wp_generate_password example


    do_action( 'retrieve_password', $user->user_login );

    $password_reset_allowed = wp_is_password_reset_allowed_for_user( $user );
    if ( ! $password_reset_allowed ) {
        return new WP_Error( 'no_password_reset', __( 'Password reset is not allowed for this user' ) );
    } elseif ( is_wp_error( $password_reset_allowed ) ) {
        return $password_reset_allowed;
    }

    // Generate something random for a password reset key.     $key = wp_generate_password( 20, false );

    /** * Fires when a password reset key is generated. * * @since 2.5.0 * * @param string $user_login The username for the user. * @param string $key The generated password reset key. */
    do_action( 'retrieve_password_key', $user->user_login, $key );

    


    wp_send_json_success( wp_prepare_attachment_for_js( $attachment_id ) );
}

/** * Handles generating a password via AJAX. * * @since 4.4.0 */
function wp_ajax_generate_password() {
    wp_send_json_success( wp_generate_password( 24 ) );
}

/** * Handles generating a password in the no-privilege context via AJAX. * * @since 5.7.0 */
function wp_ajax_nopriv_generate_password() {
    wp_send_json_success( wp_generate_password( 24 ) );
}



    if ( $signup->active ) {
        if ( empty( $signup->domain ) ) {
            return new WP_Error( 'already_active', __( 'The user is already active.' )$signup );
        } else {
            return new WP_Error( 'already_active', __( 'The site is already active.' )$signup );
        }
    }

    $meta     = maybe_unserialize( $signup->meta );
    $password = wp_generate_password( 12, false );

    $user_id = username_exists( $signup->user_login );

    if ( ! $user_id ) {
        $user_id = wpmu_create_user( $signup->user_login, $password$signup->user_email );
    } else {
        $user_already_exists = true;
    }

    if ( ! $user_id ) {
        return new WP_Error( 'create_user', __( 'Could not create user' )$signup );
    }
$title       = __( 'Delete Site' );
$parent_file = 'tools.php';

require_once ABSPATH . 'wp-admin/admin-header.php';

echo '<div class="wrap">';
echo '<h1>' . esc_html( $title ) . '</h1>';

if ( isset( $_POST['action'] ) && 'deleteblog' === $_POST['action'] && isset( $_POST['confirmdelete'] ) && '1' === $_POST['confirmdelete'] ) {
    check_admin_referer( 'delete-blog' );

    $hash = wp_generate_password( 20, false );
    update_option( 'delete_blog_hash', $hash );

    $url_delete = esc_url( admin_url( 'ms-delete-site.php?h=' . $hash ) );

    $switched_locale = switch_to_locale( get_locale() );

    /* translators: Do not translate USERNAME, URL_DELETE, SITENAME, SITEURL: those are placeholders. */
    $content = __(
        "Howdy ###USERNAME###, You recently clicked the 'Delete Site' link on your site and filled in a form on that page. If you really want to delete your site, click the link below. You will not be asked to confirm again so only click this link if you are absolutely certain: ###URL_DELETE### If you delete your site, please consider opening a new site here some time in the future! (But remember that your current site and username are gone forever.) Thank you for using the site, All at ###SITENAME### ###SITEURL###"
$values['salt'] = SECRET_SALT;
        }

        if ( in_array( $scheme, array( 'auth', 'secure_auth', 'logged_in', 'nonce' ), true ) ) {
            foreach ( array( 'key', 'salt' ) as $type ) {
                $const = strtoupper( "{$scheme}_{$type});
                if ( defined( $const ) && constant( $const ) && empty( $duplicated_keys[ constant( $const ) ] ) ) {
                    $values[ $type ] = constant( $const );
                } elseif ( ! $values[ $type ] ) {
                    $values[ $type ] = get_site_option( "{$scheme}_{$type});
                    if ( ! $values[ $type ] ) {
                        $values[ $type ] = wp_generate_password( 64, true, true );
                        update_site_option( "{$scheme}_{$type}", $values[ $type ] );
                    }
                }
            }
        } else {
            if ( ! $values['key'] ) {
                $values['key'] = get_site_option( 'secret_key' );
                if ( ! $values['key'] ) {
                    $values['key'] = wp_generate_password( 64, true, true );
                    update_site_option( 'secret_key', $values['key'] );
                }
            }
<?php _e( 'Account Management' ); ?></h2> <table class="form-table" role="presentation"> <tr id="password" class="user-pass1-wrap"> <th><label for="pass1"><?php _e( 'New Password' ); ?></label></th> <td> <input type="hidden" value=" " /><!-- #24364 workaround --> <button type="button" class="button wp-generate-pw hide-if-no-js" aria-expanded="false"><?php _e( 'Set New Password' ); ?></button> <div class="wp-pwd hide-if-js"> <div class="password-input-wrapper"> <input type="password" name="pass1" id="pass1" class="regular-text" value="" autocomplete="new-password" spellcheck="false" data-pw="<?php echo esc_attr( wp_generate_password( 24 ) ); ?>" aria-describedby="pass-strength-result" /> <div style="display:none" id="pass-strength-result" aria-live="polite"></div> </div> <button type="button" class="button wp-hide-pw hide-if-no-js" data-toggle="0" aria-label="<?php esc_attr_e( 'Hide password' ); ?>"> <span class="dashicons dashicons-hidden" aria-hidden="true"></span> <span class="text"><?php _e( 'Hide' ); ?></span> </button> <button type="button" class="button wp-cancel-pw hide-if-no-js" data-toggle="0" aria-label="<?php esc_attr_e( 'Cancel password change' ); ?>"> <span class="dashicons dashicons-no" aria-hidden="true"></span> <span class="text"><?php _e( 'Cancel' ); ?></span> </button> </div> </td> </tr> <tr class="user-pass2-wrap hide-if-js"> <th scope="row"><label for="pass2">

function get_post_embed_html( $width$height$post = null ) {
    $post = get_post( $post );

    if ( ! $post ) {
        return false;
    }

    $embed_url = get_post_embed_url( $post );

    $secret     = wp_generate_password( 10, false );
    $embed_url .= "#?secret={$secret}";

    $output = sprintf(
        '<blockquote class="wp-embedded-content" data-secret="%1$s"><a href="%2$s">%3$s</a></blockquote>',
        esc_attr( $secret ),
        esc_url( get_permalink( $post ) ),
        get_the_title( $post )
    );

    $output .= sprintf(
        '<iframe sandbox="allow-scripts" security="restricted" src="%1$s" width="%2$d" height="%3$d" title="%4$s" data-secret="%5$s" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe>',
        

        do_action( 'pre_network_site_new_created_user', $email );

        $user_id = username_exists( $domain );
        if ( $user_id ) {
            wp_die( __( 'The domain or path entered conflicts with an existing username.' ) );
        }
        $password = wp_generate_password( 12, false );
        $user_id  = wpmu_create_user( $domain$password$email );
        if ( false === $user_id ) {
            wp_die( __( 'There was an error creating the user.' ) );
        }

        /** * Fires after a new user has been created via the network site-new.php page. * * @since 4.4.0 * * @param int $user_id ID of the newly created user. */
<?php /** This filter is documented in wp-admin/options.php */
if ( apply_filters( 'enable_post_by_email_configuration', true ) ) {
    ?> <h2 class="title"><?php _e( 'Post via email' ); ?></h2> <p> <?php     printf(
        /* translators: 1, 2, 3: Examples of random email addresses. */
        __( 'To post to WordPress by email, you must set up a secret email account with POP3 access. Any mail received at this address will be posted, so it&#8217;s a good idea to keep this address very secret. Here are three random strings you could use: %1$s, %2$s, %3$s.' ),
        sprintf( '<kbd>%s</kbd>', wp_generate_password( 8, false ) ),
        sprintf( '<kbd>%s</kbd>', wp_generate_password( 8, false ) ),
        sprintf( '<kbd>%s</kbd>', wp_generate_password( 8, false ) )
    );
    ?> </p> <table class="form-table" role="presentation"> <tr> <th scope="row"><label for="mailserver_url"><?php _e( 'Mail Server' ); ?></label></th> <td><input name="mailserver_url" type="text" id="mailserver_url" value="<?php form_option( 'mailserver_url' ); ?>" class="regular-text code" /> <label for="mailserver_port"><?php _e( 'Port' ); ?></label> <input name="mailserver_port" type="text" id="mailserver_port" value="

        } catch ( Exception $ex ) {
            $no_api = isset( $_POST['noapi'] );

            if ( ! $no_api ) {
                $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' );
            }

            if ( $no_api || is_wp_error( $secret_keys ) ) {
                $secret_keys = array();
                for ( $i = 0; $i < 8; $i++ ) {
                    $secret_keys[] = wp_generate_password( 64, true, true );
                }
            } else {
                $secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
                foreach ( $secret_keys as $k => $v ) {
                    $secret_keys[ $k ] = substr( $v, 28, 64 );
                }
            }
        }

