Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
07/04/2020 01:29:50 PM (4 years ago)
Author:
imath
Message:

BP Members: improve our password validation process

We're introducing a new function to validate the member's chosen password: bp_members_validate_user_password().

This function is primarly used to check the password is not empty, and to make sure the password confirmation matches the password. If it's the case, the function will return a WP_Error object with no error message. Otherwise this object will contain an error message.

Plugins can now use the bp_members_validate_user_password filter to add their own error messages according to a custom validation process. See the last unit tests of this commit for an example of use.

Props devnik, tharsheblows

Fixes #8066

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/bp-members/bp-members-functions.php

    r12665 r12679  
    17701770
    17711771/**
     1772 * Validate a user password.
     1773 *
     1774 * @since 7.0.0
     1775 *
     1776 * @param string       $pass         The password.
     1777 * @param string       $confirm_pass The confirmed password.
     1778 * @param null|WP_User $userdata     Null or the userdata object when a member updates their password from front-end.
     1779 * @return WP_Error A WP error object possibly containing error messages.
     1780 */
     1781function bp_members_validate_user_password( $pass, $confirm_pass, $userdata = null ) {
     1782    $errors = new WP_Error();
     1783
     1784    if ( ! $pass || ! $confirm_pass ) {
     1785        $errors->add( 'missing_user_password', __( 'Please make sure you enter your password twice', 'buddypress' ) );
     1786    }
     1787
     1788    if ( $pass && $confirm_pass && $pass !== $confirm_pass ) {
     1789        $errors->add( 'mismatching_user_password', __( 'The passwords you entered do not match.', 'buddypress' ) );
     1790    }
     1791
     1792    /**
     1793     * Filter here to add password validation errors.
     1794     *
     1795     * @since 7.0.0
     1796     *
     1797     * @param WP_Error     $errors       Password validation errors.
     1798     * @param string       $pass         The password.
     1799     * @param string       $confirm_pass The confirmed password.
     1800     * @param null|WP_User $userdata     Null or the userdata object when a member updates their password from front-end.
     1801     */
     1802    return apply_filters( 'bp_members_validate_user_password', $errors, $pass, $confirm_pass, $userdata );
     1803}
     1804
     1805/**
    17721806 * Validate blog URL and title provided at signup.
    17731807 *
Note: See TracChangeset for help on using the changeset viewer.