Current Dir: /home/webdevt/www/demo3/wp-includes/
[DIR] abilities-api [ delete | rename ]
[DIR] assets [ delete | rename ]
[DIR] block-bindings [ delete | rename ]
[DIR] block-patterns [ delete | rename ]
[DIR] block-supports [ delete | rename ]
[DIR] blocks [ delete | rename ]
[DIR] certificates [ delete | rename ]
[DIR] css [ delete | rename ]
[DIR] customize [ delete | rename ]
[DIR] fonts [ delete | rename ]
[DIR] html-api [ delete | rename ]
[DIR] ID3 [ delete | rename ]
[DIR] images [ delete | rename ]
[DIR] interactivity-api [ delete | rename ]
[DIR] IXR [ delete | rename ]
[DIR] js [ delete | rename ]
[DIR] l10n [ delete | rename ]
[DIR] php-compat [ delete | rename ]
[DIR] PHPMailer [ delete | rename ]
[DIR] pomo [ delete | rename ]
[DIR] Requests [ delete | rename ]
[DIR] rest-api [ delete | rename ]
[DIR] SimplePie [ delete | rename ]
[DIR] sitemaps [ delete | rename ]
[DIR] sodium_compat [ delete | rename ]
[DIR] style-engine [ delete | rename ]
[DIR] Text [ delete | rename ]
[DIR] theme-compat [ delete | rename ]
[DIR] widgets [ delete | rename ]
[FILE] abilities.php [ edit | delete | rename ]
[FILE] atomlib.php [ edit | delete | rename ]
[FILE] author-template.php [ edit | delete | rename ]
[FILE] block-bindings.php [ edit | delete | rename ]
[FILE] block-i18n.json [ edit | delete | rename ]
[FILE] block-patterns.php [ edit | delete | rename ]
[FILE] block-template.php [ edit | delete | rename ]
[FILE] blocks.php [ edit | delete | rename ]
[FILE] bookmark-template.php [ edit | delete | rename ]
[FILE] cache-compat.php [ edit | delete | rename ]
[FILE] cache.php [ edit | delete | rename ]
[FILE] canonical.php [ edit | delete | rename ]
[FILE] capabilities.php [ edit | delete | rename ]
[FILE] category-template.php [ edit | delete | rename ]
[FILE] category.php [ edit | delete | rename ]
[FILE] class-avif-info.php [ edit | delete | rename ]
[FILE] class-feed.php [ edit | delete | rename ]
[FILE] class-http.php [ edit | delete | rename ]
[FILE] class-IXR.php [ edit | delete | rename ]
[FILE] class-phpass.php [ edit | delete | rename ]
[FILE] class-phpmailer.php [ edit | delete | rename ]
[FILE] class-pop3.php [ edit | delete | rename ]
[FILE] class-requests.php [ edit | delete | rename ]
[FILE] class-simplepie.php [ edit | delete | rename ]
[FILE] class-smtp.php [ edit | delete | rename ]
[FILE] class-snoopy.php [ edit | delete | rename ]
[FILE] class-walker-category-dropdown.php [ edit | delete | rename ]
[FILE] class-walker-category.php [ edit | delete | rename ]
[FILE] class-walker-nav-menu.php [ edit | delete | rename ]
[FILE] class-walker-page-dropdown.php [ edit | delete | rename ]
[FILE] class-walker-page.php [ edit | delete | rename ]
[FILE] class-wp-admin-bar.php [ edit | delete | rename ]
[FILE] class-wp-ajax-response.php [ edit | delete | rename ]
[FILE] class-wp-application-passwords.php [ edit | delete | rename ]
[FILE] class-wp-block-bindings-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-editor-context.php [ edit | delete | rename ]
[FILE] class-wp-block-list.php [ edit | delete | rename ]
[FILE] class-wp-block-metadata-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-pattern-categories-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-patterns-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-processor.php [ edit | delete | rename ]
[FILE] class-wp-block-styles-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-supports.php [ edit | delete | rename ]
[FILE] class-wp-block-template.php [ edit | delete | rename ]
[FILE] class-wp-block-templates-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-type-registry.php [ edit | delete | rename ]
[FILE] class-wp-block-type.php [ edit | delete | rename ]
[FILE] class-wp-classic-to-block-menu-converter.php [ edit | delete | rename ]
[FILE] class-wp-comment-query.php [ edit | delete | rename ]
