Make WordPress Core


Ignore:
Timestamp:
02/14/2010 02:47:45 AM (15 years ago)
Author:
nacin
Message:

Fall back to wp_generate_password() in setup-config.php if HTTPS request for secret keys fails. Also use pretty link to secret-key API, see #12159

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/setup-config.php

    r13042 r13133  
    1616 */
    1717define('WP_INSTALLING', true);
     18
     19/**
     20 * We are blissfully unaware of anything.
     21 */
     22define('WP_SETUP_CONFIG', true);
    1823
    1924/**
     
    180185    /**#@-*/
    181186
    182     $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/?salt=1' );
    183     if ( is_wp_error( $secret_keys ) )
    184         $secret_keys = false;
    185     else
     187    $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/salt/' );
     188    if ( is_wp_error( $secret_keys ) ) {
     189        $secret_keys = array();
     190        require_once( ABSPATH . WPINC . '/pluggable.php' );
     191        for ( $i = 0; $i < 8; $i++ )
     192            $secret_keys[] = wp_generate_password( 64 );
     193    } else {
    186194        $secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
     195        foreach ( $secret_keys as $k => $v )
     196            $secret_keys[$k] = substr( $v, 28, 64 );
     197    }
    187198    $key = 0;
    188199
     
    212223            case "define('LOGGED_I":
    213224            case "define('NONCE_SA":
    214                 if ( $secret_keys )
    215                     $configFile[$line_num] = str_replace('put your unique phrase here', substr( $secret_keys[$key++], 28, 64 ), $line );
     225                $configFile[$line_num] = str_replace('put your unique phrase here', $secret_keys[$key++], $line );
    216226                break;
    217227        }
Note: See TracChangeset for help on using the changeset viewer.