wp_insert_user() – Function | Developer.WordPress.org

Inserts a user into the database.

Description

Most of the $userdata array fields have filters associated with the values. Exceptions are ‘ID’, ‘rich_editing’, ‘syntax_highlighting’, ‘comment_shortcuts’, ‘admin_color’, ‘use_ssl’, ‘user_registered’, ‘user_activation_key’, ‘spam’, and ‘role’. The filters have the prefix ‘pre_user_’ followed by the field name. An example using ‘description’ would have the filter called ‘pre_user_description’ that can be hooked into.

Parameters

$userdataarray|object|WP_Userrequired

An array, object, or WP_User object of user data arguments.

ID int
User ID. If supplied, the user will be updated.
user_pass string
The plain-text user password for new users.
Hashed password for existing users.
user_login string
The user’s login username.
user_nicename string
The URL-friendly user name.
user_url string
The user URL.
user_email string
The user email address.
display_name string
The user’s display name.
Default is the user’s username.
nickname string
The user’s nickname.
Default is the user’s username.
first_name string
The user’s first name. For new users, will be used to build the first part of the user’s display name if $display_name is not specified.
last_name string
The user’s last name. For new users, will be used to build the second part of the user’s display name if $display_name is not specified.
description string
The user’s biographical description.
rich_editing string
Whether to enable the rich-editor for the user.
Accepts 'true' or 'false' as a string literal, not boolean. Default 'true'.
syntax_highlighting string
Whether to enable the rich code editor for the user.
Accepts 'true' or 'false' as a string literal, not boolean. Default 'true'.
comment_shortcuts string
Whether to enable comment moderation keyboard shortcuts for the user. Accepts 'true' or 'false' as a string literal, not boolean. Default 'false'.
admin_color string
Admin color scheme for the user. Default 'fresh'.
use_ssl bool
Whether the user should always access the admin over https. Default false.
user_registered string
Date the user registered in UTC. Format is ‘Y-m-d H:i:s’.
user_activation_key string
Password reset key. Default empty.
spam bool
Multisite only. Whether the user is marked as spam.
Default false.
show_admin_bar_front string
Whether to display the Admin Bar for the user on the site’s front end. Accepts 'true' or 'false' as a string literal, not boolean. Default 'true'.
role string
User’s role.
locale string
User’s locale. Default empty.
meta_input array
Array of custom user meta values keyed by meta key.
Default empty.

Return

int|WP_Error The newly created user’s ID or a WP_Error object if the user could not be created.

