WordPress.org

Make WordPress Core

Ticket #14803: 14803.2.diff

File 14803.2.diff, 2.0 KB (added by duck_, 4 years ago)

merged messages

  • wp-admin/includes/ms.php

     
    571571 
    572572/* Warn the admin if SECRET SALT information is missing from wp-config.php */ 
    573573function secret_salt_warning() { 
    574         if ( !is_super_admin() ) 
     574        global $wp_default_secret_key; 
     575 
     576        if ( ! is_super_admin() ) 
    575577                return; 
     578 
    576579        $secret_keys = array( 'AUTH_KEY', 'SECURE_AUTH_KEY', 'LOGGED_IN_KEY', 'NONCE_KEY', 'AUTH_SALT', 'SECURE_AUTH_SALT', 'LOGGED_IN_SALT', 'NONCE_SALT' ); 
    577580        $out = ''; 
     581        $bad_keys = array(); 
    578582        foreach( $secret_keys as $key ) { 
    579                 if ( ! defined( $key ) ) 
     583                if ( ! defined( $key ) || $wp_default_secret_key == constant( $key ) || '' == constant( $key ) ) { 
     584                        $bad_keys[] = $key; 
    580585                        $out .= "define( '$key', '" . esc_html( wp_generate_password( 64, true, true ) ) . "' );<br />"; 
     586                } 
    581587        } 
     588 
    582589        if ( $out != '' ) { 
    583                 $msg  = __( 'Warning! WordPress encrypts user cookies, but you must add the following lines to <strong>wp-config.php</strong> for it to be more secure.' ); 
    584                 $msg .= '<br/>' . __( "Before the line <code>/* That's all, stop editing! Happy blogging. */</code> please add this code:" ); 
    585                 $msg .= "<br/><br/><code>$out</code>"; 
    586  
     590                $msg = __( 'Warning! WordPress encrypts user cookies, but to take advantage of that security you must supply custom authentication keys and salts.' ) . '<br />'; 
     591                $msg .= sprintf( __( 'The following authentication keys/salts are not defined, are blank or are using the default string: %s' ), implode( ', ', $bad_keys ) ) . '<br />'; 
     592                $msg .= sprintf( __( 'To fix this you must add them to your <a href="%s">wp-config.php file</a>. You can generate these using the <a href="%s">WordPress.org secret-key service</a> or use the following:' ), 'http://codex.wordpress.org/Editing_wp-config.php#Security_Keys', 'https://api.wordpress.org/secret-key/1.1/salt/' ); 
     593                $msg .= "<br /><code>$out</code>"; 
    587594                echo "<div class='update-nag'>$msg</div>"; 
    588595        } 
    589596}