WordPress Password Match From Outside of WordPress

Here is how you can match a wordpress user from outside of wordpress. We just need to include wordpress class-phpass.php which contains functions for matching wordpress user password.

This code is sometimes very useful if you are creating API or any other script outside of wordpress.

public function test2()

        require_once('class-phpass.php' ); //class taken from wp-includes folder of wordpress

            $conn = mysqli_connect('localhost','root','','dbname');
            if (!$conn){
                        echo "Could not connect: " . mysql_error();
            // wordpress' username that his password going to compare
            $user = 'testuser@test.com';
            $user_name = htmlspecialchars($user,ENT_QUOTES);
            // plain password to compare
            $password = 'testtest';
            $hasher = new PasswordHash(8, TRUE);
            // get user_name's hashed password from wordpress database
            echo $queryx = "select * from wp_users where user_login='$user_name'";
            $Resultx = mysqli_query($conn,$queryx);

            while($row = mysqli_fetch_array($Resultx)){
                 $passnya = $row['user_pass'];
            // compare plain password with hashed password
            if ($hasher->CheckPassword( $password, $passnya )){
                echo "MATCHED";
            } else {
                echo "NO MATCHED";

That’s All. 🙂