[FILE] class-wp-customize-control.php [ edit | delete | rename ]
[FILE] class-wp-customize-manager.php [ edit | delete | rename ]
[FILE] class-wp-customize-nav-menus.php [ edit | delete | rename ]
[FILE] class-wp-customize-panel.php [ edit | delete | rename ]
[FILE] class-wp-customize-setting.php [ edit | delete | rename ]
[FILE] class-wp-customize-widgets.php [ edit | delete | rename ]
[FILE] class-wp-date-query.php [ edit | delete | rename ]
[FILE] class-wp-dependencies.php [ edit | delete | rename ]
[FILE] class-wp-duotone.php [ edit | delete | rename ]
[FILE] class-wp-error.php [ edit | delete | rename ]
[FILE] class-wp-exception.php [ edit | delete | rename ]
[FILE] class-wp-feed-cache-transient.php [ edit | delete | rename ]
[FILE] class-wp-feed-cache.php [ edit | delete | rename ]
[FILE] class-wp-hook.php [ edit | delete | rename ]
[FILE] class-wp-http-curl.php [ edit | delete | rename ]
[FILE] class-wp-http-encoding.php [ edit | delete | rename ]
[FILE] class-wp-http-ixr-client.php [ edit | delete | rename ]
[FILE] class-wp-http-proxy.php [ edit | delete | rename ]
[FILE] class-wp-http-requests-hooks.php [ edit | delete | rename ]
[FILE] class-wp-http-requests-response.php [ edit | delete | rename ]
[FILE] class-wp-http-response.php [ edit | delete | rename ]
[FILE] class-wp-http-streams.php [ edit | delete | rename ]
[FILE] class-wp-http.php [ edit | delete | rename ]
[FILE] class-wp-image-editor-gd.php [ edit | delete | rename ]
[FILE] class-wp-image-editor-imagick.php [ edit | delete | rename ]
[FILE] class-wp-image-editor.php [ edit | delete | rename ]
[FILE] class-wp-list-util.php [ edit | delete | rename ]
[FILE] class-wp-locale-switcher.php [ edit | delete | rename ]
[FILE] class-wp-locale.php [ edit | delete | rename ]
[FILE] class-wp-matchesmapregex.php [ edit | delete | rename ]
[FILE] class-wp-meta-query.php [ edit | delete | rename ]
[FILE] class-wp-metadata-lazyloader.php [ edit | delete | rename ]
[FILE] class-wp-network-query.php [ edit | delete | rename ]
[FILE] class-wp-network.php [ edit | delete | rename ]
[FILE] class-wp-oembed-controller.php [ edit | delete | rename ]
[FILE] class-wp-paused-extensions-storage.php [ edit | delete | rename ]
[FILE] class-wp-phpmailer.php [ edit | delete | rename ]
[FILE] class-wp-plugin-dependencies.php [ edit | delete | rename ]
[FILE] class-wp-post-type.php [ edit | delete | rename ]
[FILE] class-wp-query.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-cookie-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-email-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-key-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode-link-service.php [ edit | delete | rename ]
[FILE] class-wp-recovery-mode.php [ edit | delete | rename ]
[FILE] class-wp-rewrite.php [ edit | delete | rename ]
[FILE] class-wp-role.php [ edit | delete | rename ]
[FILE] class-wp-roles.php [ edit | delete | rename ]
[FILE] class-wp-script-modules.php [ edit | delete | rename ]
[FILE] class-wp-scripts.php [ edit | delete | rename ]
[FILE] class-wp-simplepie-file.php [ edit | delete | rename ]
[FILE] class-wp-simplepie-sanitize-kses.php [ edit | delete | rename ]
[FILE] class-wp-site-query.php [ edit | delete | rename ]
[FILE] class-wp-site.php [ edit | delete | rename ]
[FILE] class-wp-styles.php [ edit | delete | rename ]
[FILE] class-wp-tax-query.php [ edit | delete | rename ]
[FILE] class-wp-taxonomy.php [ edit | delete | rename ]
[FILE] class-wp-term-query.php [ edit | delete | rename ]
[FILE] class-wp-term.php [ edit | delete | rename ]
[FILE] class-wp-text-diff-renderer-table.php [ edit | delete | rename ]
[FILE] class-wp-textdomain-registry.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-data.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-resolver.php [ edit | delete | rename ]
