wp_salt()

2020-08-12 09:05:16 wordpress函数 阅读:640

wp_salt( string $scheme = 'auth' )

返回要添加到哈希中的salt。
Returns a salt to add to hashes.

目录锚点:#说明#参数#源码

说明(Description)

盐是使用密钥创建的。密钥位于两个位置:数据库和wp中-配置.php文件。数据库中的密钥是随机生成的,并将附加到wp中的密钥中-配置.php. wp中的密钥-配置.php应更新为强、随机密钥,以最大限度地提高安全性。下面是如何定义密钥常量的示例。不要将此示例直接粘贴到wp中-配置.php. 相反,为您创建一个密钥。define('AUTH_KEY','XakmM%G4Yt>f`z]MON');define('SECURE_AUTH_KEY','LzJ}op]mr | 6+![P}Ak:uNdJCJZd>(Hx.-Mh#Tz)pCIU#uGEnfFz | f;;eU%/U^O~');define('LOGGED_IN_KEY','| i | Ux`9z7X>QYR0Z_XnZ@|';define('AUTH_SALT','eZyT)-Naw]F8CwA*VaW |)g@o公司}||wf~@C-YSt}(dh_6ebi#A,y | nU2{B#JBW');define('SECURE_AUTH_SALT','!=oLUTXh,QW=H`}`L|9/^4-3 STz},T(w}w*c(u`g~EJBf#8u#R{mUEZrozmm');define('NONCE_SALT','h`gxhd>SLWVfg1(1(n{;.V!教育部(SfbA U ksP@&`+Aychccav$+?@3q+rxV{%^VyKT');对存储了常用字典字符串哈希值的工具,salt密码有助于防止这些工具。这些附加值使其更难破解。

参数(Parameters)

参数类型说明
$scheme (string) 身份验证方案(身份验证、安全验证、已登录、当前)

源码(Source)

/**
 * Get salt to add to hashes.
 *
 * Salts are created using secret keys. Secret keys are located in two places:
 * in the database and in the wp-config.php file. The secret key in the database
 * is randomly generated and will be appended to the secret keys in wp-config.php.
 *
 * The secret keys in wp-config.php should be updated to strong, random keys to maximize
 * security. Below is an example of how the secret key constants are defined.
 * Do not paste this example directly into wp-config.php. Instead, have a
 * {@link https://api.wordpress.org/secret-key/1.1/salt/ secret key created} just
 * for you.
 *
 *     define('AUTH_KEY',         ' Xakm<>M%G4Yt>f`z]MON');
 *     define('SECURE_AUTH_KEY',  'LzJ}op]mr|6+![P}Ak:uNdJCJZd>(Hx.-Mh#Tz)pCIU#uGEnfFz|f ;;eU%/U^O~');
 *     define('LOGGED_IN_KEY',    '|i|Ux`9z7X>QYR0Z_XnZ@|');
 *     define('AUTH_SALT',        'eZyT)-Naw]F8CwA*VaW#q*|.)g@o}||wf~@C-YSt}(dh_r6EbI#A,y|nU2{B#JBW');
 *     define('SECURE_AUTH_SALT', '!=oLUTXh,QW=H `}`L|9/^4-3 STz},T(w}W<><+=ukr:>*c(u`g~EJBf#8u#R{mUEZrozmm');
 *     define('NONCE_SALT',       'h`GXHhD>SLWVfg1(1(N{;.V!MoE(SfbA_ksP@&`+AycHcAV$+?@3q+rxV{%^VyKT');
 *
 * Salting passwords helps against tools which has stored hashed values of
 * common dictionary strings. The added values makes it harder to crack.
 *
 * @since 2.5.0
 *
 * @link https://api.wordpress.org/secret-key/1.1/salt/ Create secrets for wp-config.php
 *
 * @staticvar array $cached_salts
 * @staticvar array $duplicated_keys
 *
 * @param string $scheme Authentication scheme (auth, secure_auth, logged_in, nonce)
 * @return string Salt value
 */
function wp_salt( $scheme = 'auth' ) {
	static $cached_salts = array();
	if ( isset( $cached_salts[ $scheme ] ) ) {
		/**
		 * Filter the WordPress salt.
		 *
		 * @since 2.5.0
		 *
		 * @param string $cached_salt Cached salt for the given scheme.
		 * @param string $scheme      Authentication scheme. Values include 'auth',
		 *                            'secure_auth', 'logged_in', and 'nonce'.
		 */
		return apply_filters( 'salt', $cached_salts[ $scheme ], $scheme );
	}

