WP_REST_Users_Controller::check_user_password( string $value, WP_REST_Request $request, string $param )

Check a user password for the REST API.

Description

Performs a couple of checks like edit_user() in wp-admin/includes/user.php.

Parameters

$value

(string) (Required) The password submitted in the request.

$request

(WP_REST_Request) (Required) Full details about the request.

$param

(string) (Required) The parameter name.

Return

(string|WP_Error) The sanitized password, if valid, otherwise an error.

Source

File: wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php

public function check_user_password( $value, $request, $param ) {
		$password = (string) $value;

		if ( empty( $password ) ) {
			return new WP_Error(
				'rest_user_invalid_password',
				__( 'Passwords cannot be empty.' ),
				array( 'status' => 400 )
			);
		}

		if ( false !== strpos( $password, '\\' ) ) {
			return new WP_Error(
				'rest_user_invalid_password',
				sprintf(
					/* translators: %s: The '\' character. */
					__( 'Passwords cannot contain the "%s" character.' ),
					'\\'
				),
				array( 'status' => 400 )
			);
		}

		return $password;
	}

Changelog

Version Description
4.7.0 Introduced.

© 2003–2021 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/classes/wp_rest_users_controller/check_user_password