PasswordHash example

        login_footer();
        break;

    case 'postpass':
        if ( ! array_key_exists( 'post_password', $_POST ) ) {
            wp_safe_redirect( wp_get_referer() );
            exit;
        }

        require_once ABSPATH . WPINC . '/class-phpass.php';
        $hasher = new PasswordHash( 8, true );

        /** * Filters the life span of the post password cookie. * * By default, the cookie expires 10 days from creation. To turn this * into a session cookie, return 0. * * @since 3.7.0 * * @param int $expires The expiry time, as passed to setcookie(). */
        

    public function generate_and_store_recovery_mode_key( $token ) {

        global $wp_hasher;

        $key = wp_generate_password( 22, false );

        if ( empty( $wp_hasher ) ) {
            require_once ABSPATH . WPINC . '/class-phpass.php';
            $wp_hasher = new PasswordHash( 8, true );
        }

        $hashed = $wp_hasher->HashPassword( $key );

        $records = $this->get_keys();

        $records[ $token ] = array(
            'hashed_key' => $hashed,
            'created_at' => time(),
        );

        

if ( empty( $post->post_password ) ) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters( 'post_password_required', false, $post );
    }

    if ( ! isset( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] ) ) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters( 'post_password_required', true, $post );
    }

    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash( 8, true );

    $hash = wp_unslash( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] );
    if ( ! str_starts_with( $hash, '$P$B' ) ) {
        $required = true;
    } else {
        $required = ! $hasher->CheckPassword( $post->post_password, $hash );
    }

    /** * Filters whether a post requires the user to supply a password. * * @since 4.7.0 * * @param bool $required Whether the user needs to supply a password. True if password has not been * provided or is incorrect, false if password has been supplied or is not required. * @param WP_Post $post Post object. */

    function wp_hash_password( $password ) {
        global $wp_hasher;

        if ( empty( $wp_hasher ) ) {
            require_once ABSPATH . WPINC . '/class-phpass.php';
            // By default, use the portable hash from phpass.             $wp_hasher = new PasswordHash( 8, true );
        }

        return $wp_hasher->HashPassword( trim( $password ) );
    }
endif;

if ( ! function_exists( 'wp_check_password' ) ) :
    /** * Checks the plaintext password against the encrypted Password. * * Maintains compatibility between old version and the new cookie authentication * protocol using PHPass library. The $hash parameter is the encrypted password * and the function compares the plain text password when encrypted similarly * against the already encrypted password to see if they match. * * For integration with other applications, this function can be overwritten to * instead use the other package password checking algorithm. * * @since 2.5.0 * * @global PasswordHash $wp_hasher PHPass object used for checking the password * against the $hash + $password. * @uses PasswordHash::CheckPassword * * @param string $password Plaintext user's password. * @param string $hash Hash of the user's password to check against. * @param string|int $user_id Optional. User ID. * @return bool False, if the $password does not match the hashed password. */

    do_action( 'retrieve_password_key', $user->user_login, $key );

    // Now insert the key, hashed, into the DB.     if ( empty( $wp_hasher ) ) {
        require_once ABSPATH . WPINC . '/class-phpass.php';
        $wp_hasher = new PasswordHash( 8, true );
    }

    $hashed = time() . ':' . $wp_hasher->HashPassword( $key );

    $key_saved = wp_update_user(
        array(
            'ID'                  => $user->ID,
            'user_activation_key' => $hashed,
        )
    );