[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-includes/ -> user.php (summary)

Core User API

File Size: 5140 lines (174 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 1 file
 wp-includes/class-phpass.php

Defines 78 functions

  wp_signon()
  wp_authenticate_username_password()
  wp_authenticate_email_password()
  wp_authenticate_cookie()
  wp_authenticate_application_password()
  wp_validate_application_password()
  wp_authenticate_spam_check()
  wp_validate_logged_in_cookie()
  count_user_posts()
  count_many_users_posts()
  get_current_user_id()
  get_user_option()
  update_user_option()
  delete_user_option()
  get_user()
  get_users()
  wp_list_users()
  get_blogs_of_user()
  is_user_member_of_blog()
  add_user_meta()
  delete_user_meta()
  get_user_meta()
  update_user_meta()
  count_users()
  get_user_count()
  wp_maybe_update_user_counts()
  wp_update_user_counts()
  wp_schedule_update_user_counts()
  wp_is_large_user_count()
  setup_userdata()
  wp_dropdown_users()
  sanitize_user_field()
  update_user_caches()
  clean_user_cache()
  username_exists()
  email_exists()
  validate_username()
  wp_insert_user()
  wp_update_user()
  wp_create_user()
  _get_additional_user_keys()
  wp_get_user_contact_methods()
  _wp_get_user_contactmethods()
  wp_get_password_hint()
  get_password_reset_key()
  check_password_reset_key()
  retrieve_password()
  reset_password()
  register_new_user()
  wp_send_new_user_notifications()
  wp_get_session_token()
  wp_get_all_sessions()
  wp_destroy_current_session()
  wp_destroy_other_sessions()
  wp_destroy_all_sessions()
  wp_get_users_with_no_role()
  _wp_get_current_user()
  send_confirmation_on_profile_email()
  new_user_email_admin_notice()
  _wp_privacy_action_request_types()
  wp_register_user_personal_data_exporter()
  wp_user_personal_data_exporter()
  _wp_privacy_account_request_confirmed()
  _wp_privacy_send_request_confirmation_notification()
  _wp_privacy_send_erasure_fulfillment_notification()
  _wp_privacy_account_request_confirmed_message()
  wp_create_user_request()
  wp_user_request_action_description()
  wp_send_user_request()
  wp_generate_user_request_key()
  wp_validate_user_request_key()
  wp_get_user_request()
  wp_is_application_passwords_supported()
  wp_is_application_passwords_available()
  wp_is_application_passwords_available_for_user()
  wp_register_persisted_preferences_meta()
  wp_cache_set_users_last_changed()
  wp_is_password_reset_allowed_for_user()

Functions
Functions that are not part of a class:

wp_signon( $credentials = array()   X-Ref
Authenticates and logs a user in with 'remember' capability.

The credentials is an array that has 'user_login', 'user_password', and
'remember' indices. If the credentials is not given, then the log in form
will be assumed and used if set.

The various authentication cookies will be set by this function and will be
set for a longer period depending on if the 'remember' credential is set to
true.

Note: wp_signon() doesn't handle setting the current user. This means that if the
function is called before the {@see 'init'} hook is fired, is_user_logged_in() will
evaluate as false until that point. If is_user_logged_in() is needed in conjunction
with wp_signon(), wp_set_current_user() should be called explicitly.

return: WP_User|WP_Error WP_User on success, WP_Error on failure.
param: array       $credentials {
param: string|bool $secure_cookie Optional. Whether to use secure cookie.

wp_authenticate_username_password( $user, $username, $password )   X-Ref
Authenticates a user, confirming the username and password are valid.

return: WP_User|WP_Error WP_User on success, WP_Error on failure.
param: WP_User|WP_Error|null $user     WP_User or WP_Error object from a previous callback. Default null.
param: string                $username Username for authentication.
param: string                $password Password for authentication.

wp_authenticate_email_password( $user, $email, $password )   X-Ref
Authenticates a user using the email and password.

return: WP_User|WP_Error WP_User on success, WP_Error on failure.
param: WP_User|WP_Error|null $user     WP_User or WP_Error object if a previous
param: string                $email    Email address for authentication.
param: string                $password Password for authentication.