[FILE] class-wp-theme-json-schema.php [ edit | delete | rename ]
[FILE] class-wp-theme.php [ edit | delete | rename ]
[FILE] class-wp-url-pattern-prefixer.php [ edit | delete | rename ]
[FILE] class-wp-user-meta-session-tokens.php [ edit | delete | rename ]
[FILE] class-wp-user-query.php [ edit | delete | rename ]
[FILE] class-wp-walker.php [ edit | delete | rename ]
[FILE] class-wp-widget-factory.php [ edit | delete | rename ]
[FILE] class-wp-widget.php [ edit | delete | rename ]
[FILE] class-wp.php [ edit | delete | rename ]
[FILE] class.wp-dependencies.php [ edit | delete | rename ]
[FILE] class.wp-scripts.php [ edit | delete | rename ]
[FILE] class.wp-styles.php [ edit | delete | rename ]
[FILE] comment-template.php [ edit | delete | rename ]
[FILE] compat-utf8.php [ edit | delete | rename ]
[FILE] compat.php [ edit | delete | rename ]
[FILE] default-constants.php [ edit | delete | rename ]
[FILE] default-filters.php [ edit | delete | rename ]
[FILE] default-widgets.php [ edit | delete | rename ]
[FILE] deprecated.php [ edit | delete | rename ]
[FILE] embed-template.php [ edit | delete | rename ]
[FILE] embed.php [ edit | delete | rename ]
[FILE] error-protection.php [ edit | delete | rename ]
[FILE] feed-atom-comments.php [ edit | delete | rename ]
[FILE] feed-atom.php [ edit | delete | rename ]
[FILE] feed-rdf.php [ edit | delete | rename ]
[FILE] feed-rss.php [ edit | delete | rename ]
[FILE] feed-rss2-comments.php [ edit | delete | rename ]
[FILE] feed-rss2.php [ edit | delete | rename ]
[FILE] feed.php [ edit | delete | rename ]
[FILE] fonts.php [ edit | delete | rename ]
[FILE] formatting.php [ edit | delete | rename ]
[FILE] functions.php [ edit | delete | rename ]
[FILE] functions.wp-scripts.php [ edit | delete | rename ]
[FILE] functions.wp-styles.php [ edit | delete | rename ]
[FILE] global-styles-and-settings.php [ edit | delete | rename ]
[FILE] http.php [ edit | delete | rename ]
[FILE] https-detection.php [ edit | delete | rename ]
[FILE] https-migration.php [ edit | delete | rename ]
[FILE] kses.php [ edit | delete | rename ]
[FILE] l10n.php [ edit | delete | rename ]
[FILE] link-template.php [ edit | delete | rename ]
[FILE] load.php [ edit | delete | rename ]
[FILE] media-template.php [ edit | delete | rename ]
[FILE] media.php [ edit | delete | rename ]
[FILE] meta.php [ edit | delete | rename ]
[FILE] ms-blogs.php [ edit | delete | rename ]
[FILE] ms-default-constants.php [ edit | delete | rename ]
[FILE] ms-default-filters.php [ edit | delete | rename ]
[FILE] ms-deprecated.php [ edit | delete | rename ]
[FILE] ms-files.php [ edit | delete | rename ]
[FILE] ms-functions.php [ edit | delete | rename ]
[FILE] ms-load.php [ edit | delete | rename ]
[FILE] ms-network.php [ edit | delete | rename ]
[FILE] ms-settings.php [ edit | delete | rename ]
[FILE] ms-site.php [ edit | delete | rename ]
[FILE] nav-menu-template.php [ edit | delete | rename ]
[FILE] nav-menu.php [ edit | delete | rename ]
[FILE] option.php [ edit | delete | rename ]
[FILE] pluggable-deprecated.php [ edit | delete | rename ]
[FILE] pluggable.php [ edit | delete | rename ]
[FILE] plugin.php [ edit | delete | rename ]
[FILE] post-template.php [ edit | delete | rename ]
[FILE] post-thumbnail-template.php [ edit | delete | rename ]
[FILE] post.php [ edit | delete | rename ]
[FILE] query.php [ edit | delete | rename ]
[FILE] registration-functions.php [ edit | delete | rename ]
[FILE] registration.php [ edit | delete | rename ]
[FILE] revision.php [ edit | delete | rename ]
[FILE] rewrite.php [ edit | delete | rename ]
[FILE] robots-template.php [ edit | delete | rename ]
[FILE] rss-functions.php [ edit | delete | rename ]
[FILE] rss.php [ edit | delete | rename ]
[FILE] script-loader.php [ edit | delete | rename ]
[FILE] script-modules.php [ edit | delete | rename ]
