It’s been a while since I used WordPress but I got requested to look at a custom authentication plugin that does not appear to be working. I just copied and pasted the relevant snippet of code that I can’t seem to get to work right. The check password always appears to be incorrect.

$user = $_GET['user'];
$pass = $_GET['pass'];
$hash = wp_hash_password('$pass');

$query = mysqli_query($con, "Select * from users where username='$user'");

while($row = mysqli_fetch_array($query)) {
$check = wp_check_password( $pass, $hash)
}

$check ALWAYS equals false. Anyone have any idea’s? Additionally, won’t wp_hash_password make a different hash everytime because it adds salt to it? For example; when I write

$hash = wp_hash_password('pizza'); echo $hash;

the hash is always different. So how can

wp_check_password($pass,$hash)

work if the hash is always different?

I’d really appreciate any help

Read more here: Custom WordPress Authentication Plugin not working


Solution:

If you know the solution of this issue, please leave us a reply in Comment section, to update the question.


Wordpress related questions and answers: