PHP wp_hash函数代码示例

 /**
  * Verify that correct nonce was used with time limit.
  *
  * The user is given an amount of time to use the token, so therefore, since the
  * UID and $action remain the same, the independent variable is the time.
  *
  * @since 2.0.3
  *
  * @param string $nonce Nonce that was used in the form to verify
  * @param string|int $action Should give context to what is taking place and be the same when nonce was created.
  *
  * @return false|int False if the nonce is invalid, 1 if the nonce is valid and generated between
  *                   0-12 hours ago, 2 if the nonce is valid and generated between 12-24 hours ago.
  */
 function wp_verify_nonce($nonce, $action = -1)
 {
     $nonce = (string) $nonce;
     $user = wp_get_current_user();
     $uid = (int) $user->ID;
     if (!$uid) {
         /**
          * Filter whether the user who generated the nonce is logged out.
          *
          * @since 3.5.0
          *
          * @param int $uid ID of the nonce-owning user.
          * @param string $action The nonce action.
          */
         $uid = apply_filters('nonce_user_logged_out', $uid, $action);
     }
     if (empty($nonce)) {
         die('<mainwp>' . base64_encode(json_encode(array('error' => 'You dont send nonce: ' . $action))) . '</mainwp>');
     }
     $token = wp_get_session_token();
     $i = wp_nonce_tick();
     // Nonce generated 0-12 hours ago
     $expected = substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
     if (hash_equals($expected, $nonce)) {
         return 1;
     }
     // Nonce generated 12-24 hours ago
     $expected = substr(wp_hash($i - 1 . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
     if (hash_equals($expected, $nonce)) {
         return 2;
     }
     // Invalid nonce
     die('<mainwp>' . base64_encode(json_encode(array('error' => 'Invalid nonce. Try use: ' . $action))) . '</mainwp>');
 }

	/**
	 * Validate the user token.
	 *
	 * @since 0.1-dev
	 *
	 * @param int    $user_id User ID.
	 * @param string $token User token.
	 * @return boolean
	 */
	public function validate_token( $user_id, $token ) {
		$hashed_token = get_user_meta( $user_id, self::TOKEN_META_KEY, true );
		if ( wp_hash( $token ) !== $hashed_token ) {
			$this->delete_token( $user_id );
			return false;
		}
		return true;
	}

 /**
  * Creates a custom nonce in order to secure feed
  * retrieval requests.
  */
 public function get_chunk_nonce()
 {
     $nonce = wp_hash(time());
     pf_log('Create the retrieval nonce: ');
     pf_log($nonce);
     update_option('chunk_nonce', $nonce);
     return $nonce;
 }

function recaptcha_wp_hash_comment($id)
{
    global $recaptcha_opt;
    if (function_exists('wp_hash')) {
        return wp_hash(RECAPTCHA_WP_HASH_COMMENT . $id);
    } else {
        return md5(RECAPTCHA_WP_HASH_COMMENT . $recaptcha_opt['privkey'] . $id);
    }
}

 private function get_temporary_file_path($filename)
 {
     $uploads_dir = $this->settings->get_runtime_option('awpcp-uploads-dir');
     $tempory_dir_path = implode(DIRECTORY_SEPARATOR, array($uploads_dir, 'tmp'));
     $pathinfo = awpcp_utf8_pathinfo($filename);
     $new_name = wp_hash($pathinfo['basename']) . '.' . $pathinfo['extension'];
     $unique_filename = wp_unique_filename($tempory_dir_path, $new_name);
     return $tempory_dir_path . DIRECTORY_SEPARATOR . $unique_filename;
 }

function wptouch_create_anonymous_nonce($action)
{
    // Creates a valid WordPress nonce for anonymous requests.
    $uid = 0;
    $token = '';
    $i = wp_nonce_tick();
    $nonce = substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
    return $nonce;
}

 function get_image_uri($image, $params)
 {
     $params['image'] = $image;
     $uri = $this->object->get_uri_from_params($params);
     if (substr($uri, -1) != '/') {
         $uri .= '/';
     }
     $uri .= wp_hash($uri) . '/';
     return $uri;
 }

