public function checkPassword($uid, $password) { if (!$this->db_conn) { $this->connectdb(); } if (!$this->db_conn) { return false; } $query = 'SELECT user_login, user_pass FROM ' . self::$params['wordpress_db_prefix'] . 'users WHERE user_login = "******"', '""', $uid) . '"'; $query .= ' AND user_status = 0'; $result = $this->wp_instance->db->query($query); if ($result && mysqli_num_rows($result) > 0) { $row = mysqli_fetch_assoc($result); $hash = $row['user_pass']; $normalize_path = str_replace('\\', '/', OC_APP::getAppPath('user_wordpress')); $path_array = explode('/', $normalize_path); array_pop($path_array); $app_folder = array_pop($path_array); OC::$CLASSPATH['OC_wordpress'] = $app_folder . '/lib/wordpress.class.php'; require_once $app_folder . '/user_wordpress/class-phpass.php'; $wp_hasher = new WPPasswordHash(8, TRUE); $check = $wp_hasher->CheckPassword($password, $hash); if ($check === true) { // Make sure the user is in the wordpress_global_group if (self::$params['wordpress_global_group'] != '') { if (!OC_Group::groupExists(self::$params['wordpress_global_group'])) { OC_Group::createGroup(self::$params['wordpress_global_group']); } $UserblogsIds = $this->wp_instance->getUserblogsIds($uid); if (empty($UserblogsIds)) { // remove from group if current user has no access to Wordpress blog/site with the same role name. OC_Group::removefromGroup($uid, self::$params['wordpress_global_group']); } else { OC_Group::addToGroup($uid, self::$params['wordpress_global_group']); } } $this->setUserInfos($uid); return $row['user_login']; } } return false; }