[FILE] sitemaps.php [ edit | delete | rename ]
[FILE] speculative-loading.php [ edit | delete | rename ]
[FILE] spl-autoload-compat.php [ edit | delete | rename ]
[FILE] style-engine.php [ edit | delete | rename ]
[FILE] taxonomy.php [ edit | delete | rename ]
[FILE] template-canvas.php [ edit | delete | rename ]
[FILE] template.php [ edit | delete | rename ]
[FILE] theme-i18n.json [ edit | delete | rename ]
[FILE] theme-templates.php [ edit | delete | rename ]
[FILE] theme.json [ edit | delete | rename ]
[FILE] update.php [ edit | delete | rename ]
[FILE] user.php [ edit | delete | rename ]
[FILE] utf8.php [ edit | delete | rename ]
[FILE] vars.php [ edit | delete | rename ]
[FILE] version.php [ edit | delete | rename ]
[FILE] wp-db.php [ edit | delete | rename ]
[FILE] wp-diff.php [ edit | delete | rename ]
Viewing: /home/webdevt/www/demo3/wp-includes/class-wp-application-passwords.php
<?php
/**
* WP_Application_Passwords class
*
* @package WordPress
* @since 5.6.0
*/
/**
* Class for displaying, modifying, and sanitizing application passwords.
*
* @package WordPress
*/
#[AllowDynamicProperties]
class WP_Application_Passwords {
/**
* The application passwords user meta key.
*
* @since 5.6.0
*
* @var string
*/
const USERMETA_KEY_APPLICATION_PASSWORDS = '_application_passwords';
/**
* The option name used to store whether application passwords are in use.
*
* @since 5.6.0
*
* @var string
*/
const OPTION_KEY_IN_USE = 'using_application_passwords';
/**
* The generated application password length.
*
* @since 5.6.0
*
* @var int
*/
const PW_LENGTH = 24;
/**
* Checks if application passwords are being used by the site.
*
* This returns true if at least one application password has ever been created.
*
* @since 5.6.0
*
* @return bool
*/
public static function is_in_use() {
$network_id = get_main_network_id();
return (bool) get_network_option( $network_id, self::OPTION_KEY_IN_USE );
}
/**
* Creates a new application password.
*
* @since 5.6.0
* @since 5.7.0 Returns WP_Error if application name already exists.
* @since 6.8.0 The hashed password value now uses wp_fast_hash() instead of phpass.
*
* @param int $user_id User ID.
* @param array $args {
* Arguments used to create the application password.
*
* @type string $name The name of the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* }
* @return array|WP_Error {
* Application password details, or a WP_Error instance if an error occurs.
*
* @type string $0 The generated application password in plain text.
* @type array $1 {
* The details about the created password.
*
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type null $last_used Null.
* @type null $last_ip Null.
* }
* }
*/
public static function create_new_application_password( $user_id, $args = array() ) {
if ( ! empty( $args['name'] ) ) {
$args['name'] = sanitize_text_field( $args['name'] );
}
if ( empty( $args['name'] ) ) {
return new WP_Error( 'application_password_empty_name', __( 'An application name is required to create an application password.' ), array( 'status' => 400 ) );
}
$new_password = wp_generate_password( static::PW_LENGTH, false );
$hashed_password = self::hash_password( $new_password );
$new_item = array(
'uuid' => wp_generate_uuid4(),
'app_id' => empty( $args['app_id'] ) ? '' : $args['app_id'],
'name' => $args['name'],
'password' => $hashed_password,
'created' => time(),
'last_used' => null,
'last_ip' => null,
);
$passwords = static::get_user_application_passwords( $user_id );
$passwords[] = $new_item;
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not save application password.' ) );
}
$network_id = get_main_network_id();
if ( ! get_network_option( $network_id, self::OPTION_KEY_IN_USE ) ) {
update_network_option( $network_id, self::OPTION_KEY_IN_USE, true );
}
/**
* Fires when an application password is created.
