Alert: This function’s access is marked private. This means it is not intended for use by plugin or theme developers, only in other core functions. It is listed here for completeness.

WP_Recovery_Mode_Cookie_Service::recovery_mode_hash() WordPress Method

The WP_Recovery_Mode_Cookie_Service::recovery_mode_hash() method is used to generate a hash of the user ID and a secret string. This hash is used to validate the user when they enter recovery mode.

WP_Recovery_Mode_Cookie_Service::recovery_mode_hash( string $data ) #

Gets a form of wp_hash() specific to Recovery Mode.

Contents

Description

We cannot use wp_hash() because it is defined in pluggable.php which is not loaded until after plugins are loaded, which is too late to verify the recovery mode cookie.

This tries to use the AUTH salts first, but if they aren’t valid specific salts will be generated and stored.

Top ↑

Parameters

$data

(string)(Required)Data to hash.

Top ↑

Return

(string|false) The hashed $data, or false on failure.

Top ↑

Source

File: wp-includes/class-wp-recovery-mode-cookie-service.php

	private function recovery_mode_hash( $data ) {
		if ( ! defined( 'AUTH_KEY' ) || AUTH_KEY === 'put your unique phrase here' ) {
			$auth_key = get_site_option( 'recovery_mode_auth_key' );

			if ( ! $auth_key ) {
				if ( ! function_exists( 'wp_generate_password' ) ) {
					require_once ABSPATH . WPINC . '/pluggable.php';
				}

				$auth_key = wp_generate_password( 64, true, true );
				update_site_option( 'recovery_mode_auth_key', $auth_key );
			}
		} else {
			$auth_key = AUTH_KEY;
		}

		if ( ! defined( 'AUTH_SALT' ) || AUTH_SALT === 'put your unique phrase here' || AUTH_SALT === $auth_key ) {
			$auth_salt = get_site_option( 'recovery_mode_auth_salt' );

			if ( ! $auth_salt ) {
				if ( ! function_exists( 'wp_generate_password' ) ) {
					require_once ABSPATH . WPINC . '/pluggable.php';
				}

				$auth_salt = wp_generate_password( 64, true, true );
				update_site_option( 'recovery_mode_auth_salt', $auth_salt );
			}
		} else {
			$auth_salt = AUTH_SALT;
		}

		$secret = $auth_key . $auth_salt;

		return hash_hmac( 'sha1', $data, $secret );
	}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Uses

Uses
UsesDescription
wp-includes/pluggable.php:wp_generate_password()

Generates a random password drawn from the defined set of characters.

wp-includes/option.php:update_site_option()

Updates the value of an option that was already added for the current network.

wp-includes/option.php:get_site_option()

Retrieve an option value for the current network based on name of option.

Top ↑

Changelog

Changelog
VersionDescription
5.2.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.