Advertisements

wp_salt

Definition:
function wp_salt($scheme = 'auth') {}

Get salt to add to hashes to help prevent attacks.
The secret key is located in two places: the database in case the secret key isn’t defined in the second place, which is in the wp-config.php file. If you are going to set the secret key, then you must do so in the wp-config.php file.

Parameters

  • string $scheme: Authentication scheme

Return values

returns:Salt value

Defined filters

  • salt
    apply_filters('salt', $secret_key . $salt, $scheme)

Source code

function wp_salt($scheme = 'auth') {

	global $wp_default_secret_key;

	$secret_key = '';

	if ( defined('SECRET_KEY') && ('' != SECRET_KEY) && ( $wp_default_secret_key != SECRET_KEY) )

		$secret_key = SECRET_KEY;



	if ( 'auth' == $scheme ) {

		if ( defined('AUTH_KEY') && ('' != AUTH_KEY) && ( $wp_default_secret_key != AUTH_KEY) )

			$secret_key = AUTH_KEY;



		if ( defined('AUTH_SALT') && ('' != AUTH_SALT) && ( $wp_default_secret_key != AUTH_SALT) ) {

			$salt = AUTH_SALT;

		} elseif ( defined('SECRET_SALT') && ('' != SECRET_SALT) && ( $wp_default_secret_key != SECRET_SALT) ) {

			$salt = SECRET_SALT;

		} else {

			$salt = get_site_option('auth_salt');

			if ( empty($salt) ) {

				$salt = wp_generate_password( 64, true, true );

				update_site_option('auth_salt', $salt);

			}

		}

	} elseif ( 'secure_auth' == $scheme ) {

		if ( defined('SECURE_AUTH_KEY') && ('' != SECURE_AUTH_KEY) && ( $wp_default_secret_key != SECURE_AUTH_KEY) )

			$secret_key = SECURE_AUTH_KEY;



		if ( defined('SECURE_AUTH_SALT') && ('' != SECURE_AUTH_SALT) && ( $wp_default_secret_key != SECURE_AUTH_SALT) ) {

			$salt = SECURE_AUTH_SALT;

		} else {

			$salt = get_site_option('secure_auth_salt');

			if ( empty($salt) ) {

				$salt = wp_generate_password( 64, true, true );

				update_site_option('secure_auth_salt', $salt);

			}

		}

	} elseif ( 'logged_in' == $scheme ) {

		if ( defined('LOGGED_IN_KEY') && ('' != LOGGED_IN_KEY) && ( $wp_default_secret_key != LOGGED_IN_KEY) )

			$secret_key = LOGGED_IN_KEY;



		if ( defined('LOGGED_IN_SALT') && ('' != LOGGED_IN_SALT) && ( $wp_default_secret_key != LOGGED_IN_SALT) ) {

			$salt = LOGGED_IN_SALT;

		} else {

			$salt = get_site_option('logged_in_salt');

			if ( empty($salt) ) {

				$salt = wp_generate_password( 64, true, true );

				update_site_option('logged_in_salt', $salt);

			}

		}

	} elseif ( 'nonce' == $scheme ) {

		if ( defined('NONCE_KEY') && ('' != NONCE_KEY) && ( $wp_default_secret_key != NONCE_KEY) )

			$secret_key = NONCE_KEY;



		if ( defined('NONCE_SALT') && ('' != NONCE_SALT) && ( $wp_default_secret_key != NONCE_SALT) ) {

			$salt = NONCE_SALT;

		} else {

			$salt = get_site_option('nonce_salt');

			if ( empty($salt) ) {

				$salt = wp_generate_password( 64, true, true );

				update_site_option('nonce_salt', $salt);

			}

		}

	} else {

		// ensure each auth scheme has its own unique salt

		$salt = hash_hmac('md5', $scheme, $secret_key);

	}



	return apply_filters('salt', $secret_key . $salt, $scheme);

}

4073

Advertisements

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: