wp_set_password(). see #2394

git-svn-id: https://develop.svn.wordpress.org/trunk@6396 602fd350-edb4-49c9-b593-d223f7449a82
2007-12-17 06:02:45 +00:00 · 2007-12-17 06:02:45 +00:00 · 5b1f4e739c
parent cdda888c0c
commit 5b1f4e739c
2 changed files with 17 additions and 11 deletions
--- a/wp-includes/pluggable.php
+++ b/wp-includes/pluggable.php
@ -304,24 +304,21 @@ function wp_login($username, $password, $deprecated = false) {
 		return false;
 	}
-	$login = get_userdatabylogin($username);
+	$user = get_userdatabylogin($username);
-	if ( !$login || ($login->user_login != $username) ) {
+	if ( !$user || ($user->user_login != $username) ) {
 		$error = __('<strong>ERROR</strong>: Invalid username.');
 		return false;
 	}
-	if ( !wp_check_password($password, $login->user_pass) ) {
+	if ( !wp_check_password($password, $user->user_pass) ) {
 		$error = __('<strong>ERROR</strong>: Incorrect password.');
 		return false;
 	}
 	// If using old md5 password, rehash.
-	if ( strlen($login->user_pass) <= 32 ) {
+	if ( strlen($user->user_pass) <= 32 )
-		$hash = wp_hash_password($password);
+		wp_set_password($password, $user->ID);
 		$wpdb->query("UPDATE $wpdb->users SET user_pass = '$hash', user_activation_key = '' WHERE ID = '$login->ID'");
 		wp_cache_delete($login->ID, 'users');
 	}
 	return true;
 }
@ -770,6 +767,17 @@ function wp_generate_password() {
 }
 endif;
 if ( !function_exists('wp_set_password') ) :
 function wp_set_password( $password, $user_id ) {
 	global $wpdb;
 	$hash = wp_hash_password($password);
 	$query = $wpdb->prepare("UPDATE $wpdb->users SET user_pass = %s, user_activation_key = '' WHERE ID = %d", $hash, $user_id);
 	$wpdb->query($query);
 	wp_cache_delete($user_id, 'users');
 }
 endif;
 // Deprecated. Use wp_set_auth_cookie()
 if ( !function_exists('wp_setcookie') ) :
 function wp_setcookie($username, $password = '', $already_md5 = false, $home = '', $siteurl = '', $remember = false) {
--- a/wp-login.php
+++ b/wp-login.php
@ -184,9 +184,7 @@ case 'rp' :
 	// Generate something random for a password...
 	$new_pass = wp_generate_password();
-	$new_hash = wp_hash_password($new_pass); 
+	wp_set_password($new_pass, $user->ID);
 	$wpdb->query("UPDATE $wpdb->users SET user_pass = '$new_hash', user_activation_key = '' WHERE ID = '$user->ID'");
 	wp_cache_delete($user->ID, 'users');
 	$message  = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
 	$message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
 	$message .= get_option('siteurl') . "/wp-login.php\r\n";