login'], $credentials['user_password']);
if ( is_wp_error($user) ) {
if ( $user->get_error_codes() == array('empty_username', 'empty_password') ) {
$user = new WP_Error('', '');
}
return $user;
}
wp_set_auth_cookie($user->ID, $credentials['remember'], $secure_cookie);
do_action('wp_login', $user->user_login, $user);
return $user;
}
add_action(“wp_authenticate”, “myfunctionhere”, 10, 2);
function myfunctionhere($user, $pass) {
// CODE HERE
}
I found all this but I don’t know now how to return $pass to action.
I tried making it global and etc but nothing works + this stange do_action_ref_array method of binding action. so I stack here, but seems pretty easy task for experiensed developer how to solve this problem.