*
* @since 5.6.0
* @since 6.8.0 The hashed password value now uses wp_fast_hash() instead of phpass.
*
* @param int $user_id The user ID.
* @param array $new_item {
* The details about the created password.
*
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type null $last_used Null.
* @type null $last_ip Null.
* }
* @param string $new_password The generated application password in plain text.
* @param array $args {
* Arguments used to create the application password.
*
* @type string $name The name of the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* }
*/
do_action( 'wp_create_application_password', $user_id, $new_item, $new_password, $args );
return array( $new_password, $new_item );
}
/**
* Gets a user's application passwords.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @return array {
* The list of application passwords.
*
* @type array ...$0 {
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type int|null $last_used The Unix timestamp of the GMT date the application password was last used.
* @type string|null $last_ip The IP address the application password was last used by.
* }
* }
*/
public static function get_user_application_passwords( $user_id ) {
$passwords = get_user_meta( $user_id, static::USERMETA_KEY_APPLICATION_PASSWORDS, true );
if ( ! is_array( $passwords ) ) {
return array();
}
$save = false;
foreach ( $passwords as $i => $password ) {
if ( ! isset( $password['uuid'] ) ) {
$passwords[ $i ]['uuid'] = wp_generate_uuid4();
$save = true;
}
}
if ( $save ) {
static::set_user_application_passwords( $user_id, $passwords );
}
return $passwords;
}
/**
* Gets a user's application password with the given UUID.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @return array|null {
* The application password if found, null otherwise.
*
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type int|null $last_used The Unix timestamp of the GMT date the application password was last used.
* @type string|null $last_ip The IP address the application password was last used by.
* }
*/
public static function get_user_application_password( $user_id, $uuid ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as $password ) {
if ( $password['uuid'] === $uuid ) {
return $password;
}
}
return null;
}
/**
* Checks if an application password with the given name exists for this user.
*
* @since 5.7.0
*
* @param int $user_id User ID.
* @param string $name Application name.
* @return bool Whether the provided application name exists.
*/
public static function application_name_exists_for_user( $user_id, $name ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as $password ) {
if ( strtolower( $password['name'] ) === strtolower( $name ) ) {
return true;
}
}
return false;
}
/**
* Updates an application password.
*
* @since 5.6.0
* @since 6.8.0 The actual password should now be hashed using wp_fast_hash().
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @param array $update {
* Information about the application password to update.
*
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type int|null $last_used The Unix timestamp of the GMT date the application password was last used.
* @type string|null $last_ip The IP address the application password was last used by.
* }
* @return true|WP_Error True if successful, otherwise a WP_Error instance is returned on error.
*/
public static function update_application_password( $user_id, $uuid, $update = array() ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as &$item ) {
if ( $item['uuid'] !== $uuid ) {
continue;
}
if ( ! empty( $update['name'] ) ) {
$update['name'] = sanitize_text_field( $update['name'] );
}
$save = false;
if ( ! empty( $update['name'] ) && $item['name'] !== $update['name'] ) {
$item['name'] = $update['name'];
$save = true;
}
if ( $save ) {
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not save application password.' ) );
}
}
/**
* Fires when an application password is updated.
*
* @since 5.6.0
* @since 6.8.0 The password is now hashed using wp_fast_hash() instead of phpass.
* Existing passwords may still be hashed using phpass.
*
* @param int $user_id The user ID.
* @param array $item {
* The updated application password details.
*
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type int|null $last_used The Unix timestamp of the GMT date the application password was last used.
* @type string|null $last_ip The IP address the application password was last used by.
* }
* @param array $update The information to update.
*/
do_action( 'wp_update_application_password', $user_id, $item, $update );
return true;
}
return new WP_Error( 'application_password_not_found', __( 'Could not find an application password with that id.' ) );
}
/**
* Records that an application password has been used.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @return true|WP_Error True if the usage was recorded, a WP_Error if an error occurs.
