WP_REST_Users_Controller::check_user_password( string $value, WP_REST_Request $request, string $param ): string|WP_Error

Check a user password for the REST API.

Description

Performs a couple of checks like edit_user() in wp-admin/includes/user.php.

Parameters

$valuestringrequired
The password submitted in the request.
$requestWP_REST_Requestrequired
Full details about the request.
$paramstringrequired
The parameter name.

Return

string|WP_Error The sanitized password, if valid, otherwise an error.

Source

public function check_user_password( $value, $request, $param ) {
	$password = (string) $value;

	if ( empty( $password ) ) {
		return new WP_Error(
			'rest_user_invalid_password',
			__( 'Passwords cannot be empty.' ),
			array( 'status' => 400 )
		);
	}

	if ( str_contains( $password, '\\' ) ) {
		return new WP_Error(
			'rest_user_invalid_password',
			sprintf(
				/* translators: %s: The '\' character. */
				__( 'Passwords cannot contain the "%s" character.' ),
				'\\'
			),
			array( 'status' => 400 )
		);
	}

	return $password;
}

Changelog

VersionDescription
4.7.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.