        $key = 0;
        foreach ( $config_file as $line_num => $line ) {
            

    private function generate_cookie() {
        $to_sign = sprintf( 'recovery_mode|%s|%s', time()wp_generate_password( 20, false ) );
        $signed  = $this->recovery_mode_hash( $to_sign );

        return base64_encode( sprintf( '%s|%s', $to_sign$signed ) );
    }

    /** * Gets a form of `wp_hash()` specific to Recovery Mode. * * We cannot use `wp_hash()` because it is defined in `pluggable.php` which is not loaded until after plugins are loaded, * which is too late to verify the recovery mode cookie. * * This tries to use the `AUTH` salts first, but if they aren't valid specific salts will be generated and stored. * * @since 5.2.0 * * @param string $data Data to hash. * @return string|false The hashed $data, or false on failure. */
</td> </tr> <?php if ( ! $user_table ) : ?> <tr class="form-field form-required user-pass1-wrap"> <th scope="row"> <label for="pass1"> <?php _e( 'Password' ); ?> </label> </th> <td> <div class="wp-pwd"> <?php $initial_password = isset( $_POST['admin_password'] ) ? stripslashes( $_POST['admin_password'] ) : wp_generate_password( 18 ); ?> <div class="password-input-wrapper"> <input type="password" name="admin_password" id="pass1" class="regular-text" autocomplete="new-password" spellcheck="false" data-reveal="1" data-pw="<?php echo esc_attr( $initial_password ); ?>" aria-describedby="pass-strength-result admin-password-desc" /> <div id="pass-strength-result" aria-live="polite"></div> </div> <button type="button" class="button wp-hide-pw hide-if-no-js" data-start-masked="<?php echo (int) isset( $_POST['admin_password'] ); ?>" data-toggle="0" aria-label="<?php esc_attr_e( 'Hide password' ); ?>"> <span class="dashicons dashicons-hidden"></span> <span class="text"><?php _e( 'Hide' ); ?></span> </button> </div> <p id="admin-password-desc"><span class="description important hide-if-no-js"> <strong><?php _e( 'Important:' ); ?></strong>
$session['ip'] = $_SERVER['REMOTE_ADDR'];
        }

        // User-agent.         if ( ! empty( $_SERVER['HTTP_USER_AGENT'] ) ) {
            $session['ua'] = wp_unslash( $_SERVER['HTTP_USER_AGENT'] );
        }

        // Timestamp.         $session['login'] = time();

        $token = wp_generate_password( 43, false, false );

        $this->update( $token$session );

        return $token;
    }

    /** * Updates the data for the session with the given token. * * @since 4.0.0 * * @param string $token Session token to update. * @param array $session Session information. */
/** * Generates a random password. * * @since MU (3.0.0) * @deprecated 3.0.0 Use wp_generate_password() * @see wp_generate_password() * * @param int $len Optional. The length of password to generate. Default 8. */
function generate_random_password( $len = 8 ) {
    _deprecated_function( __FUNCTION__, '3.0.0', 'wp_generate_password()' );
    return wp_generate_password( $len );
}

/** * Determine if user is a site admin. * * Plugins should use is_multisite() instead of checking if this function exists * to determine if multisite is enabled. * * This function must reside in a file included only if is_multisite() due to * legacy function_exists() checks to determine if multisite is enabled. * * @since MU (3.0.0) * @deprecated 3.0.0 Use is_super_admin() * @see is_super_admin() * * @param string $user_login Optional. Username for the user to check. Default empty. */
$args['name'] = sanitize_text_field( $args['name'] );
        }

        if ( empty( $args['name'] ) ) {
            return new WP_Error( 'application_password_empty_name', __( 'An application name is required to create an application password.' ), array( 'status' => 400 ) );
        }

        if ( self::application_name_exists_for_user( $user_id$args['name'] ) ) {
            return new WP_Error( 'application_password_duplicate_name', __( 'Each application name should be unique.' ), array( 'status' => 409 ) );
        }

        $new_password    = wp_generate_password( static::PW_LENGTH, false );
        $hashed_password = wp_hash_password( $new_password );

        $new_item = array(
            'uuid'      => wp_generate_uuid4(),
            'app_id'    => empty( $args['app_id'] ) ? '' : $args['app_id'],
            'name'      => $args['name'],
            'password'  => $hashed_password,
            'created'   => time(),
            'last_used' => null,
            'last_ip'   => null,
        );

        
Home | Imprint | This part of the site doesn't use cookies.