wp_authenticate_cookie( $user, $username, $password )   X-Ref
Authenticates the user using the WordPress auth cookie.

return: WP_User|WP_Error WP_User on success, WP_Error on failure.
param: WP_User|WP_Error|null $user     WP_User or WP_Error object from a previous callback. Default null.
param: string                $username Username. If not empty, cancels the cookie authentication.
param: string                $password Password. If not empty, cancels the cookie authentication.

wp_authenticate_application_password( $input_user, $username, $password )   X-Ref
Authenticates the user using an application password.

return: WP_User|WP_Error|null WP_User on success, WP_Error on failure, null if
param: WP_User|WP_Error|null $input_user WP_User or WP_Error object if a previous
param: string                $username   Username for authentication.
param: string                $password   Password for authentication.

wp_validate_application_password( $input_user )   X-Ref
Validates the application password credentials passed via Basic Authentication.

return: int|false The authenticated user ID if successful, false otherwise.
param: int|false $input_user User ID if one has been determined, false otherwise.

wp_authenticate_spam_check( $user )   X-Ref
For Multisite blogs, checks if the authenticated user has been marked as a
spammer, or if the user's primary blog has been marked as spam.

return: WP_User|WP_Error WP_User on success, WP_Error if the user is considered a spammer.
param: WP_User|WP_Error|null $user WP_User or WP_Error object from a previous callback. Default null.

wp_validate_logged_in_cookie( $user_id )   X-Ref
Validates the logged-in cookie.

Checks the logged-in cookie if the previous auth cookie could not be
validated and parsed.

This is a callback for the {@see 'determine_current_user'} filter, rather than API.

return: int|false User ID if validated, false otherwise. If a user ID from
param: int|false $user_id The user ID (or false) as received from

count_user_posts( $userid, $post_type = 'post', $public_only = false )   X-Ref
Gets the number of posts a user has written.

return: string Number of posts the user has written in this post type.
param: int          $userid      User ID.
param: array|string $post_type   Optional. Single post type or array of post types to count the number of posts for. Default 'post'.
param: bool         $public_only Optional. Whether to only return counts for public posts. Default false.

count_many_users_posts( $users, $post_type = 'post', $public_only = false )   X-Ref
Gets the number of posts written by a list of users.

return: string[] Amount of posts each user has written, as strings, keyed by user ID.
param: int[]           $users       Array of user IDs.
param: string|string[] $post_type   Optional. Single post type or array of post types to check. Defaults to 'post'.
param: bool            $public_only Optional. Only return counts for public posts.  Defaults to false.

get_current_user_id()   X-Ref
Gets the current user's ID.

return: int The current user's ID, or 0 if no user is logged in.

get_user_option( $option, $user = 0, $deprecated = '' )   X-Ref
Retrieves user option that can be either per Site or per Network.

If the user ID is not given, then the current user will be used instead. If
the user ID is given, then the user data will be retrieved. The filter for
the result, will also pass the original option name and finally the user data
object as the third parameter.

The option will first check for the per site name and then the per Network name.

return: mixed User option value on success, false on failure.
param: string $option     User option name.
param: int    $user       Optional. User ID.
param: string $deprecated Use get_option() to check for an option in the options table.

update_user_option( $user_id, $option_name, $newvalue, $is_global = false )   X-Ref
Updates user option with global blog capability.

User options are just like user metadata except that they have support for
global blog options. If the 'is_global' parameter is false, which it is by default,
it will prepend the WordPress table prefix to the option name.

Deletes the user option if $newvalue is empty.

return: int|bool User meta ID if the option didn't exist, true on successful update,
param: int    $user_id     User ID.
param: string $option_name User option name.
param: mixed  $newvalue    User option value.
param: bool   $is_global   Optional. Whether option name is global or blog specific.

delete_user_option( $user_id, $option_name, $is_global = false )   X-Ref
Deletes user option with global blog capability.

User options are just like user metadata except that they have support for
global blog options. If the 'is_global' parameter is false, which it is by default,
it will prepend the WordPress table prefix to the option name.

return: bool True on success, false on failure.
param: int    $user_id     User ID
param: string $option_name User option name.
param: bool   $is_global   Optional. Whether option name is global or blog specific.

get_user( $user_id )   X-Ref
Retrieves user info by user ID.

return: WP_User|false WP_User object on success, false on failure.
param: int $user_id User ID.

get_users( $args = array()   X-Ref
Retrieves list of users matching criteria.

return: array List of users.
param: array $args Optional. Arguments to retrieve users. See WP_User_Query::prepare_query()

wp_list_users( $args = array()   X-Ref
Lists all the users of the site, with several options available.

return: string|null The output if echo is false. Otherwise null.
param: string|array $args {

get_blogs_of_user( $user_id, $all = false )   X-Ref
Gets the sites a user belongs to.

return: object[] A list of the user's sites. An empty array if the user doesn't exist
param: int  $user_id User ID
param: bool $all     Whether to retrieve all sites, or only sites that are not

is_user_member_of_blog( $user_id = 0, $blog_id = 0 )   X-Ref
Finds out whether a user is a member of a given blog.

return: bool
param: int $user_id Optional. The unique ID of the user. Defaults to the current user.
param: int $blog_id Optional. ID of the blog to check. Defaults to the current site.

add_user_meta( $user_id, $meta_key, $meta_value, $unique = false )   X-Ref
Adds meta data to a user.

return: int|false Meta ID on success, false on failure.
param: int    $user_id    User ID.
param: string $meta_key   Metadata name.
param: mixed  $meta_value Metadata value. Must be serializable if non-scalar.
param: bool   $unique     Optional. Whether the same key should not be added.

delete_user_meta( $user_id, $meta_key, $meta_value = '' )   X-Ref
Removes metadata matching criteria from a user.

You can match based on the key, or key and value. Removing based on key and
value, will keep from removing duplicate metadata with the same key. It also
allows removing all metadata matching key, if needed.

return: bool True on success, false on failure.
param: int    $user_id    User ID
param: string $meta_key   Metadata name.
param: mixed  $meta_value Optional. Metadata value. If provided,

get_user_meta( $user_id, $key = '', $single = false )   X-Ref
Retrieves user meta field for a user.

return: mixed An array of values if `$single` is false.
param: int    $user_id User ID.
param: string $key     Optional. The meta key to retrieve. By default,
param: bool   $single  Optional. Whether to return a single value.

update_user_meta( $user_id, $meta_key, $meta_value, $prev_value = '' )   X-Ref
Updates user meta field based on user ID.

Use the $prev_value parameter to differentiate between meta fields with the
same key and user ID.

If the meta field for the user does not exist, it will be added.

return: int|bool Meta ID if the key didn't exist, true on successful update,
param: int    $user_id    User ID.
param: string $meta_key   Metadata key.
param: mixed  $meta_value Metadata value. Must be serializable if non-scalar.
param: mixed  $prev_value Optional. Previous value to check before updating.

count_users( $strategy = 'time', $site_id = null )   X-Ref
Counts number of users who have each of the user roles.

Assumes there are neither duplicated nor orphaned capabilities meta_values.
Assumes role names are unique phrases. Same assumption made by WP_User_Query::prepare_query()
Using $strategy = 'time' this is CPU-intensive and should handle around 10^7 users.
Using $strategy = 'memory' this is memory-intensive and should handle around 10^5 users, but see WP Bug #12257.

return: array {
param: string   $strategy Optional. The computational strategy to use when counting the users.
param: int|null $site_id  Optional. The site ID to count users for. Defaults to the current site.

get_user_count( $network_id = null )   X-Ref
Returns the number of active users in your installation.

Note that on a large site the count may be cached and only updated twice daily.

return: int Number of active users on the network.
param: int|null $network_id ID of the network. Defaults to the current network.

wp_maybe_update_user_counts( $network_id = null )   X-Ref
Updates the total count of users on the site if live user counting is enabled.

return: bool Whether the update was successful.
param: int|null $network_id ID of the network. Defaults to the current network.

wp_update_user_counts( $network_id = null )   X-Ref
Updates the total count of users on the site.

return: bool Whether the update was successful.
param: int|null $network_id ID of the network. Defaults to the current network.

wp_schedule_update_user_counts()   X-Ref
Schedules a recurring recalculation of the total count of users.


wp_is_large_user_count( $network_id = null )   X-Ref
Determines whether the site has a large number of users.

