check_passwords
check_passwords is an action run in many places in the WP admin. One parameter is passed: an array of the following:
- a login name
- a password (as a reference)
- the password, again (as a reference)
This can be used to ensure password complexity, for example. WordPress will automatically tell them if the password they entered twice is not the same.
Context:
File: wp-admin/users.php
/* checking that username has been typed */
if ($user_login == '')
die (__('<strong>ERROR</strong>: Please enter a username.'));
/* checking the password has been typed twice */
do_action('check_passwords', array($user_login, &$pass1, &$pass2));
if ($pass1 == '' || $pass2 == '')
die (__('<strong>ERROR</strong>: Please enter your password twice.'));
/* checking the password has been typed twice the same */
if ($pass1 != $pass2)
die (__('<strong>ERROR</strong>: Please type the same password in the two password fields.'));
Context:
File: wp-admin/user-edit.php
$new_user_login = wp_specialchars($_POST['new_user_login']);
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
do_action('check_passwords', array($new_user_login, &$pass1, &$pass2));
if ( '' == $pass1 ) {
if ( '' != $pass2 )
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
$updatepassword = '';
} else {
if ( '' == $pass2)
die (__("<strong>ERROR</strong>: you typed your new password only once. Go back to type it twice."));
if ( $pass1 != $pass2 )
die (__("<strong>ERROR</strong>: you typed two different passwords. Go back to correct that."));
And so forth, also in wp-admin/profile.php
This hook is an action which means that it primarily acts as an event trigger, instead of a content filter. This is a semantic difference, but it will help you to remember what this hook does if you use it like this: add_action('check_passwords', 'your_function');