Source

function wp_insert_user( $userdata ) {	global $wpdb;	if ( $userdata instanceof stdClass ) {	$userdata = get_object_vars( $userdata );	} elseif ( $userdata instanceof WP_User ) {	$userdata = $userdata->to_array();	}	// Are we updating or creating?	if ( ! empty( $userdata['ID'] ) ) {	$user_id = (int) $userdata['ID'];	$update = true;	$old_user_data = get_userdata( $user_id );	if ( ! $old_user_data ) {	return new WP_Error( 'invalid_user_id', __( 'Invalid user ID.' ) );	}	// Slash current user email to compare it later with slashed new user email.	$old_user_data->user_email = wp_slash( $old_user_data->user_email );	// Hashed in wp_update_user(), plaintext if called directly.	$user_pass = ! empty( $userdata['user_pass'] ) ? $userdata['user_pass'] : $old_user_data->user_pass;	} else {	$update = false;	// Hash the password.	$user_pass = wp_hash_password( $userdata['user_pass'] );	}	$sanitized_user_login = sanitize_user( $userdata['user_login'], true );	/** * Filters a username after it has been sanitized. * * This filter is called before the user is created or updated. * * @since 2.0.3 * * @param string $sanitized_user_login Username after it has been sanitized. */	$pre_user_login = apply_filters( 'pre_user_login', $sanitized_user_login );	// Remove any non-printable chars from the login string to see if we have ended up with an empty username.	$user_login = trim( $pre_user_login );	// user_login must be between 0 and 60 characters.	if ( empty( $user_login ) ) {	return new WP_Error( 'empty_user_login', __( 'Cannot create a user with an empty login name.' ) );	} elseif ( mb_strlen( $user_login ) > 60 ) {	return new WP_Error( 'user_login_too_long', __( 'Username may not be longer than 60 characters.' ) );	}	if ( ! $update && username_exists( $user_login ) ) {	return new WP_Error( 'existing_user_login', __( 'Sorry, that username already exists!' ) );	}	/** * Filters the list of disallowed usernames. * * @since 4.4.0 * * @param array $usernames Array of disallowed usernames. */	$illegal_logins = (array) apply_filters( 'illegal_user_logins', array() );	if ( in_array( strtolower( $user_login ), array_map( 'strtolower', $illegal_logins ), true ) ) {	return new WP_Error( 'invalid_username', __( 'Sorry, that username is not allowed.' ) );	}	/* * If a nicename is provided, remove unsafe user characters before using it. * Otherwise build a nicename from the user_login. */	if ( ! empty( $userdata['user_nicename'] ) ) {	$user_nicename = sanitize_user( $userdata['user_nicename'], true );	} else {	$user_nicename = mb_substr( $user_login, 0, 50 );	}	$user_nicename = sanitize_title( $user_nicename );	/** * Filters a user's nicename before the user is created or updated. * * @since 2.0.3 * * @param string $user_nicename The user's nicename. */	$user_nicename = apply_filters( 'pre_user_nicename', $user_nicename );	if ( mb_strlen( $user_nicename ) > 50 ) {	return new WP_Error( 'user_nicename_too_long', __( 'Nicename may not be longer than 50 characters.' ) );	}	$user_nicename_check = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1", $user_nicename, $user_login ) );	if ( $user_nicename_check ) {	$suffix = 2;	while ( $user_nicename_check ) {	// user_nicename allows 50 chars. Subtract one for a hyphen, plus the length of the suffix.	$base_length = 49 - mb_strlen( $suffix );	$alt_user_nicename = mb_substr( $user_nicename, 0, $base_length ) . "-$suffix";	$user_nicename_check = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM $wpdb->users WHERE user_nicename = %s AND user_login != %s LIMIT 1", $alt_user_nicename, $user_login ) );	++$suffix;	}	$user_nicename = $alt_user_nicename;	}	$raw_user_email = empty( $userdata['user_email'] ) ? '' : $userdata['user_email'];	/** * Filters a user's email before the user is created or updated. * * @since 2.0.3 * * @param string $raw_user_email The user's email. */	$user_email = apply_filters( 'pre_user_email', $raw_user_email );	/* * If there is no update, just check for `email_exists`. If there is an update, * check if current email and new email are the same, and check `email_exists` * accordingly. */	if ( ( ! $update || ( ! empty( $old_user_data ) && 0 !== strcasecmp( $user_email, $old_user_data->user_email ) ) )	&& ! defined( 'WP_IMPORTING' )	&& email_exists( $user_email )	) {	return new WP_Error( 'existing_user_email', __( 'Sorry, that email address is already used!' ) );	}	$raw_user_url = empty( $userdata['user_url'] ) ? '' : $userdata['user_url'];	/** * Filters a user's URL before the user is created or updated. * * @since 2.0.3 * * @param string $raw_user_url The user's URL. */	$user_url = apply_filters( 'pre_user_url', $raw_user_url );	if ( mb_strlen( $user_url ) > 100 ) {	return new WP_Error( 'user_url_too_long', __( 'User URL may not be longer than 100 characters.' ) );	}	$user_registered = empty( $userdata['user_registered'] ) ? gmdate( 'Y-m-d H:i:s' ) : $userdata['user_registered'];	$user_activation_key = empty( $userdata['user_activation_key'] ) ? '' : $userdata['user_activation_key'];	if ( ! empty( $userdata['spam'] ) && ! is_multisite() ) {	return new WP_Error( 'no_spam', __( 'Sorry, marking a user as spam is only supported on Multisite.' ) );	}	$spam = empty( $userdata['spam'] ) ? 