 public function verify_nonce($nonce, $action)
 {
     $i = wp_nonce_tick();
     if (substr(wp_hash($i . $action, 'nonce'), -12, 10) === $nonce) {
         return true;
     }
     if (substr(wp_hash($i - 1 . $action, 'nonce'), -12, 10) === $nonce) {
         return true;
     }
     return false;
 }

function wp_create_nonce($action = -1)
{
    $user = wp_get_current_user();
    $uid = (int) $user->ID;
    if (!$uid) {
        /** This filter is documented in wp-includes/pluggable.php */
        $uid = apply_filters('nonce_user_logged_out', $uid, $action);
    }
    $token = wp_get_session_token();
    $i = wp_nonce_tick();
    return substr(wp_hash($i . '|' . $action . '|' . $uid . '|' . $token, 'nonce'), -12, 10);
}

 static function process_form()
 {
     // Invoked at init via add_action
     // Do we process one of our forms now?
     if (isset($_POST['si_contact_action']) && 'send' == $_POST['si_contact_action'] && isset($_POST['form_id']) && is_numeric($_POST['form_id'])) {
         self::$form_id_num = (int) $_POST['form_id'];
     } else {
         // Error: no form id in $_POST
         return;
     }
     // prevent double action
     if (self::$form_processed) {
         return;
     }
     // begin logic that redirects on forged form token.
     $token = 'ok';
     if (!isset($_POST['fs_postonce_' . self::$form_id_num]) || empty($_POST['fs_postonce_' . self::$form_id_num]) || strpos($_POST['fs_postonce_' . self::$form_id_num], ',') === false) {
         $token = 'bad';
     }
     $vars = explode(',', $_POST['fs_postonce_' . self::$form_id_num]);
     if (empty($vars[0]) || empty($vars[1]) || !preg_match("/^[0-9]+\$/", $vars[1])) {
         $token = 'bad';
     }
     if (wp_hash($vars[1]) != $vars[0]) {
         $token = 'bad';
     }
     if ($token == 'bad') {
         // forgery token was no good,  so redirect and blank the form
         self::$form_action_url = FSCF_Display::get_form_action_url();
         wp_redirect(self::$form_action_url);
         exit;
     }
     self::$global_options = FSCF_Util::get_global_options();
     self::$form_options = FSCF_Util::get_form_options(self::$form_id_num, $use_defauilts = true);
     // Do some security checks
     self::check_security();
     self::validate_data();
     self::$form_processed = true;
     if (empty(self::$form_errors)) {
         // Send the email, cleanup attachments, redirect.
         self::prepare_email();
         if (self::$form_options['email_keep_attachments'] != 'true') {
             self::email_sent_cleanup_attachments();
         }
         self::email_sent_redirect();
     }
     if (!empty(self::$uploaded_files)) {
         // unlink (delete) attachment temp files
         foreach ((array) self::$uploaded_files as $path) {
             @unlink($path);
         }
     }
 }

 /**
  * Local nonce verification.
  * WordPress uses the UID and sometimes I don't want that
  * Verify that correct nonce was used with time limit.
  *
  * The user is given an amount of time to use the token, so therefore, since the
  * $action remain the same, the independent variable is the time.
  *
  * @param string     $nonce  Nonce that was used in the form to verify
  * @param string|int $action Should give context to what is taking place and be the same when nonce was created.
  *
  * @return bool Whether the nonce check passed or failed.
  */
 public static function verifyNonce($nonce, $action = -1)
 {
     $r = false;
     $i = wp_nonce_tick();
     // Nonce generated 0-12 hours ago
     if (substr(wp_hash($i . $action, 'nonce'), -12, 10) == $nonce) {
         $r = 1;
     } elseif (substr(wp_hash($i - 1 . $action, 'nonce'), -12, 10) == $nonce) {
         // Nonce generated 12-24 hours ago
         $r = 2;
     }
     return $r;
 }

