Make WordPress Core

Changeset 6471


Ignore:
Timestamp:
12/23/2007 12:58:06 AM (17 years ago)
Author:
ryan
Message:

Don't fallback to DB info for secret key. Allow expiration grace period for AJAX requests. see #5367

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-config-sample.php

    r6387 r6471  
    77define('DB_CHARSET', 'utf8');
    88define('DB_COLLATE', '');
     9
     10// Change SECRET_KEY to a unique phrase.  You won't have to remember it later,
     11// so make it long and complicated.  You can visit https://www.grc.com/passwords.htm
     12// to get a phrase generated for you.
    913define('SECRET_KEY', ''); // Change this to a unique phrase.
    1014
  • trunk/wp-includes/pluggable.php

    r6430 r6471  
    337337    $expired = $expiration;
    338338
    339     // Allow a grace period for POST requests
    340     if ( 'POST' == $_SERVER['REQUEST_METHOD'] )
     339    // Allow a grace period for POST and AJAX requests
     340    if ( defined('DOING_AJAX') || 'POST' == $_SERVER['REQUEST_METHOD'] )
    341341        $expired += 3600;
    342342
     
    700700if ( !function_exists('wp_salt') ) :
    701701function wp_salt() {
     702
     703    if ( defined('SECRET_KEY') && '' != SECRET_KEY )
     704        return SECRET_KEY;
     705
    702706    $salt = get_option('secret');
    703707    if ( empty($salt) ) {
     
    706710    }
    707711
    708     if ( !defined('SECRET_KEY') || '' == SECRET_KEY )
    709         $secret_key = DB_PASSWORD . DB_USER . DB_NAME . DB_HOST . ABSPATH;
    710     else
    711         $secret_key = SECRET_KEY;
    712        
    713     return $salt . $secret_key;
     712    return $salt;
    714713}
    715714endif;
Note: See TracChangeset for help on using the changeset viewer.