wp_validate_user_request_key

Advertisement

Summery Summery

Validate a user request by comparing the key with the request’s key.

Syntax Syntax

wp_validate_user_request_key( string $request_id, string $key )

Parameters Parameters

$request_id

(Required) ID of the request being confirmed.

$key

(Required) Provided key to validate.

Return Return

(bool|WP_Error) True on success, WP_Error on failure.

Source Source

File: wp-includes/user.php

			'post_status'   => 'request-pending',
			'post_password' => $wp_hasher->HashPassword( $key ),
		)
	);

	return $key;
}

/**
 * Validate a user request by comparing the key with the request's key.
 *
 * @since 4.9.6
 *
 * @param string $request_id ID of the request being confirmed.
 * @param string $key        Provided key to validate.
 * @return bool|WP_Error True on success, WP_Error on failure.
 */
function wp_validate_user_request_key( $request_id, $key ) {
	global $wp_hasher;

	$request_id = absint( $request_id );
	$request    = wp_get_user_request( $request_id );

	if ( ! $request ) {
		return new WP_Error( 'invalid_request', __( 'Invalid request.' ) );
	}

	if ( ! in_array( $request->status, array( 'request-pending', 'request-failed' ), true ) ) {
		return new WP_Error( 'expired_link', __( 'This link has expired.' ) );
	}

	if ( empty( $key ) ) {
		return new WP_Error( 'missing_key', __( 'Missing confirm key.' ) );
	}

	if ( empty( $wp_hasher ) ) {
		require_once ABSPATH . WPINC . '/class-phpass.php';
		$wp_hasher = new PasswordHash( 8, true );
	}

	$key_request_time = $request->modified_timestamp;
	$saved_key        = $request->confirm_key;

	if ( ! $saved_key ) {
		return new WP_Error( 'invalid_key', __( 'Invalid key.' ) );
	}

	if ( ! $key_request_time ) {
		return new WP_Error( 'invalid_key', __( 'Invalid action.' ) );
	}

	/**
	 * Filters the expiration time of confirm keys.
	 *

Advertisement

Changelog Changelog

Changelog
Version Description
4.9.6 Introduced.

Advertisement

Leave a Reply