[WordPress] and issue with wp_insert_user() and wp_signon()


#1

Hey everyone,

Has anyone experienced an issue where the password hash generated from wp_insert_use() after inserting a new user never match with the real password? I came to that issue where I needed to create a new user, then sign him as soon as the user is created in the db (using wp_signon()) but it never works out for me. Also, when I try the password I used in the array for wp_insert_user() on the login page, it still never work!

The user insertion works fine, like its there in the db (both in wp_user and wp_usermeta tables). The issue is in the password hashing, it never matches.

Anyone experienced that issue? and if so, how did u overcome it?


#2

I have encountered the same problem before and it was fixed by a friend of my who is good at this stuff. I will try and check her out if she could lend me some information. I hope it could be soon.


#3
warriorfullights said

I have encountered the same problem before and it was fixed by a friend of my who is good at this stuff. I will try and check her out if she could lend me some information. I hope it could be soon.

would be great thanks :slight_smile:


#4
wizylabs said
warriorfullights said

I have encountered the same problem before and it was fixed by a friend of my who is good at this stuff. I will try and check her out if she could lend me some information. I hope it could be soon.

would be great thanks :slight_smile:

can you post the code so we can debug?


#5

<?php

// a short version of wp_insert_user(), no difference at all.
$new_user = wp_create_user( $username, $password, $email );

if( ! is_wp_error( $new_user ) )
{
	$creds = array();
	$creds['user_login'] = $username;
	$creds['user_password'] = $pass;
	$creds['remember'] = true;

	$signon = wp_signon( $creds, false );

	if ( is_wp_error( $signon ) )
	{
		// signed in, carry on
	}
	else
	{
		// echos out the errors, if any, from the login
		echo $signon->get_error_message();
	}
}
else
{
	// echos out the errors, if any, from the user insertion
	echo $new_user->get_error_message();
}

?>

above is a simplified code of my actual ones, not changed anything but stripped out the stuff that not necessary to debug :slight_smile:

the script inserts the user fine, but when it comes to login, it fails echoing out a message like “Username and password dont match” or something. The vars $username and $password and $email are defined earlier in the code.


#6
wizylabs said

<?php

// a short version of wp_insert_user(), no difference at all.
$new_user = wp_create_user( $username, $password, $email );

if( ! is_wp_error( $new_user ) )
{
	$creds = array();
	$creds['user_login'] = $username;
	$creds['user_password'] = $pass;
	$creds['remember'] = true;

	$signon = wp_signon( $creds, false );

	if ( is_wp_error( $signon ) )
	{
		// signed in, carry on
	}
	else
	{
		// echos out the errors, if any, from the login
		echo $signon->get_error_message();
	}
}
else
{
	// echos out the errors, if any, from the user insertion
	echo $new_user->get_error_message();
}

?>

above is a simplified code of my actual ones, not changed anything but stripped out the stuff that not necessary to debug :slight_smile:

the script inserts the user fine, but when it comes to login, it fails echoing out a message like “Username and password dont match” or something. The vars $username and $password and $email are defined earlier in the code.

maybe something like this?

function ft_insert_user(){
	$newUserData = array (
	   'ID' => '',
	   'user_pass' => wp_generate_password(),
	   'user_login' => 'ryan',
	   'user_nicename' => 'ryan',
	   'user_url' => '',
	   'user_email' => 'ryan at ryan.com',
	   'display_name' => 'Ryan',
	   'nickname' => 'ryan',
	   'first_name' => 'ryan',
	   'user_registered' => '2006-10-16 08:54:47',
	   'role' => 'Administrator'
	);
	
	$newUserId = wp_insert_user( $newUserData );
}
add_action( 'admin_init', 'ft_insert_user' );

and for automatic logging in.

<?php

function auto_login( $user ) {
    $username   = $user;
    // log in automatically
    if ( !is_user_logged_in() ) {
        $user = get_userdatabylogin( $username );
        $user_id = $user->ID;
        wp_set_current_user( $user_id, $user_login );
        wp_set_auth_cookie( $user_id );
        do_action( 'wp_login', $user_login );
    }     
}

?>

hopefully this helps.


#7

Thanks chrismccoy, but the issue is not that its not logging me in. The main issue is that the password entered in the wp_create_user function gets hashed uncorrectly so when I try to log in, either from the wp_signon function or the login page, the password doesn’t work! Im not sure what is causing that, thats the problem :smiley:


#8
wizylabs said

Thanks chrismccoy, but the issue is not that its not logging me in. The main issue is that the password entered in the wp_create_user function gets hashed uncorrectly so when I try to log in, either from the wp_signon function or the login page, the password doesn’t work! Im not sure what is causing that, thats the problem :smiley:

wp_create_user should work using a plain text, but if you want to signin, you have to convert the plain text to the hash, so you have to use the hash function against the plain text.