[WordPress] and issue with wp_insert_user() and wp_signon()

taha · July 2, 2011, 8:01pm

Hey everyone,

Has anyone experienced an issue where the password hash generated from wp_insert_use() after inserting a new user never match with the real password? I came to that issue where I needed to create a new user, then sign him as soon as the user is created in the db (using wp_signon()) but it never works out for me. Also, when I try the password I used in the array for wp_insert_user() on the login page, it still never work!

The user insertion works fine, like its there in the db (both in wp_user and wp_usermeta tables). The issue is in the password hashing, it never matches.

Anyone experienced that issue? and if so, how did u overcome it?

markpaulodesk1 · July 3, 2011, 3:40am

I have encountered the same problem before and it was fixed by a friend of my who is good at this stuff. I will try and check her out if she could lend me some information. I hope it could be soon.

taha · July 3, 2011, 12:19pm

warriorfullights said
I have encountered the same problem before and it was fixed by a friend of my who is good at this stuff. I will try and check her out if she could lend me some information. I hope it could be soon.

would be great thanks

chris13 · July 3, 2011, 12:59pm

wizylabs said
warriorfullights said
I have encountered the same problem before and it was fixed by a friend of my who is good at this stuff. I will try and check her out if she could lend me some information. I hope it could be soon.

would be great thanks

can you post the code so we can debug?

taha · July 3, 2011, 3:14pm


<?php

// a short version of wp_insert_user(), no difference at all.
$new_user = wp_create_user( $username, $password, $email );

if( ! is_wp_error( $new_user ) )
{
	$creds = array();
	$creds['user_login'] = $username;
	$creds['user_password'] = $pass;
	$creds['remember'] = true;

	$signon = wp_signon( $creds, false );

	if ( is_wp_error( $signon ) )
	{
		// signed in, carry on
	}
	else
	{
		// echos out the errors, if any, from the login
		echo $signon->get_error_message();
	}
}
else
{
	// echos out the errors, if any, from the user insertion
	echo $new_user->get_error_message();
}

?>

above is a simplified code of my actual ones, not changed anything but stripped out the stuff that not necessary to debug

the script inserts the user fine, but when it comes to login, it fails echoing out a message like “Username and password dont match” or something. The vars $username and $password and $email are defined earlier in the code.

chris13 · July 3, 2011, 3:22pm

wizylabs said
<?php

// a short version of wp_insert_user(), no difference at all.
$new_user = wp_create_user( $username, $password, $email );

if( ! is_wp_error( $new_user ) )
{
	$creds = array();
	$creds['user_login'] = $username;
	$creds['user_password'] = $pass;
	$creds['remember'] = true;

	$signon = wp_signon( $creds, false );

	if ( is_wp_error( $signon ) )
	{
		// signed in, carry on
	}
	else
	{
		// echos out the errors, if any, from the login
		echo $signon->get_error_message();
	}
}
else
{
	// echos out the errors, if any, from the user insertion
	echo $new_user->get_error_message();
}

?>
above is a simplified code of my actual ones, not changed anything but stripped out the stuff that not necessary to debug

the script inserts the user fine, but when it comes to login, it fails echoing out a message like “Username and password dont match” or something. The vars $username and $password and $email are defined earlier in the code.

maybe something like this?

function ft_insert_user(){
	$newUserData = array (
	   'ID' => '',
	   'user_pass' => wp_generate_password(),
	   'user_login' => 'ryan',
	   'user_nicename' => 'ryan',
	   'user_url' => '',
	   'user_email' => 'ryan at ryan.com',
	   'display_name' => 'Ryan',
	   'nickname' => 'ryan',
	   'first_name' => 'ryan',
	   'user_registered' => '2006-10-16 08:54:47',
	   'role' => 'Administrator'
	);
	
	$newUserId = wp_insert_user( $newUserData );
}
add_action( 'admin_init', 'ft_insert_user' );

and for automatic logging in.

<?php

function auto_login( $user ) {
    $username   = $user;
    // log in automatically
    if ( !is_user_logged_in() ) {
        $user = get_userdatabylogin( $username );
        $user_id = $user->ID;
        wp_set_current_user( $user_id, $user_login );
        wp_set_auth_cookie( $user_id );
        do_action( 'wp_login', $user_login );
    }     
}

?>

hopefully this helps.

taha · July 3, 2011, 3:51pm

Thanks chrismccoy, but the issue is not that its not logging me in. The main issue is that the password entered in the wp_create_user function gets hashed uncorrectly so when I try to log in, either from the wp_signon function or the login page, the password doesn’t work! Im not sure what is causing that, thats the problem

chris13 · July 3, 2011, 4:15pm

wizylabs said
Thanks chrismccoy, but the issue is not that its not logging me in. The main issue is that the password entered in the wp_create_user function gets hashed uncorrectly so when I try to log in, either from the wp_signon function or the login page, the password doesn’t work! Im not sure what is causing that, thats the problem

wp_create_user should work using a plain text, but if you want to signin, you have to convert the plain text to the hash, so you have to use the hash function against the plain text.