WordPress.org

Make WordPress Core


Ignore:
Timestamp:
01/22/2008 07:35:19 PM (13 years ago)
Author:
ryan
Message:

Refactor login. see #5405

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-includes/pluggable.php

    r6637 r6643  
    414414endif;
    415415
    416 if ( !function_exists('wp_login') ) :
    417 /**
    418  * wp_login() - Checks a users login information and logs them in if it checks out
    419  *
    420  * Use the global $error to get the reason why the login failed.
    421  * If the username is blank, no error will be set, so assume
    422  * blank username on that case.
    423  *
    424  * Plugins extending this function should also provide the global
    425  * $error and set what the error is, so that those checking the
    426  * global for why there was a failure can utilize it later.
    427  *
    428  * @since 1.2.2
    429  * @global string $error Error when false is returned
     416/**
     417 * wp_authenticate() - Checks a user's login information and logs them in if it checks out
     418 * @since 2.5
    430419 *
    431420 * @param string $username User's username
    432421 * @param string $password User's password
    433  * @param bool $deprecated Not used
    434  * @return bool False on login failure, true on successful check
    435  */
    436 function wp_login($username, $password, $deprecated = '') {
    437     global $error;
    438 
     422 * @return WP_Error|WP_User WP_User object if login successful, otherwise WP_Error object.
     423 */
     424if ( !function_exists('wp_authenticate') ) :
     425function wp_authenticate($username, $password) {
    439426    $username = sanitize_user($username);
    440427
    441428    if ( '' == $username )
    442         return false;
    443 
    444     if ( '' == $password ) {
    445         $error = __('<strong>ERROR</strong>: The password field is empty.');
    446         return false;
    447     }
     429        return new WP_Error('empty_username', __('<strong>ERROR</strong>: The username field is empty.'));
     430
     431    if ( '' == $password )
     432        return new WP_Error('empty_password', __('<strong>ERROR</strong>: The password field is empty.'));
    448433
    449434    $user = get_userdatabylogin($username);
    450435
    451     if ( !$user || ($user->user_login != $username) ) {
    452         $error = __('<strong>ERROR</strong>: Invalid username.');
    453         return false;
    454     }
    455 
    456     if ( !wp_check_password($password, $user->user_pass) ) {
    457         $error = __('<strong>ERROR</strong>: Incorrect password.');
    458         return false;
    459     }
     436    if ( !$user || ($user->user_login != $username) )
     437        return new WP_Error('invalid_username', __('<strong>ERROR</strong>: Invalid username.'));
     438
     439    if ( !wp_check_password($password, $user->user_pass) )
     440        return new WP_Error('incorrect_password', __('<strong>ERROR</strong>: Incorrect password.'));
    460441
    461442    // If using old md5 password, rehash.
     
    463444        wp_set_password($password, $user->ID);
    464445
    465     return true;
     446    return new WP_User($user->ID);
     447}
     448endif;
     449
     450/**
     451 * wp_logout() - Log the current user out
     452 * @since 2.5
     453 *
     454 */
     455if ( !function_exists('wp_logout') ) :
     456function wp_logout() {
     457    wp_clear_auth_cookie();
     458    do_action('wp_logout');
    466459}
    467460endif;
     
    12261219endif;
    12271220
     1221if ( !function_exists('wp_login') ) :
     1222/**
     1223 * wp_login() - Checks a users login information and logs them in if it checks out
     1224 *
     1225 * Use the global $error to get the reason why the login failed.
     1226 * If the username is blank, no error will be set, so assume
     1227 * blank username on that case.
     1228 *
     1229 * Plugins extending this function should also provide the global
     1230 * $error and set what the error is, so that those checking the
     1231 * global for why there was a failure can utilize it later.
     1232 *
     1233 * @since 1.2.2
     1234 * @deprecated Use wp_signin()
     1235 * @global string $error Error when false is returned
     1236 *
     1237 * @param string $username User's username
     1238 * @param string $password User's password
     1239 * @param bool $deprecated Not used
     1240 * @return bool False on login failure, true on successful check
     1241 */
     1242function wp_login($username, $password, $deprecated = '') {
     1243    global $error;
     1244
     1245    $user = wp_authenticate($username, $password);
     1246
     1247    if ( ! is_wp_error($user) )
     1248        return true;
     1249
     1250    $error = $user->get_error_message();
     1251    return false;
     1252}
     1253endif;
     1254
    12281255?>
Note: See TracChangeset for help on using the changeset viewer.