Updates the user’s password with a new encrypted one.
Description
For integration with other applications, this function can be overwritten to instead use the other package password checking algorithm.
Please note: This function should be used sparingly and is really only meant for single-time application. Leveraging this improperly in a plugin or theme could result in an endless loop of password resets if precautions are not taken to ensure it does not execute on every page load.
Parameters
$password
stringrequired- The plaintext new user password.
$user_id
intrequired- User ID.
Source
function wp_set_password( $password, $user_id ) {
global $wpdb;
$hash = wp_hash_password( $password );
$wpdb->update(
$wpdb->users,
array(
'user_pass' => $hash,
'user_activation_key' => '',
),
array( 'ID' => $user_id )
);
clean_user_cache( $user_id );
/**
* Fires after the user password is set.
*
* @since 6.2.0
*
* @param string $password The plaintext password just set.
* @param int $user_id The ID of the user whose password was just set.
*/
do_action( 'wp_set_password', $password, $user_id );
}
Hooks
- do_action( ‘wp_set_password’,
string $password ,int $user_id ) Fires after the user password is set.
Changelog
Version | Description |
---|---|
2.5.0 | Introduced. |
Below is an example showing how to update a user’s password
Please note: This code should be deleted after ONE page load, otherwise the password will be reset on every subsequent load, sending the user back to the login screen each time.