0 : (bool) $userdata['spam'];	// Store values to save in user meta.	$meta = array();	$nickname = empty( $userdata['nickname'] ) ? $user_login : $userdata['nickname'];	/** * Filters a user's nickname before the user is created or updated. * * @since 2.0.3 * * @param string $nickname The user's nickname. */	$meta['nickname'] = apply_filters( 'pre_user_nickname', $nickname );	$first_name = empty( $userdata['first_name'] ) ? '' : $userdata['first_name'];	/** * Filters a user's first name before the user is created or updated. * * @since 2.0.3 * * @param string $first_name The user's first name. */	$meta['first_name'] = apply_filters( 'pre_user_first_name', $first_name );	$last_name = empty( $userdata['last_name'] ) ? '' : $userdata['last_name'];	/** * Filters a user's last name before the user is created or updated. * * @since 2.0.3 * * @param string $last_name The user's last name. */	$meta['last_name'] = apply_filters( 'pre_user_last_name', $last_name );	if ( empty( $userdata['display_name'] ) ) {	if ( $update ) {	$display_name = $user_login;	} elseif ( $meta['first_name'] && $meta['last_name'] ) {	$display_name = sprintf(	/* translators: 1: User's first name, 2: Last name. */	_x( '%1$s %2$s', 'Display name based on first name and last name' ),	$meta['first_name'],	$meta['last_name']	);	} elseif ( $meta['first_name'] ) {	$display_name = $meta['first_name'];	} elseif ( $meta['last_name'] ) {	$display_name = $meta['last_name'];	} else {	$display_name = $user_login;	}	} else {	$display_name = $userdata['display_name'];	}	/** * Filters a user's display name before the user is created or updated. * * @since 2.0.3 * * @param string $display_name The user's display name. */	$display_name = apply_filters( 'pre_user_display_name', $display_name );	$description = empty( $userdata['description'] ) ? '' : $userdata['description'];	/** * Filters a user's description before the user is created or updated. * * @since 2.0.3 * * @param string $description The user's description. */	$meta['description'] = apply_filters( 'pre_user_description', $description );	$meta['rich_editing'] = empty( $userdata['rich_editing'] ) ? 'true' : $userdata['rich_editing'];	$meta['syntax_highlighting'] = empty( $userdata['syntax_highlighting'] ) ? 'true' : $userdata['syntax_highlighting'];	$meta['comment_shortcuts'] = empty( $userdata['comment_shortcuts'] ) || 'false' === $userdata['comment_shortcuts'] ? 'false' : 'true';	$admin_color = empty( $userdata['admin_color'] ) ? 'fresh' : $userdata['admin_color'];	$meta['admin_color'] = preg_replace( '|[^a-z0-9 _.\-@]|i', '', $admin_color );	$meta['use_ssl'] = empty( $userdata['use_ssl'] ) ? '0' : '1';	$meta['show_admin_bar_front'] = empty( $userdata['show_admin_bar_front'] ) ? 'true' : $userdata['show_admin_bar_front'];	$meta['locale'] = isset( $userdata['locale'] ) ? $userdata['locale'] : '';	$compacted = compact( 'user_pass', 'user_nicename', 'user_email', 'user_url', 'user_registered', 'user_activation_key', 'display_name' );	$data = wp_unslash( $compacted );	if ( ! $update ) {	$data = $data + compact( 'user_login' );	}	if ( is_multisite() ) {	$data = $data + compact( 'spam' );	}	/** * Filters user data before the record is created or updated. * * It only includes data in the users table, not any user metadata. * * @since 4.9.0 * @since 5.8.0 The `$userdata` parameter was added. * @since 6.8.0 The user's password is now hashed using bcrypt by default instead of phpass. * * @param array $data { * Values and keys for the user. * * @type string $user_login The user's login. Only included if $update == false * @type string $user_pass The user's password. * @type string $user_email The user's email. * @type string $user_url The user's url. * @type string $user_nicename The user's nice name. Defaults to a URL-safe version of user's login. * @type string $display_name The user's display name. * @type string $user_registered MySQL timestamp describing the moment when the user registered. Defaults to * the current UTC timestamp. * } * @param bool $update Whether the user is being updated rather than created. * @param int|null $user_id ID of the user to be updated, or NULL if the user is being created. * @param array $userdata The raw array of data passed to wp_insert_user(). */	$data = apply_filters( 'wp_pre_insert_user_data', $data, $update, ( $update ? $user_id : null ), $userdata );	if ( empty( $data ) || ! is_array( $data ) ) {	return new WP_Error( 'empty_data', __( 'Not enough data to create this user.' ) );	}	if ( $update ) {	if ( $user_email !