wp_signon

Authenticates and logs a user in with 'remember' capability.

Description

(WP_User|WP_Error) wp_signon( (array) $credentials = array(), (string) $secure_cookie = '' ); 

The credentials is an array that has user_login,, user_password , and remember indices. If the credentials is not given, then the log in form will be assumed and used if set.

The various authentication cookies will be set by this function and will be set for a longer period depending on if the remember credential is set to true.

Returns (WP_User|WP_Error)

WP_User on success, WP_Error on failure.

Parameters (2)

0. $credentials — Optional. (array) => array()
User info in order to sign on.
1. $secure_cookie — Optional. (string) => ''
Whether to use secure cookie.

Usage

  1. if ( !function_exists( 'wp_signon' ) ) { 
  2. require_once ABSPATH . WPINC . '/user.php'; 
  3.  
  4. // Optional. User info in order to sign on. 
  5. $credentials = array(); 
  6.  
  7. // Optional. Whether to use secure cookie. 
  8. $secure_cookie = ''; 
  9.  
  10. // NOTICE! Understand what this does before running. 
  11. $result = wp_signon($credentials, $secure_cookie); 
  12.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/user.php  
  1. function wp_signon( $credentials = array(), $secure_cookie = '' ) { 
  2. if ( empty($credentials) ) { 
  3. $credentials = array(); // Back-compat for plugins passing an empty string. 
  4.  
  5. if ( ! empty($_POST['log']) ) 
  6. $credentials['user_login'] = $_POST['log']; 
  7. if ( ! empty($_POST['pwd']) ) 
  8. $credentials['user_password'] = $_POST['pwd']; 
  9. if ( ! empty($_POST['rememberme']) ) 
  10. $credentials['remember'] = $_POST['rememberme']; 
  11.  
  12. if ( !empty($credentials['remember']) ) 
  13. $credentials['remember'] = true; 
  14. else 
  15. $credentials['remember'] = false; 
  16.  
  17. /** 
  18. * Fires before the user is authenticated. 
  19. * The variables passed to the callbacks are passed by reference,  
  20. * and can be modified by callback functions. 
  21. * @since 1.5.1 
  22. * @todo Decide whether to deprecate the wp_authenticate action. 
  23. * @param string $user_login Username, passed by reference. 
  24. * @param string $user_password User password, passed by reference. 
  25. */ 
  26. do_action_ref_array( 'wp_authenticate', array( &$credentials['user_login'], &$credentials['user_password'] ) ); 
  27.  
  28. if ( '' === $secure_cookie ) 
  29. $secure_cookie = is_ssl(); 
  30.  
  31. /** 
  32. * Filters whether to use a secure sign-on cookie. 
  33. * @since 3.1.0 
  34. * @param bool $secure_cookie Whether to use a secure sign-on cookie. 
  35. * @param array $credentials { 
  36. * Array of entered sign-on data. 
  37. * @type string $user_login Username. 
  38. * @type string $user_password Password entered. 
  39. * @type bool $remember Whether to 'remember' the user. Increases the time 
  40. * that the cookie will be kept. Default false. 
  41. * } 
  42. */ 
  43. $secure_cookie = apply_filters( 'secure_signon_cookie', $secure_cookie, $credentials ); 
  44.  
  45. global $auth_secure_cookie; // XXX ugly hack to pass this to wp_authenticate_cookie 
  46. $auth_secure_cookie = $secure_cookie; 
  47.  
  48.  
  49. $user = wp_authenticate($credentials['user_login'], $credentials['user_password']); 
  50.  
  51. if ( is_wp_error($user) ) { 
  52. if ( $user->get_error_codes() == array('empty_username', 'empty_password') ) { 
  53. $user = new WP_Error('', ''); 
  54.  
  55. return $user; 
  56.  
  57. wp_set_auth_cookie($user->ID, $credentials['remember'], $secure_cookie); 
  58. /** 
  59. * Fires after the user has successfully logged in. 
  60. * @since 1.5.0 
  61. * @param string $user_login Username. 
  62. * @param WP_User $user WP_User object of the logged-in user. 
  63. */ 
  64. do_action( 'wp_login', $user->user_login, $user ); 
  65. return $user;