#28783 closed enhancement (fixed)
Notice on "get_instance_hash_key()"
Reported by: | juliobox | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | 4.0 | Priority: | normal |
Severity: | normal | Version: | 3.9 |
Component: | Widgets | Keywords: | has-patch commit |
Focuses: | Cc: |
Description
Hello
In get_instance_hash_key() in https://core.trac.wordpress.org/browser/tags/3.9/src/wp-includes/class-wp-customize-widgets.php#L1140 tries to read a constant, hardcoded.
$hash = md5( AUTH_KEY . serialize( $instance ) );
I propose to do it in a good way, as usual in fact:
$hash = md5( wp_salt( 'auth' ) . serialize( $instance ) );
Thank you
Attachments (2)
Change History (7)
#1
@
10 years ago
- Keywords has-patch added
Good catch. For that matter, should we not just go ahead and use wp_hash
as well?
- $hash = md5( AUTH_KEY . serialize( $instance ) ); + $hash = wp_hash( serialize( $instance ) );
This ticket was mentioned in IRC in #wordpress-dev by helen. View the logs.
10 years ago
Note: See
TracTickets for help on using
tickets.
Modified get_instance_hash_key()