Pretty sure wp_check_password() is not meant to be used the way you’re using it.
From the looks of the documentation, and as far as I can tell by looking at the source, this function is only meant to compare the plaintext password you provide against the hash you provide–not to check whether a particular user’s stored password matches the passed creds. (The user id param is misleading–it has to do with converting a user’s existing password form one kind of hash to another when necessary, I believe. But I’m not 100% sure).
In any case, you don’t need to do any of this checking manually. The wp_signon() function will itself will check the creds, and if they’re correct it’ll log the user in and pass back a valid user object. If the creds aren’t right, it’ll pass back an error object.
Related Posts:
- In Django, how do I know the currently logged-in user?
- Disallow user from editing their own profile information
- wp_signon returns user, but the user is not logged in
- What exactly is ReAuth?
- What are the differences between wp_users and wp_usermeta tables?
- How can I send a welcome email to a user AFTER they login for the first time?
- Can not login with correct username and password
- How to remove the WordPress logo from login and register page?
- Stop users from logging in from multiple locations
- My login form does not work
- Cookie settings for session across WPML subdomains using custom AJAX login
- Change Login Page for a Multisite Subsite
- Change admin login URL
- Is there a way to remove wp-login.php alias (login)?
- Login with cookie but without using WordPress code
- wp-admin redirecting to wp-login.php
- User Directory without a Plugin
- Get wordpress stored cookies for custom login
- Restrict PDF links
- Can’t access login page after password reset
- Remote REST request to check login status
- How can I test the login for an expired session?
- Rendering of custom walker menu function not working properly
- Force user to login in home page
- Change Favicon on Login Screen?
- Login as a client no dashboard menu?
- Allow access to a page for admins only
- How to edit comment_reply_link
- Right practice to edit WP reset password email
- deny IPs from wp-login using .htaccess
- How To Change Wp Register/Login URL Permanently To My Custom Page
- How can I prevent my custom form from redirecting to wp-login?
- Custom Login iframe doesn’t work
- Autologin only working the second time
- wp-admin returns 404 [closed]
- What would be the best way to implement Magic Link logins in WordPress?
- Can’t login to WordPress without hitting the Remember Me checkbox. Potential SSL implementation bi-product
- disable site_url redirect in wp-login.php
- Forgot password needs to redirect from wp-login to a custom page
- Is it possible to designate the login.php as homepage?
- Force login for a subdirectory within wordpress install
- Redirect login page except on reset pass
- Redirect users after failed login attempt?
- How to secure files based on format and word in file name with wp-config or htaccess?
- Redirect to custom variable
- Get the url of custom login page in the registration page
- How to make wp-login.php not accessible
- Single sign on with custom site
- By registering always make uppercase the first letter of the login
- Best option to implement external register/login to WP from self-made API
- Enqueue new login style sheet
- WordPress Conditional Login Links
- Secure login on wordpress [closed]
- Do more action after login successfully
- How can I password protect a WordPress site without requiring users to log in?
- Can’t login to my own website
- I cannot login and am getting this error message. .
- Can I Get User ID at Login?
- Cannot log into migrated site
- WordPress SSL not working [closed]
- I want login using email not username wordpress front end
- How to Remove default “Login” link
- How to unpublish my new site while working on it?
- How to force “remember me” users to login again?
- ERROR: Cookies are blocked due to unexpected output (no FTP access)
- Sharing a logged in session with a custom subdmain site?
- How do I change the language of the login page to Arabic?
- MAMP localhost wordpress site, not possible to sign in, username and password are correct
- Login issues wordpress page
- How to post frontend login form to a different authentication script from wp-login?
- Make WordPress User Name be the Company Name when Registering (not the default ‘first name’ last name’ email address’)
- Why do I have a reauth=1 redirection loop when I try to log in to WordPress hosted on AWS Fargate?
- Login form does not store/remember/suggest users password
- Problem with is_user_logged_in() function in some pages
- Confused – can’t access wordpress dashboard or site that has been published
- wordpress login loop and session problem
- unable to Login to Admin
- WordPress login loop on proxy setup with SSL – Apache proxy to IIS
- ERROR: Cookies are blocked due to unexpected output – ultimate solution
- Android app – can’t login: “This site already exists in the app, you can’t add it”
- Fatal error: Call to undefined function get_plugin_data()
- backend access per user status
- Make WordPress User Name the Email Address When Register
- Users redirected to old site
- WordPress Login / SSL = Code Question
- Save user login date
- Login with Username (or Code) only
- Enqueue script on logon failure
- I get 404 when I try to login ever since I changed the permalink
- wp_signon gives error insufficient_permissions
- Is there a way to give users the option to log in to their favorite group on login? [closed]
- Logging in takes a few refreshes to show you are logged in, is this a cache issue? [closed]
- Direct access to site when log in
- Can not login after moving to cloudflare and adding rules
- Inconsistent login state
- Can i hide a dynamically created div to logged out users?
- Login and register by API
- Why am I not able to login to the admin
- Log in a user upon password reset?
- WP behind haproxy weirdness