	static $duplicated_keys;
	if ( null === $duplicated_keys ) {
		$duplicated_keys = array( 'put your unique phrase here' => true );
		foreach ( array( 'AUTH', 'SECURE_AUTH', 'LOGGED_IN', 'NONCE', 'SECRET' ) as $first ) {
			foreach ( array( 'KEY', 'SALT' ) as $second ) {
				if ( ! defined( "{$first}_{$second}" ) ) {
					continue;
				}
				$value = constant( "{$first}_{$second}" );
				$duplicated_keys[ $value ] = isset( $duplicated_keys[ $value ] );
			}
		}
	}

	$values = array(
		'key' => '',
		'salt' => ''
	);
	if ( defined( 'SECRET_KEY' ) && SECRET_KEY && empty( $duplicated_keys[ SECRET_KEY ] ) ) {
		$values['key'] = SECRET_KEY;
	}
	if ( 'auth' == $scheme && defined( 'SECRET_SALT' ) && SECRET_SALT && empty( $duplicated_keys[ SECRET_SALT ] ) ) {
		$values['salt'] = SECRET_SALT;
	}

	if ( in_array( $scheme, array( 'auth', 'secure_auth', 'logged_in', 'nonce' ) ) ) {
		foreach ( array( 'key', 'salt' ) as $type ) {
			$const = strtoupper( "{$scheme}_{$type}" );
			if ( defined( $const ) && constant( $const ) && empty( $duplicated_keys[ constant( $const ) ] ) ) {
				$values[ $type ] = constant( $const );
			} elseif ( ! $values[ $type ] ) {
				$values[ $type ] = get_site_option( "{$scheme}_{$type}" );
				if ( ! $values[ $type ] ) {
					$values[ $type ] = wp_generate_password( 64, true, true );
					update_site_option( "{$scheme}_{$type}", $values[ $type ] );
				}
			}
		}
	} else {
		if ( ! $values['key'] ) {
			$values['key'] = get_site_option( 'secret_key' );
			if ( ! $values['key'] ) {
				$values['key'] = wp_generate_password( 64, true, true );
				update_site_option( 'secret_key', $values['key'] );
			}
		}
		$values['salt'] = hash_hmac( 'md5', $scheme, $values['key'] );
	}

	$cached_salts[ $scheme ] = $values['key'] . $values['salt'];

	/** This filter is documented in wp-includes/pluggable.php */
	return apply_filters( 'salt', $cached_salts[ $scheme ], $scheme );
}
endif;

if ( !function_exists('wp_hash') ) :
更新版本 源码位置 使用 被使用
2.5.0 wp-includes/pluggable.php 3 1

absint()

absint( mixed $maybeint )将值转换为非负整数,也就是取绝对值。Convert a value to non-negative integer.目录锚点:#参数#返回#源码#笔记参数(Parameters)参数类型必填说明$maybeint(mixed)必需要转换为非负整数的数据。返回(Return)(int)非负整数。源码(Source)function absint( $maybeint ) { return abs( intval( $maybeint ) );}/** *...