The default criteria for a large site is more than 10,000 users.

return: bool Whether the site has a large number of users.
param: int|null $network_id ID of the network. Defaults to the current network.

setup_userdata( $for_user_id = 0 )   X-Ref
Sets up global user vars.

Used by wp_set_current_user() for back compat. Might be deprecated in the future.

param: int $for_user_id Optional. User ID to set up global data. Default 0.

wp_dropdown_users( $args = '' )   X-Ref
Creates dropdown HTML content of users.

The content can either be displayed, which it is by default, or retrieved by
setting the 'echo' argument to false. The 'include' and 'exclude' arguments
are optional; if they are not specified, all users will be displayed. Only one
can be used in a single call, either 'include' or 'exclude', but not both.

return: string HTML dropdown list of users.
param: array|string $args {

sanitize_user_field( $field, $value, $user_id, $context )   X-Ref
Sanitizes user field based on context.

Possible context values are:  'raw', 'edit', 'db', 'display', 'attribute' and 'js'. The
'display' context is used by default. 'attribute' and 'js' contexts are treated like 'display'
when calling filters.

return: mixed Sanitized value.
param: string $field   The user Object field name.
param: mixed  $value   The user Object value.
param: int    $user_id User ID.
param: string $context How to sanitize user fields. Looks for 'raw', 'edit', 'db', 'display',

update_user_caches( $user )   X-Ref
Updates all user caches.

return: void|false Void on success, false on failure.
param: object|WP_User $user User object or database row to be cached

clean_user_cache( $user )   X-Ref
Cleans all user caches.

param: WP_User|int $user User object or ID to be cleaned from the cache

username_exists( $username )   X-Ref
Determines whether the given username exists.

For more information on this and similar theme functions, check out
the {@link https://developer.wordpress.org/themes/basics/conditional-tags/
Conditional Tags} article in the Theme Developer Handbook.

return: int|false The user ID on success, false on failure.
param: string $username The username to check for existence.

email_exists( $email )   X-Ref
Determines whether the given email exists.

For more information on this and similar theme functions, check out
the {@link https://developer.wordpress.org/themes/basics/conditional-tags/
Conditional Tags} article in the Theme Developer Handbook.

return: int|false The user ID on success, false on failure.
param: string $email The email to check for existence.

validate_username( $username )   X-Ref
Checks whether a username is valid.

return: bool Whether username given is valid.
param: string $username Username.

wp_insert_user( $userdata )   X-Ref
Inserts a user into the database.

Most of the `$userdata` array fields have filters associated with the values. Exceptions are
'ID', 'rich_editing', 'syntax_highlighting', 'comment_shortcuts', 'admin_color', 'use_ssl',
'user_registered', 'user_activation_key', 'spam', and 'role'. The filters have the prefix
'pre_user_' followed by the field name. An example using 'description' would have the filter
called 'pre_user_description' that can be hooked into.

return: int|WP_Error The newly created user's ID or a WP_Error object if the user could not
param: array|object|WP_User $userdata {

wp_update_user( $userdata )   X-Ref
Updates a user in the database.

It is possible to update a user's password by specifying the 'user_pass'
value in the $userdata parameter array.

If current user's password is being updated, then the cookies will be
cleared.

return: int|WP_Error The updated user's ID or a WP_Error object if the user could not be updated.
param: array|object|WP_User $userdata An array of user data or a user object of type stdClass or WP_User.

wp_create_user( $username, $password, $email = '' )   X-Ref
Provides a simpler way of inserting a user into the database.

Creates a new user with just the username, password, and email. For more
complex user creation use wp_insert_user() to specify more information.

return: int|WP_Error The newly created user's ID or a WP_Error object if the user could not
param: string $username The user's username.
param: string $password The user's password.
param: string $email    Optional. The user's email. Default empty.

