WordPress.org

Make WordPress Core

Ticket #12159: 12159.3.diff

File 12159.3.diff, 3.1 KB (added by nacin, 8 years ago)

Allow fallback to wp_default_password()

  • wp-admin/setup-config.php

     
    1717define('WP_INSTALLING', true);
    1818
    1919/**
     20 * We are blissfully unaware of anything.
     21 */
     22define('WP_SETUP_CONFIG', true);
     23
     24/**
    2025 * Disable error reporting
    2126 *
    2227 * Set this to error_reporting( E_ALL ) or error_reporting( E_ALL | E_STRICT ) for debugging
     
    179184        }
    180185        /**#@-*/
    181186
    182         $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/?salt=1' );
    183         if ( is_wp_error( $secret_keys ) )
    184                 $secret_keys = false;
    185         else
     187        $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' );
     188        if ( is_wp_error( $secret_keys ) ) {
     189                $secret_keys = array();
     190                require_once( ABSPATH . WPINC . '/pluggable.php' );
     191                for ( $i = 0; $i < 8; $i++ )
     192                        $secret_keys[] = wp_generate_password( 64 );
     193        } else {
    186194                $secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
     195                foreach ( $secret_keys as $k => $v )
     196                        $secret_keys[$k] = substr( $v, 28, 64 );
     197        }
    187198        $key = 0;
    188199
    189200        foreach ($configFile as $line_num => $line) {
     
    211222                        case "define('SECURE_A":
    212223                        case "define('LOGGED_I":
    213224                        case "define('NONCE_SA":
    214                                 if ( $secret_keys )
    215                                         $configFile[$line_num] = str_replace('put your unique phrase here', substr( $secret_keys[$key++], 28, 64 ), $line );
     225                                $configFile[$line_num] = str_replace('put your unique phrase here', $secret_keys[$key++], $line );
    216226                                break;
    217227                }
    218228        }
  • wp-config-sample.php

     
    3737 * Authentication Unique Keys and Salts.
    3838 *
    3939 * Change these to different unique phrases!
    40  * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/?salt=1 WordPress.org secret-key service}
     40 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
    4141 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
    4242 *
    4343 * @since 2.6.0
  • wp-includes/pluggable.php

     
    14951495        // Reset $rnd_value after 14 uses
    14961496        // 32(md5) + 40(sha1) + 40(sha1) / 8 = 14 random numbers from $rnd_value
    14971497        if ( strlen($rnd_value) < 8 ) {
    1498                 $seed = get_transient('random_seed');
     1498                if ( defined( 'WP_SETUP_CONFIG' ) )
     1499                        static $seed;
     1500                else
     1501                        $seed = get_transient('random_seed');
    14991502                $rnd_value = md5( uniqid(microtime() . mt_rand(), true ) . $seed );
    15001503                $rnd_value .= sha1($rnd_value);
    15011504                $rnd_value .= sha1($rnd_value . $seed);
    15021505                $seed = md5($seed . $rnd_value);
    1503                 set_transient('random_seed', $seed);
     1506                if ( ! defined( 'WP_SETUP_CONFIG' ) )
     1507                        set_transient('random_seed', $seed);
    15041508        }
    15051509
    15061510        // Take the first 8 digits for our value