== $old_user_data->user_email || $user_pass !== $old_user_data->user_pass ) {	$data['user_activation_key'] = '';	}	$wpdb->update( $wpdb->users, $data, array( 'ID' => $user_id ) );	} else {	$wpdb->insert( $wpdb->users, $data );	$user_id = (int) $wpdb->insert_id;	}	$user = new WP_User( $user_id );	/** * Filters a user's meta values and keys immediately after the user is created or updated * and before any user meta is inserted or updated. * * Does not include contact methods. These are added using `wp_get_user_contact_methods( $user )`. * * For custom meta fields, see the 'insert_custom_user_meta' filter. * * @since 4.4.0 * @since 5.8.0 The `$userdata` parameter was added. * * @param array $meta { * Default meta values and keys for the user. * * @type string $nickname The user's nickname. Default is the user's username. * @type string $first_name The user's first name. * @type string $last_name The user's last name. * @type string $description The user's description. * @type string $rich_editing Whether to enable the rich-editor for the user. Default 'true'. * @type string $syntax_highlighting Whether to enable the rich code editor for the user. Default 'true'. * @type string $comment_shortcuts Whether to enable keyboard shortcuts for the user. Default 'false'. * @type string $admin_color The color scheme for a user's admin screen. Default 'fresh'. * @type int|bool $use_ssl Whether to force SSL on the user's admin area. 0|false if SSL * is not forced. * @type string $show_admin_bar_front Whether to show the admin bar on the front end for the user. * Default 'true'. * @type string $locale User's locale. Default empty. * } * @param WP_User $user User object. * @param bool $update Whether the user is being updated rather than created. * @param array $userdata The raw array of data passed to wp_insert_user(). */	$meta = apply_filters( 'insert_user_meta', $meta, $user, $update, $userdata );	$custom_meta = array();	if ( array_key_exists( 'meta_input', $userdata ) && is_array( $userdata['meta_input'] ) && ! empty( $userdata['meta_input'] ) ) {	$custom_meta = $userdata['meta_input'];	}	/** * Filters a user's custom meta values and keys immediately after the user is created or updated * and before any user meta is inserted or updated. * * For non-custom meta fields, see the 'insert_user_meta' filter. * * @since 5.9.0 * * @param array $custom_meta Array of custom user meta values keyed by meta key. * @param WP_User $user User object. * @param bool $update Whether the user is being updated rather than created. * @param array $userdata The raw array of data passed to wp_insert_user(). */	$custom_meta = apply_filters( 'insert_custom_user_meta', $custom_meta, $user, $update, $userdata );	$meta = array_merge( $meta, $custom_meta );	if ( $update ) {	// Update user meta.	foreach ( $meta as $key => $value ) {	update_user_meta( $user_id, $key, $value );	}	} else {	// Add user meta.	foreach ( $meta as $key => $value ) {	add_user_meta( $user_id, $key, $value );	}	}	foreach ( wp_get_user_contact_methods( $user ) as $key => $value ) {	if ( isset( $userdata[ $key ] ) ) {	update_user_meta( $user_id, $key, $userdata[ $key ] );	}	}	if ( isset( $userdata['role'] ) ) {	$user->set_role( $userdata['role'] );	} elseif ( ! $update ) {	$user->set_role( get_option( 'default_role' ) );	}	clean_user_cache( $user_id );	if ( $update ) {	/** * Fires immediately after an existing user is updated. * * @since 2.0.0 * @since 5.8.0 The `$userdata` parameter was added. * * @param int $user_id User ID. * @param WP_User $old_user_data Object containing user's data prior to update. * @param array $userdata The raw array of data passed to wp_insert_user(). */	do_action( 'profile_update', $user_id, $old_user_data, $userdata );	if ( isset( $userdata['spam'] ) && $userdata['spam'] !== $old_user_data->spam ) {	if ( '1' === $userdata['spam'] ) {	/** * Fires after the user is marked as a SPAM user. * * @since 3.0.0 * * @param int $user_id ID of the user marked as SPAM. */	do_action( 'make_spam_user', $user_id );	} else {	/** * Fires after the user is marked as a HAM user. Opposite of SPAM. * * @since 3.0.0 * * @param int $user_id ID of the user marked as HAM. */	do_action( 'make_ham_user', $user_id );	}	}	} else {	/** * Fires immediately after a new user is registered. * * @since 1.5.0 * @since 5.8.0 The `$userdata` parameter was added. * * @param int $user_id User ID. * @param array $userdata The raw array of data passed to wp_insert_user(). */	do_action( 'user_register', $user_id, $userdata );	}	return $user_id; }