_get_additional_user_keys( $user )   X-Ref
Returns a list of meta keys to be (maybe) populated in wp_update_user().

The list of keys returned via this function are dependent on the presence
of those keys in the user meta data to be set.

return: string[] List of user keys to be populated in wp_update_user().
param: WP_User $user WP_User instance.

wp_get_user_contact_methods( $user = null )   X-Ref
Sets up the user contact methods.

Default contact methods were removed in 3.6. A filter dictates contact methods.

return: string[] Array of contact method labels keyed by contact method.
param: WP_User|null $user Optional. WP_User object.

_wp_get_user_contactmethods( $user = null )   X-Ref
The old private function for setting up user contact methods.

Use wp_get_user_contact_methods() instead.

return: string[] Array of contact method labels keyed by contact method.
param: WP_User|null $user Optional. WP_User object. Default null.

wp_get_password_hint()   X-Ref
Gets the text suggesting how to create strong passwords.

return: string The password hint text.

get_password_reset_key( $user )   X-Ref
Creates, stores, then returns a password reset key for user.

return: string|WP_Error Password reset key on success. WP_Error on error.
param: WP_User $user User to retrieve password reset key for.

check_password_reset_key( $key, $login )   X-Ref
Retrieves a user row based on password reset key and login.

A key is considered 'expired' if it exactly matches the value of the
user_activation_key field, rather than being matched after going through the
hashing process. This field is now hashed; old values are no longer accepted
but have a different WP_Error code so good user feedback can be provided.

return: WP_User|WP_Error WP_User object on success, WP_Error object for invalid or expired keys.
param: string $key       Hash to validate sending user's password.
param: string $login     The user login.

retrieve_password( $user_login = '' )   X-Ref
Handles sending a password retrieval email to a user.

return: true|WP_Error True when finished, WP_Error object on error.
param: string $user_login Optional. Username to send a password retrieval email for.

reset_password( $user, $new_pass )   X-Ref
Handles resetting the user's password.

param: WP_User $user     The user
param: string  $new_pass New password for the user in plaintext

register_new_user( $user_login, $user_email )   X-Ref
Handles registering a new user.

return: int|WP_Error Either user's ID or error on failure.
param: string $user_login User's username for logging in
param: string $user_email User's email address to send password and add

wp_send_new_user_notifications( $user_id, $notify = 'both' )   X-Ref
Initiates email notifications related to the creation of new users.

Notifications are sent both to the site admin and to the newly created user.

param: int    $user_id ID of the newly created user.
param: string $notify  Optional. Type of notification that should happen. Accepts 'admin'

wp_get_session_token()   X-Ref
Retrieves the current session token from the logged_in cookie.

return: string Token.

wp_get_all_sessions()   X-Ref
Retrieves a list of sessions for the current user.

return: array Array of sessions.

wp_destroy_current_session()   X-Ref
Removes the current session token from the database.


wp_destroy_other_sessions()   X-Ref
Removes all but the current session token for the current user for the database.


wp_destroy_all_sessions()   X-Ref
Removes all session tokens for the current user from the database.


wp_get_users_with_no_role( $site_id = null )   X-Ref
Gets the user IDs of all users with no role on this site.

return: string[] Array of user IDs as strings.
param: int|null $site_id Optional. The site ID to get users with no role for. Defaults to the current site.

_wp_get_current_user()   X-Ref
Retrieves the current user object.

Will set the current user, if the current user is not set. The current user
will be set to the logged-in person. If no user is logged-in, then it will
set the current user to 0, which is invalid and won't have any permissions.

This function is used by the pluggable functions wp_get_current_user() and
get_currentuserinfo(), the latter of which is deprecated but used for backward
compatibility.

return: WP_User Current WP_User instance.

send_confirmation_on_profile_email()   X-Ref
Sends a confirmation request email when a change of user email address is attempted.


new_user_email_admin_notice()   X-Ref
Adds an admin notice alerting the user to check for confirmation request email
after email address change.


