<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[13026] trunk: Update keys and salts with random values from api.wordpress.
org.</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/13026">13026</a></dd>
<dt>Author</dt> <dd>ryan</dd>
<dt>Date</dt> <dd>2010-02-08 18:15:44 +0000 (Mon, 08 Feb 2010)</dd>
</dl>
<h3>Log Message</h3>
<pre>Update keys and salts with random values from api.wordpress.org. Props nacin. see <a href="http://trac.wordpress.org/ticket/12159">#12159</a></pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminsetupconfigphp">trunk/wp-admin/setup-config.php</a></li>
<li><a href="#trunkwpconfigsamplephp">trunk/wp-config-sample.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminsetupconfigphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/setup-config.php (13025 => 13026)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/setup-config.php        2010-02-08 18:02:23 UTC (rev 13025)
+++ trunk/wp-admin/setup-config.php        2010-02-08 18:15:44 UTC (rev 13026)
</span><span class="lines">@@ -168,6 +168,24 @@
</span><span class="cx">         if ( !empty($wpdb->error) )
</span><span class="cx">                 wp_die($wpdb->error->get_error_message());
</span><span class="cx">
</span><ins>+        require_once( ABSPATH . WPINC . '/plugin.php' );
+        require_once( ABSPATH . WPINC . '/http.php' );
+        wp_fix_server_vars();
+        /**#@+
+         * @ignore
+         */
+        function get_bloginfo() {
+                return 'http://' . $_SERVER['HTTP_HOST'] . str_replace( $_SERVER['PHP_SELF'], '/wp-admin/setup-config.php', '' );
+        }
+        /**#@-*/
+
+        $secret_keys = wp_remote_get( 'https://api.wordpress.org/secret-key/1.1/?salt=1' );
+        if ( is_wp_error( $secret_keys ) )
+                $secret_keys = false;
+        else
+                $secret_keys = explode( "\n", wp_remote_retrieve_body( $secret_keys ) );
+        $key = 0;
+
</ins><span class="cx">         foreach ($configFile as $line_num => $line) {
</span><span class="cx">                 switch (substr($line,0,16)) {
</span><span class="cx">                         case "define('DB_NAME'":
</span><span class="lines">@@ -185,6 +203,17 @@
</span><span class="cx">                         case '$table_prefix =':
</span><span class="cx">                                 $configFile[$line_num] = str_replace('wp_', $prefix, $line);
</span><span class="cx">                                 break;
</span><ins>+                        case "define('AUTH_KEY":
+                        case "define('SECURE_A":
+                        case "define('LOGGED_I":
+                        case "define('NONCE_KE":
+                        case "define('AUTH_SAL":
+                        case "define('SECURE_A":
+                        case "define('LOGGED_I":
+                        case "define('NONCE_SA":
+                                if ( $secret_keys )
+                                        $configFile[$line_num] = str_replace('put your unique phrase here', substr( $secret_keys[$key++], 27, 64 ), $line );
+                                break;
</ins><span class="cx">                 }
</span><span class="cx">         }
</span><span class="cx">         if ( ! is_writable(ABSPATH) ) :
</span></span></pre></div>
<a id="trunkwpconfigsamplephp"></a>
<div class="modfile"><h4>Modified: trunk/wp-config-sample.php (13025 => 13026)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-config-sample.php        2010-02-08 18:02:23 UTC (rev 13025)
+++ trunk/wp-config-sample.php        2010-02-08 18:15:44 UTC (rev 13026)
</span><span class="lines">@@ -34,18 +34,23 @@
</span><span class="cx"> define('DB_COLLATE', '');
</span><span class="cx">
</span><span class="cx"> /**#@+
</span><del>- * Authentication Unique Keys.
</del><ins>+ * Authentication Unique Keys and Salts.
</ins><span class="cx"> *
</span><span class="cx"> * Change these to different unique phrases!
</span><del>- * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/ WordPress.org secret-key service}
</del><ins>+ * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/?salt=1 WordPress.org secret-key service}
</ins><span class="cx"> * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
</span><span class="cx"> *
</span><span class="cx"> * @since 2.6.0
</span><span class="cx"> */
</span><del>-define('AUTH_KEY', 'put your unique phrase here');
-define('SECURE_AUTH_KEY', 'put your unique phrase here');
-define('LOGGED_IN_KEY', 'put your unique phrase here');
-define('NONCE_KEY', 'put your unique phrase here');
</del><ins>+define('AUTH_KEY', 'put your unique phrase here');
+define('SECURE_AUTH_KEY', 'put your unique phrase here');
+define('LOGGED_IN_KEY', 'put your unique phrase here');
+define('NONCE_KEY', 'put your unique phrase here');
+define('AUTH_SALT', 'put your unique phrase here');
+define('SECURE_AUTH_SALT', 'put your unique phrase here');
+define('LOGGED_IN_SALT', 'put your unique phrase here');
+define('NONCE_SALT', 'put your unique phrase here');
+
</ins><span class="cx"> /**#@-*/
</span><span class="cx">
</span><span class="cx"> /**
</span></span></pre>
</div>
</div>
</body>
</html>