File Editor
Directories:
.. (Back)
ID3
IXR
PHPMailer
Requests
SimplePie
Text
assets
block-bindings
block-patterns
block-supports
blocks
certificates
css
customize
fonts
html-api
images
interactivity-api
js
l10n
php-compat
pomo
rest-api
sitemaps
sodium_compat
style-engine
theme-compat
widgets
Files:
admin-bar.php
atomlib.php
author-template.php
block-bindings.php
block-editor.php
block-patterns.php
block-template-utils.php
block-template.php
blocks.php
bookmark-template.php
bookmark.php
cache-compat.php
cache.php
canonical.php
capabilities.php
category-template.php
category.php
class-IXR.php
class-avif-info.php
class-feed.php
class-http.php
class-json.php
class-oembed.php
class-phpass.php
class-phpmailer.php
class-pop3.php
class-requests.php
class-simplepie.php
class-smtp.php
class-snoopy.php
class-walker-category-dropdown.php
class-walker-category.php
class-walker-comment.php
class-walker-nav-menu.php
class-walker-page-dropdown.php
class-walker-page.php
class-wp-admin-bar.php
class-wp-ajax-response.php
class-wp-application-passwords.php
class-wp-block-bindings-registry.php
class-wp-block-bindings-source.php
class-wp-block-editor-context.php
class-wp-block-list.php
class-wp-block-metadata-registry.php
class-wp-block-parser-block.php
class-wp-block-parser-frame.php
class-wp-block-parser.php
class-wp-block-pattern-categories-registry.php
class-wp-block-patterns-registry.php
class-wp-block-styles-registry.php
class-wp-block-supports.php
class-wp-block-template.php
class-wp-block-templates-registry.php
class-wp-block-type-registry.php
class-wp-block-type.php
class-wp-block.php
class-wp-classic-to-block-menu-converter.php
class-wp-comment-query.php
class-wp-comment.php
class-wp-customize-control.php
class-wp-customize-manager.php
class-wp-customize-nav-menus.php
class-wp-customize-panel.php
class-wp-customize-section.php
class-wp-customize-setting.php
class-wp-customize-widgets.php
class-wp-date-query.php
class-wp-dependencies.php
class-wp-dependency.php
class-wp-duotone.php
class-wp-editor.php
class-wp-embed.php
class-wp-error.php
class-wp-exception.php
class-wp-fatal-error-handler.php
class-wp-feed-cache-transient.php
class-wp-feed-cache.php
class-wp-hook.php
class-wp-http-cookie.php
class-wp-http-curl.php
class-wp-http-encoding.php
class-wp-http-ixr-client.php
class-wp-http-proxy.php
class-wp-http-requests-hooks.php
class-wp-http-requests-response.php
class-wp-http-response.php
class-wp-http-streams.php
class-wp-http.php
class-wp-image-editor-gd.php
class-wp-image-editor-imagick.php
class-wp-image-editor.php
class-wp-list-util.php
class-wp-locale-switcher.php
class-wp-locale.php
class-wp-matchesmapregex.php
class-wp-meta-query.php
class-wp-metadata-lazyloader.php
class-wp-navigation-fallback.php
class-wp-network-query.php
class-wp-network.php
class-wp-object-cache.php
class-wp-oembed-controller.php
class-wp-oembed.php
class-wp-paused-extensions-storage.php
class-wp-plugin-dependencies.php
class-wp-post-type.php
class-wp-post.php
class-wp-query.php
class-wp-recovery-mode-cookie-service.php
class-wp-recovery-mode-email-service.php
class-wp-recovery-mode-key-service.php
class-wp-recovery-mode-link-service.php
class-wp-recovery-mode.php
class-wp-rewrite.php
class-wp-role.php
class-wp-roles.php
class-wp-script-modules.php
class-wp-scripts.php
class-wp-session-tokens.php
class-wp-simplepie-file.php
class-wp-simplepie-sanitize-kses.php
class-wp-site-query.php
class-wp-site.php
class-wp-styles.php
class-wp-tax-query.php
class-wp-taxonomy.php
class-wp-term-query.php
class-wp-term.php
class-wp-text-diff-renderer-inline.php
class-wp-text-diff-renderer-table.php
class-wp-textdomain-registry.php
class-wp-theme-json-data.php
class-wp-theme-json-resolver.php
class-wp-theme-json-schema.php
class-wp-theme-json.php
class-wp-theme.php
class-wp-token-map.php
class-wp-user-meta-session-tokens.php
class-wp-user-query.php
class-wp-user-request.php
class-wp-user.php
class-wp-walker.php
class-wp-widget-factory.php
class-wp-widget.php
class-wp-xmlrpc-server.php