日期:2020-06-23 10:35:32 浏览:1279

activate_plugin()

activate_plugin( string $plugin, string $redirect = '', bool $network_wide = false, bool $silent = false )尝试激活插件,并在成功时重定向。Attempts activation of plugin in a “sandbox” and redirects on success.目录锚点:#说明#参数#返回#源码#笔记说明(Description)已激活的插件将不会再次尝试激活。其工作方式是在尝试包含插件...

日期:2020-06-23 10:39:26 浏览:1021

activate_plugins()

activate_plugins( string|string[]&nbsp;$plugins, string&nbsp;$redirect&nbsp;=&nbsp;'', bool&nbsp;$network_wide&nbsp;=&nbsp;false, bool&nbsp;$silent&nbsp;=&nbsp;false&nbsp;)激活多个插件。Activate multiple plugins.目录锚点:#说明#参数#返回#源码说明(Description)当WP_Error返回时,并不意...

日期:2020-09-08 17:28:27 浏览:1077

activate_sitewide_plugin()

activate_sitewide_plugin()不推荐用于激活仅网络插件的功能。Deprecated functionality for activating a network-only plugin.目录锚点:#说明#返回#源码说明(Description)另见激活插件()返回(Return)无返回值源码(Source)更新版本源码位置使用被使用3.0.0 wp-admin/includes/ms-deprecated.php:5701 function...

日期:2020-09-08 17:28:28 浏览:1871

addslashes_gpc()

addslashes_gpc( string&nbsp;$gpc&nbsp;)添加斜线以转义字符串。Adds slashes to escape strings.目录锚点:#说明#参数#返回#源码说明(Description)如果设置了magic_quotes_gpc,将首先删除斜线,请参见https://www.php.net/magic_quotes更多细节。参数(Parameters)参数类型必填说明 $gpc (string) ...

日期:2020-09-21 12:46:52 浏览:916

addslashes_strings_only()

addslashes_strings_only( mixed&nbsp;$value&nbsp;)仅当提供的值是字符串时才添加斜杠。Adds slashes only if the provided value is a string.目录锚点:#参数#返回#源码参数(Parameters)参数类型必填说明 $value (mixed) 必需 返回(Return)(mixe...

日期:2020-09-24 15:58:41 浏览:1305

add_action()

add_action( string&nbsp;$tag, callable&nbsp;$function_to_add, int&nbsp;$priority&nbsp;=&nbsp;10, int&nbsp;$accepted_args&nbsp;=&nbsp;1&nbsp;)将函数挂接到特定操作上。Hooks a function on to a specific action.目录锚点:#说明#参数#返回#源码#笔记说明(Description)Actions是WordPress核心在执行期间...

日期:2020-09-08 17:28:28 浏览:1169

add_blog_option()

add_blog_option( int&nbsp;$id, string&nbsp;$option, mixed&nbsp;$value&nbsp;)为给定的博客id添加新选项。Add a new option for a given blog id.目录锚点:#说明#参数#返回#源码#笔记说明(Description)不需要序列化值。如果需要序列化该值,则在将其插入数据库之前将对其进行序列化。请记住,资源不能序列化或作为选项添加。可以创建不带值的选项,然后稍后更新这些值。现有选项将不会更新,并执行检...

日期:2020-08-26 10:53:23 浏览:982

add_clean_index()

add_clean_index( string&nbsp;$table, string&nbsp;$index&nbsp;)向指定表添加索引。Adds an index to a specified table.目录锚点:#参数#返回#源码#笔记参数(Parameters)参数类型必填说明 $table (string) 必需 数据库表名。 ...

日期:2020-09-08 17:28:29 浏览:977

add_comments_page()

add_comments_page( string&nbsp;$page_title, string&nbsp;$menu_title, string&nbsp;$capability, string&nbsp;$menu_slug, callable&nbsp;$function&nbsp;=&nbsp;'', int&nbsp;$position&nbsp;=&nbsp;null&nbsp;)将子菜单页添加到“注释”主菜单。Add submenu page to the Comments ma...

日期:2020-08-24 11:14:39 浏览:1038