View all references View on Trac View on GitHub

Hooks

apply_filters( ‘illegal_user_logins’, array $usernames ): Filters the list of disallowed usernames.
apply_filters( ‘insert_custom_user_meta’, array $custom_meta, WP_User $user, bool $update, array $userdata ): Filters a user’s custom meta values and keys immediately after the user is created or updated and before any user meta is inserted or updated.
apply_filters( ‘insert_user_meta’, array $meta, WP_User $user, bool $update, array $userdata ): Filters a user’s meta values and keys immediately after the user is created or updated and before any user meta is inserted or updated.
do_action( ‘make_ham_user’, int $user_id ): Fires after the user is marked as a HAM user. Opposite of SPAM.
do_action( ‘make_spam_user’, int $user_id ): Fires after the user is marked as a SPAM user.
apply_filters( ‘pre_user_description’, string $description ): Filters a user’s description before the user is created or updated.
apply_filters( ‘pre_user_display_name’, string $display_name ): Filters a user’s display name before the user is created or updated.
apply_filters( ‘pre_user_email’, string $raw_user_email ): Filters a user’s email before the user is created or updated.
apply_filters( ‘pre_user_first_name’, string $first_name ): Filters a user’s first name before the user is created or updated.
apply_filters( ‘pre_user_last_name’, string $last_name ): Filters a user’s last name before the user is created or updated.
apply_filters( ‘pre_user_login’, string $sanitized_user_login ): Filters a username after it has been sanitized.
apply_filters( ‘pre_user_nicename’, string $user_nicename ): Filters a user’s nicename before the user is created or updated.
apply_filters( ‘pre_user_nickname’, string $nickname ): Filters a user’s nickname before the user is created or updated.
apply_filters( ‘pre_user_url’, string $raw_user_url ): Filters a user’s URL before the user is created or updated.
do_action( ‘profile_update’, int $user_id, WP_User $old_user_data, array $userdata ): Fires immediately after an existing user is updated.
do_action( ‘user_register’, int $user_id, array $userdata ): Fires immediately after a new user is registered.
apply_filters( ‘wp_pre_insert_user_data’, array $data, bool $update, int|null $user_id, array $userdata ): Filters user data before the record is created or updated.

Uses	Description
WP_User::__construct()`wp-includes/class-wp-user.php`	Constructor.
sanitize_user()`wp-includes/formatting.php`	Sanitizes a username, stripping out unsafe characters.
sanitize_title()`wp-includes/formatting.php`	Sanitizes a string into a slug, which can be used in URLs or HTML attributes.
wp_hash_password()`wp-includes/pluggable.php`	Creates a hash of a plain text password.
wp_get_user_contact_methods()`wp-includes/user.php`	Sets up the user contact methods.
username_exists()`wp-includes/user.php`	Determines whether the given username exists.
email_exists()`wp-includes/user.php`	Determines whether the given email exists.
clean_user_cache()`wp-includes/user.php`	Cleans all user caches.
update_user_meta()`wp-includes/user.php`	Updates user meta field based on user ID.
add_user_meta()`wp-includes/user.php`	Adds meta data to a user.
wpdb::update()`wp-includes/class-wpdb.php`	Updates a row in the table.
wpdb::insert()`wp-includes/class-wpdb.php`	Inserts a row into the table.
wp_slash()`wp-includes/formatting.php`	Adds slashes to a string or recursively adds slashes to strings within an array.
wp_unslash()`wp-includes/formatting.php`	Removes slashes from a string or recursively removes slashes from strings within an array.
get_userdata()`wp-includes/pluggable.php`	Retrieves user info by user ID.
is_multisite()`wp-includes/load.php`	Determines whether Multisite is enabled.
apply_filters()`wp-includes/plugin.php`	Calls the callback functions that have been added to a filter hook.
do_action()`wp-includes/plugin.php`	Calls the callback functions that have been added to an action hook.
get_option()`wp-includes/option.php`	Retrieves an option value based on an option name.
wpdb::get_var()`wp-includes/class-wpdb.php`	Retrieves one value from the database.
wpdb::prepare()`wp-includes/class-wpdb.php`	Prepares a SQL query for safe execution.
WP_Error::__construct()`wp-includes/class-wp-error.php`	Initializes the error.

