user_authenticate

Versions
4.6 – 5: user_authenticate($name, $pass)
6: user_authenticate($form_values = array())
7: user_authenticate($name, $password)

Try to validate the user's login credentials locally.

Parameters

$name User name to authenticate.

$password A plain-text password, such as trimmed text from form values.

Return value

The user's uid on success, or FALSE on failure to authenticate.

▸ 1 function calls user_authenticate()

▾ 1 function calls user_authenticate()

user_login_authenticate_validate in modules/user/user.module: A validate handler on the login form. Check supplied username/password against local users table. If successful, $form_state['uid'] is set to the matching user ID.

Code

modules/user/user.module, line 1848

<?php
function user_authenticate($name, $password) {
  $uid = FALSE;
  if (!empty($name) && !empty($password)) {
    $account = db_query("SELECT * FROM {users} WHERE name = :name AND status = 1", array(':name' => $name))->fetchObject();
    if ($account) {
      // Allow alternate password hashing schemes.
      require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
      if (user_check_password($password, $account)) {
        // Successful authentication.
        $uid = $account->uid;

        // Update user to new password scheme if needed.
        if (user_needs_new_hash($account)) {
          $new_hash = user_hash_password($password);
          if ($new_hash) {
            db_update('users')
              ->fields(array('pass' => $new_hash))
              ->condition('uid', $account->uid)
              ->execute();
          }
        }
      }
    }
  }
  return $uid;
}
?>