Changeset 7555 for trunk/wp-includes/pluggable.php
- Timestamp:
- 03/27/2008 10:44:47 PM (17 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-includes/pluggable.php
r7461 r7555 432 432 } 433 433 434 if ( !wp_check_password($password, $user->user_pass ) ) {434 if ( !wp_check_password($password, $user->user_pass, $user->ID) ) { 435 435 do_action( 'wp_login_failed', $username ); 436 436 return new WP_Error('incorrect_password', __('<strong>ERROR</strong>: Incorrect password.')); 437 437 } 438 439 // If using old md5 password, rehash.440 if ( strlen($user->user_pass) <= 32 )441 wp_set_password($password, $user->ID);442 438 443 439 return new WP_User($user->ID); … … 1135 1131 * @return bool False, if the $password does not match the hashed password 1136 1132 */ 1137 function wp_check_password($password, $hash ) {1133 function wp_check_password($password, $hash, $user_id = '') { 1138 1134 global $wp_hasher; 1139 1135 1140 if ( strlen($hash) <= 32 ) 1141 return ( $hash == md5($password) ); 1136 // If the hash is still md5... 1137 if ( strlen($hash) <= 32 ) { 1138 $check = ( $hash == md5($password) ); 1139 if ( $check && $user_id ) { 1140 // Rehash using new hash. 1141 wp_set_password($password, $user_id); 1142 $hash = wp_hash_password($password); 1143 } 1144 1145 return apply_filters('check_password', $check, $password, $hash, $user_id); 1146 } 1142 1147 1143 1148 // If the stored hash is longer than an MD5, presume the … … 1151 1156 $check = $wp_hasher->CheckPassword($password, $hash); 1152 1157 1153 return apply_filters('check_password', $check, $password, $hash );1158 return apply_filters('check_password', $check, $password, $hash, $user_id); 1154 1159 } 1155 1160 endif;
Note: See TracChangeset
for help on using the changeset viewer.