*/
public static function record_application_password_usage( $user_id, $uuid ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as &$password ) {
if ( $password['uuid'] !== $uuid ) {
continue;
}
// Only record activity once a day.
if ( $password['last_used'] + DAY_IN_SECONDS > time() ) {
return true;
}
$password['last_used'] = time();
$password['last_ip'] = $_SERVER['REMOTE_ADDR'];
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not save application password.' ) );
}
return true;
}
// Specified application password not found!
return new WP_Error( 'application_password_not_found', __( 'Could not find an application password with that id.' ) );
}
/**
* Deletes an application password.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param string $uuid The password's UUID.
* @return true|WP_Error Whether the password was successfully found and deleted, a WP_Error otherwise.
*/
public static function delete_application_password( $user_id, $uuid ) {
$passwords = static::get_user_application_passwords( $user_id );
foreach ( $passwords as $key => $item ) {
if ( $item['uuid'] === $uuid ) {
unset( $passwords[ $key ] );
$saved = static::set_user_application_passwords( $user_id, $passwords );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not delete application password.' ) );
}
/**
* Fires when an application password is deleted.
*
* @since 5.6.0
*
* @param int $user_id The user ID.
* @param array $item The data about the application password.
*/
do_action( 'wp_delete_application_password', $user_id, $item );
return true;
}
}
return new WP_Error( 'application_password_not_found', __( 'Could not find an application password with that id.' ) );
}
/**
* Deletes all application passwords for the given user.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @return int|WP_Error The number of passwords that were deleted or a WP_Error on failure.
*/
public static function delete_all_application_passwords( $user_id ) {
$passwords = static::get_user_application_passwords( $user_id );
if ( $passwords ) {
$saved = static::set_user_application_passwords( $user_id, array() );
if ( ! $saved ) {
return new WP_Error( 'db_error', __( 'Could not delete application passwords.' ) );
}
foreach ( $passwords as $item ) {
/** This action is documented in wp-includes/class-wp-application-passwords.php */
do_action( 'wp_delete_application_password', $user_id, $item );
}
return count( $passwords );
}
return 0;
}
/**
* Sets a user's application passwords.
*
* @since 5.6.0
*
* @param int $user_id User ID.
* @param array $passwords {
* The list of application passwords.
*
* @type array ...$0 {
* @type string $uuid The unique identifier for the application password.
* @type string $app_id A UUID provided by the application to uniquely identify it.
* @type string $name The name of the application password.
* @type string $password A one-way hash of the password.
* @type int $created Unix timestamp of when the password was created.
* @type int|null $last_used The Unix timestamp of the GMT date the application password was last used.
* @type string|null $last_ip The IP address the application password was last used by.
* }
* }
* @return int|bool User meta ID if the key didn't exist (ie. this is the first time that an application password
* has been saved for the user), true on successful update, false on failure or if the value passed
* is the same as the one that is already in the database.
*/
protected static function set_user_application_passwords( $user_id, $passwords ) {
return update_user_meta( $user_id, static::USERMETA_KEY_APPLICATION_PASSWORDS, $passwords );
}
/**
* Sanitizes and then splits a password into smaller chunks.
*
* @since 5.6.0
*
* @param string $raw_password The raw application password.
* @return string The chunked password.
*/
public static function chunk_password(
#[\SensitiveParameter]
$raw_password
) {
$raw_password = preg_replace( '/[^a-z\d]/i', '', $raw_password );
return trim( chunk_split( $raw_password, 4, ' ' ) );
}
/**
* Hashes a plaintext application password.
*
* @since 6.8.0
*
* @param string $password Plaintext password.
* @return string Hashed password.
*/
public static function hash_password(
#[\SensitiveParameter]
string $password
): string {
return wp_fast_hash( $password );
}
/**
* Checks a plaintext application password against a hashed password.
*
* @since 6.8.0
*
* @param string $password Plaintext password.
* @param string $hash Hash of the password to check against.
* @return bool Whether the password matches the hashed password.
*/
public static function check_password(
#[\SensitiveParameter]
string $password,
string $hash
): bool {
if ( ! str_starts_with( $hash, '$generic$' ) ) {
/*
* If the hash doesn't start with `$generic$`, it is a hash created with `wp_hash_password()`.
* This is the case for application passwords created before 6.8.0.
*/
return wp_check_password( $password, $hash );
}
return wp_verify_fast_hash( $password, $hash );
}
}