Docs For Class WP

Description

Located in /includes/class.wp-auth.php (line 2)

Variable Summary

mixed $cookies

mixed $current

mixed $db

mixed $users

Method Summary

WP_Auth __construct ( &$db, &$users, array $cookies)

WP_Auth WP_Auth ( &$db, &$users, $cookies)

void clear_auth_cookie ()

string generate_auth_cookie (int $user_id, int $expiration, [ $scheme = 'auth'])

bool|null get_current_user ()

void set_auth_cookie (int $user_id, [int $expiration = 0], [int $expire = 0], [int $scheme = 'auth'])

BP_User set_current_user ( $user_id, int $id, string $name)

bool|int validate_auth_cookie ([string $cookie = null], [ $scheme = 'auth'])

Variables

mixed $cookies (line 7)

mixed $current = 0 (line 9)

mixed $db (line 4)

mixed $users (line 5)

Methods

Constructor __construct (line 43)

link:

WP_Auth __construct ( &$db, &$users, array $cookies)

array $cookies
:
Array indexed by internal name of cookie. Values are arrays of array defining cookie parameters. $cookies = array( 'auth' => array(
1. => array( 'domain' => (string) cookie domain 'path' => (string) cookie path 'name' => (string) cookie name 'secure' => (bool) restrict cookie to HTTPS only
) ) );
At least one cookie is required. Give it an internal name of 'auth'.
Suggested cookie structure: logged_in: whether or not a user is logged in. Send everywhere. auth: used to authorize user's actions. Send only to domains/paths that need it (e.g. wp-admin/) secure_auth: used to authorize user's actions. Send only to domains/paths that need it and only over HTTPS
You should be very careful when setting cookie domain to ensure that it always follows the rules set out in the Set Cookie spec. In most cases it is best to leave cookie set to false and allow for user configuration to define a cookie domain in a configuration file when cross subdomain cookies are required.
&$db
&$users

Constructor WP_Auth (line 11)

WP_Auth WP_Auth ( &$db, &$users, $cookies)

&$db
&$users
$cookies

clear_auth_cookie (line 294)

Deletes all of the cookies associated with authentication

since: 2.5

void clear_auth_cookie ()

generate_auth_cookie (line 220)

Generate authentication cookie contents

return: Authentication cookie contents
since: 2.5
uses: apply_filters() - Calls 'auth_cookie' hook on $cookie contents, User ID and expiration of cookie.

string generate_auth_cookie (int $user_id, int $expiration, [ $scheme = 'auth'])

int $user_id: User ID
int $expiration: Cookie expiration in seconds
$scheme

get_current_user (line 118)

Populate variables with information about the currently logged in user

Will set the current user, if the current user is not set. The current user will be set to the logged in person. If no user is logged in, then it will set the current user to 0, which is invalid and won't have any permissions.

return: False on XMLRPC Request and invalid auth cookie. Null when current user set
since: 0.71
uses: wp_validate_auth_cookie() - Retrieves current logged in user.
uses: $current_user - Checks if the current user is set

bool|null get_current_user ()

set_auth_cookie (line 255)

Sets the authentication cookies based User ID

The $remember parameter increases the time that the cookie will be kept. The default the cookie is kept without remembering is two days. When $remember is set, the cookies will be kept for 14 days or two weeks.

since: 2.5

void set_auth_cookie (int $user_id, [int $expiration = 0], [int $expire = 0], [int $scheme = 'auth'])

int $user_id: User ID
int $expiration: the UNIX time after which the cookie's authentication token is no longer valid
int $expire: the UNIX time at which the cookie expires
int $scheme: name of the

set_current_user (line 77)

Changes the current user by ID or name

Set $id to null and specify a name if you do not know a user's ID

Some WordPress functionality is based on the current user and not based on the signed in user. Therefore, it opens the ability to edit and perform actions on users who aren't signed in.

return: Current user User object
since: 2.0.4
uses: do_action() - Calls 'set_current_user' hook after setting the current user.

BP_User set_current_user ( $user_id, int $id, string $name)

int $id: User ID
string $name: User's username
$user_id

validate_auth_cookie (line 149)

Validates authentication cookie

The checks include making sure that the authentication cookie is set and pulling in the contents (if $cookie is not used).

Makes sure the cookie is not expired. Verifies the hash in cookie is what is should be and compares the two.

return: False if invalid cookie, User ID if valid.
since: 2.5

bool|int validate_auth_cookie ([string $cookie = null], [ $scheme = 'auth'])

string $cookie: Optional. If used, will validate contents instead of cookie's
$scheme

Class WP_Auth