mirror of
git://develop.git.wordpress.org/
synced 2025-02-27 18:13:00 +01:00
Use an expanded special character set when generating auth keys and salts via wp_generate_password(). Props sivel, see #12159
git-svn-id: https://develop.svn.wordpress.org/trunk@13137 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin
parent
fb08796f48
commit
d1e195db99
@ -265,7 +265,7 @@ function populate_options() {
|
||||
'upload_path' => '',
|
||||
|
||||
// 2.0.3
|
||||
'secret' => wp_generate_password(64),
|
||||
'secret' => wp_generate_password( 64, true, true ),
|
||||
|
||||
// 2.1
|
||||
'blog_public' => '1',
|
||||
|
||||
@ -189,7 +189,7 @@ switch($step) {
|
||||
$secret_keys = array();
|
||||
require_once( ABSPATH . WPINC . '/pluggable.php' );
|
||||
for ( $i = 0; $i < 8; $i++ )
|
||||
$secret_keys[] = wp_generate_password( 64 );
|
||||
$secret_keys[] = wp_generate_password( 64, true, true );
|
||||
} else {
|
||||
$secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
|
||||
foreach ( $secret_keys as $k => $v )
|
||||
|
||||
@ -1308,7 +1308,7 @@ function wp_salt($scheme = 'auth') {
|
||||
} else {
|
||||
$salt = get_option('auth_salt');
|
||||
if ( empty($salt) ) {
|
||||
$salt = wp_generate_password(64);
|
||||
$salt = wp_generate_password( 64, true, true );
|
||||
update_option('auth_salt', $salt);
|
||||
}
|
||||
}
|
||||
@ -1321,7 +1321,7 @@ function wp_salt($scheme = 'auth') {
|
||||
} else {
|
||||
$salt = get_option('secure_auth_salt');
|
||||
if ( empty($salt) ) {
|
||||
$salt = wp_generate_password(64);
|
||||
$salt = wp_generate_password( 64, true, true );
|
||||
update_option('secure_auth_salt', $salt);
|
||||
}
|
||||
}
|
||||
@ -1334,7 +1334,7 @@ function wp_salt($scheme = 'auth') {
|
||||
} else {
|
||||
$salt = get_option('logged_in_salt');
|
||||
if ( empty($salt) ) {
|
||||
$salt = wp_generate_password(64);
|
||||
$salt = wp_generate_password( 64, true, true );
|
||||
update_option('logged_in_salt', $salt);
|
||||
}
|
||||
}
|
||||
@ -1347,7 +1347,7 @@ function wp_salt($scheme = 'auth') {
|
||||
} else {
|
||||
$salt = get_option('nonce_salt');
|
||||
if ( empty($salt) ) {
|
||||
$salt = wp_generate_password(64);
|
||||
$salt = wp_generate_password( 64, true, true );
|
||||
update_option('nonce_salt', $salt);
|
||||
}
|
||||
}
|
||||
@ -1461,13 +1461,18 @@ if ( !function_exists('wp_generate_password') ) :
|
||||
* @since 2.5
|
||||
*
|
||||
* @param int $length The length of password to generate
|
||||
* @param bool $special_chars Whether to include standard special characters
|
||||
* @param bool $special_chars Whether to include standard special characters. Default true.
|
||||
* @param bool $extra_special_chars Whether to include more special characters. Used
|
||||
* when generating secret keys and salts. Default false.
|
||||
* @return string The random password
|
||||
**/
|
||||
function wp_generate_password($length = 12, $special_chars = true) {
|
||||
function wp_generate_password( $length = 12, $special_chars = true, $extra_special_chars = false ) {
|
||||
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
||||
if ( $special_chars )
|
||||
if ( $special_chars ) {
|
||||
$chars .= '!@#$%^&*()';
|
||||
if ( $extra_special_chars )
|
||||
$chars .= '-_ []{}<>~`+=,.;:/?|';
|
||||
}
|
||||
|
||||
$password = '';
|
||||
for ( $i = 0; $i < $length; $i++ ) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user