realeez Posted September 25, 2013 Share Posted September 25, 2013 Dear friends,I am using the XML-RPC Server to implement a simple login authentication as a web service . So I wrote a function in wp-includes\class-wp-xmlrpc-server.php like function web_auth($host, $db, $dbuser, $dbpass, $username, $password) { $dbhandle = mysql_connect($host, $dbuser, $dbpass) or die("Unable to connect to MySQL"); $selected = mysql_select_db($db,$dbhandle) or die("Could not select database"); //$md5_password = md5($password); $md5_password = wp_hash_password($password); $result = mysql_query("SELECT count(*) AS total FROM wp_users WHERE user_login='$username' AND user_pass='$md5_password' AND user_status=0"); $data=mysql_fetch_assoc($result); //echo "SELECT count(*) AS total FROM wp_users WHERE user_login='$username' AND user_pass='$md5_password' AND user_status=0"; //die($data['total']); if($data['total'] == 1) { return true; } return false; } But the password hash mechanism is not make things proper. Please help me to find the exact password in line $md5_password = wp_hash_password($password); Waiting your fast reply Thanks,Anes Quote Link to comment https://forums.phpfreaks.com/topic/282436-how-to-add-a-userpassword-authentication-as-xml-rpc-method/ Share on other sites More sharing options...
mac_gyver Posted September 25, 2013 Share Posted September 25, 2013 the wp_hash_password() function is used to initially generate the hash of the password. this is the value that is stored in the database table. to compare if an entered password matches, you must retrieve the stored password hash from the database table and use the $wp_hasher->CheckPassword() method. this is covered in the wordpress wp_hash_password() documentation - http://codex.wordpress.org/Function_Reference/wp_hash_password Quote Link to comment https://forums.phpfreaks.com/topic/282436-how-to-add-a-userpassword-authentication-as-xml-rpc-method/#findComment-1451182 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.