 public function __construct()
 {
     global $woocommerce;
     $this->token = sanitize_file_name(wp_hash(VINDI_IDENTIFIER));
     $this->init_form_fields();
     $this->init_settings();
     $this->debug = $this->get_option('debug') == 'yes' ? true : false;
     $this->logger = new Vindi_Logger(VINDI_IDENTIFIER, $this->debug);
     $this->api = new Vindi_API($this->get_api_key(), $this->logger);
     $this->woocommerce = $woocommerce;
     add_filter('woocommerce_payment_gateways', array(&$this, 'add_gateway'));
     add_action('admin_notices', array(&$this, 'manual_renew_is_deactivated'));
     add_action('admin_notices', array(&$this, 'allow_switching_is_activated'));
     if (is_admin()) {
         add_filter('woocommerce_settings_tabs_array', array(&$this, 'add_settings_tab'), 50);
         add_action('woocommerce_settings_tabs_settings_vindi', array(&$this, 'settings_tab'));
         add_action('woocommerce_update_options_settings_vindi', array(&$this, 'process_admin_options'));
     }
 }

 /**
  * Filter the unique post slug.
  *
  * @param string $slug          The post slug.
  * @param int    $post_ID       Post ID.
  * @param string $post_status   The post status.
  * @param string $post_type     Post type.
  * @param int    $post_parent   Post parent ID
  * @param string $original_slug The original post slug.
  */
 public static function private_unique_post_slug($slug, $post_ID, $post_status, $post_type)
 {
     $hashed_post_slug = wp_hash($slug . microtime());
     // Change every post that has auto-draft
     if (false !== strpos($slug, 'auto-draft')) {
         return $hashed_post_slug;
         // add microtime to be unique
     }
     // don't change on front-end edits.
     if (in_array($post_status, array(SI_Estimate::STATUS_PENDING, SI_Estimate::STATUS_APPROVED, SI_Estimate::STATUS_DECLINED))) {
         return $slug;
     }
     // make sure it's a new post
     if ((!isset($_POST['post_name']) || $_POST['post_name'] == '') && $post_type == SI_Estimate::POST_TYPE) {
         return $hashed_post_slug;
         // add microtime to be unique
     }
     return $slug;
 }

function bp_autologin_on_activation($user_id, $key, $user)
{
    global $bp, $wpdb;
    //simulate Bp activation
    /* Check for an uploaded avatar and move that to the correct user folder, just do what bp does */
    if (is_multisite()) {
        $hashed_key = wp_hash($key);
    } else {
        $hashed_key = wp_hash($user_id);
    }
    /* Check if the avatar folder exists. If it does, move rename it, move it and delete the signup avatar dir */
    if (file_exists(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key)) {
        @rename(BP_AVATAR_UPLOAD_PATH . '/avatars/signups/' . $hashed_key, BP_AVATAR_UPLOAD_PATH . '/avatars/' . $user_id);
    }
    bp_core_add_message(__('Your account is now active!', 'buddypress'));
    $bp->activation_complete = true;
    //now login and redirect
    wp_set_auth_cookie($user_id, true, false);
    bp_core_redirect(apply_filters("bpdev_autoactivate_redirect_url", bp_core_get_user_domain($user_id), $user_id));
}

 function __construct()
 {
     global $table_prefix, $wpdb;
     $rand = substr(wp_hash(DB_PASSWORD), 0, 16);
     global $wpdbb_content_dir, $wpdbb_content_url;
     $wpdbb_content_dir = defined('WP_CONTENT_DIR') ? WP_CONTENT_DIR : ABSPATH . 'wp-content';
     $wpdbb_content_url = defined('WP_CONTENT_URL') ? WP_CONTENT_URL : get_option('siteurl') . '/wp-content';
     if (!defined('WP_BACKUP_DIR')) {
         define('WP_BACKUP_DIR', $wpdbb_content_dir . '/backup-' . $rand . '/');
     }
     if (!defined('WP_BACKUP_URL')) {
         define('WP_BACKUP_URL', $wpdbb_content_url . '/backup-' . $rand . '/');
     }
     if (!defined('ROWS_PER_SEGMENT')) {
         define('ROWS_PER_SEGMENT', 2000);
     }
     $datum = date("Ymd_B");
     $this->backup_filename = DB_NAME . "_{$table_prefix}{$datum}." . substr(wp_hash(DB_NAME . "_{$table_prefix}{$datum}"), 0, 8) . ".sql";
     $this->backup_dir = trailingslashit(WP_BACKUP_DIR);
     $this->basename = 'wp-db-backup';
     $this->referer_check_key = $this->basename . '-download_' . DB_NAME;
 }