Show 17 more Show less

Used by	Description
WP_REST_Users_Controller::create_item()`wp-includes/rest-api/endpoints/class-wp-rest-users-controller.php`	Creates a single user.
edit_user()`wp-admin/includes/user.php`	Edit user settings based on contents of $_POST
wp_update_user()`wp-includes/user.php`	Updates a user in the database.
wp_create_user()`wp-includes/user.php`	Provides a simpler way of inserting a user into the database.

Changelog

Version	Description
5.9.0	The `meta_input` field can be passed to `$userdata` to allow addition of user meta data.
5.3.0	The `spam` field can be passed to `$userdata` (Multisite only).
4.7.0	The `locale` field can be passed to `$userdata`.
3.6.0	The `aim`, `jabber`, and `yim` fields were removed as default user contact methods for new installations. See wp_get_user_contact_methods() .
2.0.0	Introduced.

User Contributed Notes

Brent Leavitt 7 years ago

The wp_insert_user function requires an array (or object) of user data to create the user. The full array version of $userdata is as follows:

$userdata = array(	'ID'	=> 0,	//(int) User ID. If supplied, the user will be updated.	'user_pass'	=> '',	//(string) The plain-text user password.	'user_login'	=> '',	//(string) The user's login username.	'user_nicename'	=> '',	//(string) The URL-friendly user name.	'user_url'	=> '',	//(string) The user URL.	'user_email'	=> '',	//(string) The user email address.	'display_name'	=> '',	//(string) The user's display name. Default is the user's username.	'nickname'	=> '',	//(string) The user's nickname. Default is the user's username.	'first_name'	=> '',	//(string) The user's first name. For new users, will be used to build the first part of the user's display name if $display_name is not specified.	'last_name'	=> '',	//(string) The user's last name. For new users, will be used to build the second part of the user's display name if $display_name is not specified.	'description'	=> '',	//(string) The user's biographical description.	'rich_editing'	=> '',	//(string|bool) Whether to enable the rich-editor for the user. False if not empty.	'syntax_highlighting'	=> '',	//(string|bool) Whether to enable the rich code editor for the user. False if not empty.	'comment_shortcuts'	=> '',	//(string|bool) Whether to enable comment moderation keyboard shortcuts for the user. Default false.	'admin_color'	=> '',	//(string) Admin color scheme for the user. Default 'fresh'.	'use_ssl'	=> '',	//(bool) Whether the user should always access the admin over https. Default false.	'user_registered'	=> '',	//(string) Date the user registered. Format is 'Y-m-d H:i:s'.	'show_admin_bar_front'	=> '',	//(string|bool) Whether to display the Admin Bar for the user on the site's front end. Default true.	'role'	=> '',	//(string) User's role.	'locale'	=> '',	//(string) User's locale. Default empty. );

Ivan Shulev 10 years ago

Example

Below is an example showing how to insert a new user with the website profile field filled.

$website = "http://example.com&quot;; $userdata = array( 'user_login' => 'login_name', 'user_url' => $website, 'user_pass' => NULL // When creating an user, `user_pass` is expected. ); $user_id = wp_insert_user( $userdata ) ; // On success. if ( ! is_wp_error( $user_id ) ) { echo "User created : ". $user_id; }

Skip to note 13 content

samuelimbert1985 9 years ago

You must log in to vote on the helpfulness of this noteVote results for this note: 6You must log in to vote on the helpfulness of this note

The user_url length in database is limited to 100.

But wp_insert_user won’t return a WP_Error if this size is exceeded, it returns 0.

It could be a good improvement, as i just past 30 minutes, to find what was the problem.

