PasswordHash::CheckPassword()publicWP 1.0

Method of the class: PasswordHash{}

No Hooks.

Return

null. Nothing (null).

Usage

$PasswordHash = new PasswordHash();
$PasswordHash->CheckPassword( $password, $stored_hash );
$password (required)
-
$stored_hash (required)
-

PasswordHash::CheckPassword() code WP 6.6.2

function CheckPassword($password, $stored_hash)
{
	if ( strlen( $password ) > 4096 ) {
		return false;
	}

	$hash = $this->crypt_private($password, $stored_hash);
	if ($hash[0] === '*')
		$hash = crypt($password, $stored_hash);

	# This is not constant-time.  In order to keep the code simple,
	# for timing safety we currently rely on the salts being
	# unpredictable, which they are at least in the non-fallback
	# cases (that is, when we use /dev/urandom and bcrypt).
	return $hash === $stored_hash;
}