使用普通密码检查WordPress哈希密码 [英] Check WordPress hashed password with plain password

问题描述

我正在构建一个外部应用程序，将从WordPress站点数据库表用户"中获取用户登录凭据

I am building a external application for which user login credentials will be taken from WordPress site database table 'users'

WordPress使用PHPass散列，由于数据库表'users'中的密码被散列，我无法验证外部应用程序的用户名和密码

WordPress uses PHPass hashing , I am unable to validate username and password for my external application as the password in database table 'users' is hashed

我正在尝试使用wp_check_password函数使用散列密码检查普通密码，但是我失败了，此代码没有回写

I am trying to check plain password with hashed password using wp_check_password function but I am failing, nothing is written back with this code

<?php

$password = '965521425';
$hash = '$P$9jWFhEPMfI.KPByiNO9IyUzSTG7EZK0';

require_once('/home/nhtsoft/public_html/project/wp-includes/class-phpass.php');

function wp_check_password($password, $hash) {
    global $wp_hasher;

    if ( empty($wp_hasher) ) {
        $wp_hasher = new PasswordHash(8, true);
    }
    $check = $wp_hasher->CheckPassword($password, $hash);
    return apply_filters('check_password', $check, $password, $hash);
}    
?>

这段代码给了我一个空白页面.

this code is giving me an empty page.

如何检查此密码，以便我可以将这些WordPress凭据用于外部应用程序登录?

How to check this password so that I can use these WordPress credentials for external app login?

推荐答案

您传递了错误的哈希值，965521425的哈希值是$ P $ BmI5G.LOoEx1iH.naNqVhWnSh5sMp31，您只需要在文件中写入以下代码即可:

you have passed wrong hash value , hash value for 965521425 is $P$BmI5G.LOoEx1iH.naNqVhWnSh5sMp31 and you just need to write below code into your file:

require_once($_SERVER['DOCUMENT_ROOT']."/wp-load.php");
 $password = '965521425';
 $hash = '$P$BmI5G.LOoEx1iH.naNqVhWnSh5sMp31';
 var_dump(wp_check_password($password, $hash));

exit;

这篇关于使用普通密码检查WordPress哈希密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！