I am working on an application wnere I need to check for authenticity of user according to his wordpress userid/password. Trouble is, I don’t know how to check whether a password is correct or not.
I read at WordPress MD5 Password that after wordpress 2.5 phpass http://www.openwall.com/phpass/ was being used for wordpress passwords instead of MD5.
Question is, If I have
- Username Password in plain text
- wordpress Authentication Unique Keys and Salts from wp-config.php
- Database access
then How can:
1. I check whether user-name/password combination is correct.
-
Change password for user
-
Implement forgot password implementation
WordPress version 3.0.4, Networked blogs being used with around 20 sites.
I know I should be doing it with native wordpress functions, but in this case it is not an option due to nature of the WordPress settings.
I’ve spent over a week on this and still clueless! help would be appreciated.
If they implemented phpass without trying to ‘improve’ the library, you should be able to just use the phpass library to authenticate the users.
http://www.openwall.com/phpass/