Thanks in advance,

:)

Log in to add feedback
Skip to note 14 content

Andrija Naglic 6 years ago

You must log in to vote on the helpfulness of this noteVote results for this note: 5You must log in to vote on the helpfulness of this note

The 'role' should be lowercase or it won’t work.

Log in to add feedback
Skip to note 15 content

Joe Nuts 4 years ago

You must log in to vote on the helpfulness of this noteVote results for this note: 5You must log in to vote on the helpfulness of this note
My man Gregory got 10 downvotes because he used the inappropriate function to hash a password but I feel like people might have missed his point about the password needing to be hashed manually when updating a user using wp_insert_user() instead of wp_update_user().

“Hashed in wp_update_user() , plaintext if called directly.” – line 1760.

So the correct usage would be smth like:
```
$existing_user_id = wp_insert_user( array(	/** * The existing user id */ 'ID' => $existing_user_id, /** * I think you need to supply the user login though i'm not too sure, * When i tried this without passing in user_login it gave me errors idk why * User login won't change tho as usernames in wordpress are permanent */ 'user_login' => $user_login, /** * Hash the new password when updating an existing user using built in hashing function */ 'user_pass' => wp_hash_password( $new_password ), ) ) ;
```
Log in to add feedback

DVHOST_CLOUD 5 years ago

Below is an example showing how to insert a new user.

$data = array( 'user_login' => 'login_name', // the user's login username. 'user_pass' => 'login_password', // not necessary to hash password ( The plain-text user password ). 'show_admin_bar_front' => false // display the Admin Bar for the user 'true' or 'false' ); $user_id = wp_insert_user( $data ); if ( ! is_wp_error( $user_id ) ) { echo "User ID : ". $user_id; }

Skip to note 17 content

serge.k 5 years ago

You must log in to vote on the helpfulness of this noteVote results for this note: 1You must log in to vote on the helpfulness of this note
$userdata must be escaped. You will not be able to login to account created this way:
```
$userdata = array(	'user_login' => 'test',	'user_pass' => "123'456",	'user_email' => 'test@example.com', ); wp_insert_user( $userdata );
```
here is the correct code:
```
wp_insert_user( wp_slash( $userdata ) );
```
P.S. Tested on WP 5.5.3
Log in to add feedback
Skip to note 18 content

mounirawy 4 years ago

You must log in to vote on the helpfulness of this noteVote results for this note: 1You must log in to vote on the helpfulness of this note
user_login can’t be empty
When I typed
```
 $userdata = array( 'user_email' => $email, 'first_name' => $fname, 'last_name' => $lname, 'role' => 'subscriber', ); 
```
the function returned
WP_Error Object ( [errors] => Array ( [empty_user_login] => Array ( [0] => Cannot create a user with an empty login name. ) ) [error_data] => Array ( ) [additional_data:protected] => Array ( ) )
Log in to add feedback
Skip to note 19 content

Leandro Berg 8 years ago

You must log in to vote on the helpfulness of this noteVote results for this note: 0You must log in to vote on the helpfulness of this note

The documentation says the show_admin_bar_front can be a boolean but I guess that does’t works, you have to use a string type when using this functions for the first time, I mean, when the user be created.

Log in to add feedback
Skip to note 20 content

gioni 9 years ago

You must log in to vote on the helpfulness of this noteVote results for this note: -11You must log in to vote on the helpfulness of this note
If you decided to use wp_insert_user() for updating existing users, you have to encode password with md5 function. Probably this is a bug.
```
// Tested with version WP 4.5 $userdata = array(	'ID' => $user_id, // ID of existing user	'user_login' => 'login_name',	'user_pass' => md5($new_password) // no plain password here! ); $user_id = wp_insert_user( $userdata ) ;
```
- 'user_pass' => md5($new_password) // no plain password here! is wrong. password is not necessary to hash
  
  DVHOST_CLOUD 5 years ago
- As the documentation states – The password is required to be hashed when UPDATING an existing user, but not when creating a new one from scratch. To hash the password during an update, use: wp_hash_password($new_password);
  
  Chad Reitsma 2 years ago
Log in to add feedback

wp_insert_user( array|object|WP_User $userdata ): int|WP_Error

In this article