_wp_privacy_action_request_types()   X-Ref
Gets all personal data request types.

return: string[] List of core privacy action types.

wp_register_user_personal_data_exporter( $exporters )   X-Ref
Registers the personal data exporter for users.

return: array[] An array of personal data exporters.
param: array[] $exporters An array of personal data exporters.

wp_user_personal_data_exporter( $email_address )   X-Ref
Finds and exports personal data associated with an email address from the user and user_meta table.

return: array {
param: string $email_address  The user's email address.

_wp_privacy_account_request_confirmed( $request_id )   X-Ref
No description

_wp_privacy_send_request_confirmation_notification( $request_id )   X-Ref
Notifies the site administrator via email when a request is confirmed.

Without this, the admin would have to manually check the site to see if any
action was needed on their part yet.

param: int $request_id The ID of the request.

_wp_privacy_send_erasure_fulfillment_notification( $request_id )   X-Ref
Notifies the user when their erasure request is fulfilled.

Without this, the user would never know if their data was actually erased.

param: int $request_id The privacy request post ID associated with this request.

_wp_privacy_account_request_confirmed_message( $request_id )   X-Ref
Returns request confirmation message HTML.

return: string The confirmation message.
param: int $request_id The request ID being confirmed.

wp_create_user_request( $email_address = '', $action_name = '', $request_data = array()   X-Ref
Creates and logs a user request to perform a specific action.

Requests are stored inside a post type named `user_request` since they can apply to both
users on the site, or guests without a user account.

return: int|WP_Error                   Returns the request ID if successful, or a WP_Error object on failure.
param: string $email_address           User email address. This can be the address of a registered
param: string $action_name             Name of the action that is being confirmed. Required.
param: array  $request_data            Misc data you want to send with the verification request and pass
param: string $status                  Optional request status (pending or confirmed). Default 'pending'.

wp_user_request_action_description( $action_name )   X-Ref
Gets action description from the name and return a string.

return: string Human readable action name.
param: string $action_name Action name of the request.

wp_send_user_request( $request_id )   X-Ref
Send a confirmation request email to confirm an action.

If the request is not already pending, it will be updated.

return: true|WP_Error True on success, `WP_Error` on failure.
param: string $request_id ID of the request created via wp_create_user_request().

wp_generate_user_request_key( $request_id )   X-Ref
Returns a confirmation key for a user action and stores the hashed version for future comparison.

return: string Confirmation key.
param: int $request_id Request ID.

wp_validate_user_request_key( $request_id, $key )   X-Ref
Validates a user request by comparing the key with the request's key.

return: true|WP_Error True on success, WP_Error on failure.
param: string $request_id ID of the request being confirmed.
param: string $key        Provided key to validate.

wp_get_user_request( $request_id )   X-Ref
Returns the user request object for the specified request ID.

return: WP_User_Request|false
param: int $request_id The ID of the user request.

wp_is_application_passwords_supported()   X-Ref
Checks if Application Passwords is supported.

Application Passwords is supported only by sites using SSL or local environments
but may be made available using the {@see 'wp_is_application_passwords_available'} filter.

return: bool

wp_is_application_passwords_available()   X-Ref
Checks if Application Passwords is globally available.

By default, Application Passwords is available to all sites using SSL or to local environments.
Use the {@see 'wp_is_application_passwords_available'} filter to adjust its availability.

return: bool

wp_is_application_passwords_available_for_user( $user )   X-Ref
Checks if Application Passwords is available for a specific user.

By default all users can use Application Passwords. Use {@see 'wp_is_application_passwords_available_for_user'}
to restrict availability to certain users.

return: bool
param: int|WP_User $user The user to check.

wp_register_persisted_preferences_meta()   X-Ref
Registers the user meta property for persisted preferences.

This property is used to store user preferences across page reloads and is
currently used by the block editor for preferences like 'fullscreenMode' and
'fixedToolbar'.


wp_cache_set_users_last_changed()   X-Ref
Sets the last changed time for the 'users' cache group.


wp_is_password_reset_allowed_for_user( $user )   X-Ref
Checks if password reset is allowed for a specific user.

return: bool|WP_Error True if allowed, false or WP_Error otherwise.
param: int|WP_User $user The user to check.



Generated : Sat Nov 23 08:20:01 2024 Cross-referenced by PHPXref