wp_generate_password() issues when using custom regexp for passwords
-
Hello,
In my project I must use a custom RegExp when generating a password.
wp_generate_password()
function is used in lots of places in WP, not necessary for users’ password.If I let default password generation using
wp_generate_password()
function, passwords might not pass my custom RegExp, so I wanted to use filter in this function to overwrite the password if RegExp fails, but as filter doesn’t receive parameters whichwp_generate_password()
function receives in my custom password generation function I don’t know what restrictions should generated password have as I receive as parameter only generated password, so I know the length.I could, of course, get each char of the password and check if they are from a specific set of characters and decide if
$special_chars
and$extra_special_chars
where provided, but that’s an overhead to the function and also because password is randomly generated I couldn’t know if password should contain$special_chars
or$extra_special_chars
.If I use only my password generator to match my RegExp, lost password token will fail so users will not be able to retrieve new passwords.
Best solution I see is to send
$special_chars
and$extra_special_chars
as parameters to the filter:return apply_filters( 'random_password', $password, $special_chars, $extra_special_chars );
Regards,
Andy
- The topic ‘wp_generate_password() issues when using custom regexp for passwords’ is closed to new replies.