+ return hash_hmac('md5', $data, $salt);
+}
+endif;
+
+if ( !function_exists('wp_hash_password') ) :
+/**
+ * wp_hash_password() - Create a hash (encrypt) of a plain text password
+ *
+ * For integration with other applications, this function can be
+ * overwritten to instead use the other package password checking
+ * algorithm.
+ *
+ * @since 2.5
+ * @global object $wp_hasher PHPass object
+ * @uses PasswordHash::HashPassword
+ *
+ * @param string $password Plain text user password to hash
+ * @return string The hash string of the password
+ */
+function wp_hash_password($password) {
+ global $wp_hasher;
+
+ if ( empty($wp_hasher) ) {
+ require_once( ABSPATH . 'wp-includes/class-phpass.php');
+ // By default, use the portable hash from phpass
+ $wp_hasher = new PasswordHash(8, TRUE);
+ }
+
+ return $wp_hasher->HashPassword($password);
+}
+endif;
+
+if ( !function_exists('wp_check_password') ) :
+/**
+ * wp_check_password() - Checks the plaintext password against the encrypted Password
+ *
+ * Maintains compatibility between old version and the new cookie
+ * authentication protocol using PHPass library. The $hash parameter
+ * is the encrypted password and the function compares the plain text
+ * password when encypted similarly against the already encrypted
+ * password to see if they match.
+ *
+ * For integration with other applications, this function can be
+ * overwritten to instead use the other package password checking
+ * algorithm.
+ *
+ * @since 2.5
+ * @global object $wp_hasher PHPass object used for checking the password
+ * against the $hash + $password
+ * @uses PasswordHash::CheckPassword
+ *
+ * @param string $password Plaintext user's password
+ * @param string $hash Hash of the user's password to check against.
+ * @return bool False, if the $password does not match the hashed password
+ */
+function wp_check_password($password, $hash, $user_id = '') {
+ global $wp_hasher;
+
+ // If the hash is still md5...
+ if ( strlen($hash) <= 32 ) {
+ $check = ( $hash == md5($password) );
+ if ( $check && $user_id ) {
+ // Rehash using new hash.
+ wp_set_password($password, $user_id);
+ $hash = wp_hash_password($password);
+ }
+
+ return apply_filters('check_password', $check, $password, $hash, $user_id);
+ }
+
+ // If the stored hash is longer than an MD5, presume the
+ // new style phpass portable hash.
+ if ( empty($wp_hasher) ) {
+ require_once( ABSPATH . 'wp-includes/class-phpass.php');
+ // By default, use the portable hash from phpass
+ $wp_hasher = new PasswordHash(8, TRUE);
+ }
+
+ $check = $wp_hasher->CheckPassword($password, $hash);
+
+ return apply_filters('check_password', $check, $password, $hash, $user_id);
+}
+endif;
+
+if ( !function_exists('wp_generate_password') ) :
+/**
+ * wp_generate_password() - Generates a random password drawn from the defined set of characters
+ *
+ * @since 2.5
+ *
+ * @return string The random password
+ **/
+function wp_generate_password($length = 12) {
+ $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()";
+ $password = '';
+ for ( $i = 0; $i < $length; $i++ )
+ $password .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
+ return $password;
+}
+endif;
+
+if ( !function_exists('wp_set_password') ) :
+/**
+ * wp_set_password() - Updates the user's password with a new encrypted one
+ *
+ * For integration with other applications, this function can be
+ * overwritten to instead use the other package password checking
+ * algorithm.
+ *
+ * @since 2.5
+ * @uses $wpdb WordPress database object for queries
+ * @uses wp_hash_password() Used to encrypt the user's password before passing to the database
+ *
+ * @param string $password The plaintext new user password
+ * @param int $user_id User ID
+ */
+function wp_set_password( $password, $user_id ) {
+ global $wpdb;
+
+ $hash = wp_hash_password($password);
+ $query = $wpdb->prepare("UPDATE $wpdb->users SET user_pass = %s, user_activation_key = '' WHERE ID = %d", $hash, $user_id);
+ $wpdb->query($query);
+ wp_cache_delete($user_id, 'users');
+}
+endif;
+
+if ( !function_exists( 'get_avatar' ) ) :
+/**
+ * get_avatar() - Get avatar for a user
+ *
+ * Retrieve the avatar for a user provided a user ID or email address
+ *
+ * @since 2.5
+ * @param int|string|object $id_or_email A user ID, email address, or comment object
+ * @param int $size Size of the avatar image
+ * @param string $default URL to a default image to use if no avatar is available
+ * @return string <img> tag for the user's avatar
+*/
+function get_avatar( $id_or_email, $size = '96', $default = '' ) {
+ if ( ! get_option('show_avatars') )
+ return false;
+
+ if ( !is_numeric($size) )
+ $size = '96';
+
+ $email = '';
+ if ( is_numeric($id_or_email) ) {
+ $id = (int) $id_or_email;
+ $user = get_userdata($id);
+ if ( $user )
+ $email = $user->user_email;
+ } elseif ( is_object($id_or_email) ) {
+ if ( !empty($id_or_email->user_id) ) {
+ $id = (int) $id_or_email->user_id;
+ $user = get_userdata($id);
+ if ( $user)
+ $email = $user->user_email;
+ } elseif ( !empty($id_or_email->comment_author_email) ) {
+ $email = $id_or_email->comment_author_email;
+ }
+ } else {
+ $email = $id_or_email;
+ }
+
+ if ( empty($default) )
+ $default = "http://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=$size"; // ad516503a11cd5ca435acc9bb6523536 == md5('unknown@gravatar.com')
+
+ if ( !empty($email) ) {
+ $out = 'http://www.gravatar.com/avatar/';
+ $out .= md5( strtolower( $email ) );
+ $out .= '?s='.$size;
+ $out .= '&d=' . urlencode( $default );
+
+ $rating = get_option('avatar_rating');
+ if ( !empty( $rating ) )
+ $out .= "&r={$rating}";
+
+ $avatar = "<img alt='' src='{$out}' class='avatar avatar-{$size}' height='{$size}' width='{$size}' />";