class-wp.php
class-wpdb.php
class.wp-dependencies.php
class.wp-scripts.php
class.wp-styles.php
comment-template.php
comment.php
compat.php
cron.php
date.php
default-constants.php
default-filters.php
default-widgets.php
deprecated.php
embed-template.php
embed.php
error-protection.php
feed-atom-comments.php
feed-atom.php
feed-rdf.php
feed-rss.php
feed-rss2-comments.php
feed-rss2.php
feed.php
fonts.php
formatting.php
functions.php
functions.wp-scripts.php
functions.wp-styles.php
general-template.php
global-styles-and-settings.php
http.php
https-detection.php
https-migration.php
kses.php
l10n.php
link-template.php
load.php
locale.php
media-template.php
media.php
meta.php
ms-blogs.php
ms-default-constants.php
ms-default-filters.php
ms-deprecated.php
ms-files.php
ms-functions.php
ms-load.php
ms-network.php
ms-settings.php
ms-site.php
nav-menu-template.php
nav-menu.php
option.php
pluggable-deprecated.php
pluggable.php
plugin.php
post-formats.php
post-template.php
post-thumbnail-template.php
post.php
query.php
registration-functions.php
registration.php
rest-api.php
revision.php
rewrite.php
robots-template.php
rss-functions.php
rss.php
script-loader.php
script-modules.php
session.php
shortcodes.php
sitemaps.php
spl-autoload-compat.php
style-engine.php
taxonomy.php
template-canvas.php
template-loader.php
template.php
theme-previews.php
theme-templates.php
theme.php
update.php
user.php
vars.php
version.php
widgets.php
wp-db.php
wp-diff.php
Create New File
Create
Edit File: class-wp-recovery-mode-key-service.php
<?php /** * Error Protection API: WP_Recovery_Mode_Key_Service class * * @package WordPress * @since 5.2.0 */ /** * Core class used to generate and validate keys used to enter Recovery Mode. * * @since 5.2.0 */ #[AllowDynamicProperties] final class WP_Recovery_Mode_Key_Service { /** * The option name used to store the keys. * * @since 5.2.0 * @var string */ private $option_name = 'recovery_keys'; /** * Creates a recovery mode token. * * @since 5.2.0 * * @return string A random string to identify its associated key in storage. */ public function generate_recovery_mode_token() { return wp_generate_password( 22, false ); } /** * Creates a recovery mode key. * * @since 5.2.0 * * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance. * * @param string $token A token generated by {@see generate_recovery_mode_token()}. * @return string Recovery mode key. */ public function generate_and_store_recovery_mode_key( $token ) { global $wp_hasher; $key = wp_generate_password( 22, false ); if ( empty( $wp_hasher ) ) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash( 8, true ); } $hashed = $wp_hasher->HashPassword( $key ); $records = $this->get_keys(); $records[ $token ] = array( 'hashed_key' => $hashed, 'created_at' => time(), ); $this->update_keys( $records ); /** * Fires when a recovery mode key is generated. * * @since 5.2.0 * * @param string $token The recovery data token. * @param string $key The recovery mode key. */ do_action( 'generate_recovery_mode_key', $token, $key ); return $key; } /** * Verifies if the recovery mode key is correct. * * Recovery mode keys can only be used once; the key will be consumed in the process. * * @since 5.2.0 * * @global PasswordHash $wp_hasher Portable PHP password hashing framework instance. * * @param string $token The token used when generating the given key. * @param string $key The unhashed key. * @param int $ttl Time in seconds for the key to be valid for. * @return true|WP_Error True on success, error object on failure. */ public function validate_recovery_mode_key( $token, $key, $ttl ) { global $wp_hasher; $records = $this->get_keys(); if ( ! isset( $records[ $token ] ) ) { return new WP_Error( 'token_not_found', __( 'Recovery Mode not initialized.' ) ); } $record = $records[ $token ]; $this->remove_key( $token ); if ( ! is_array( $record ) || ! isset( $record['hashed_key'], $record['created_at'] ) ) { return new WP_Error( 'invalid_recovery_key_format', __( 'Invalid recovery key format.' ) ); } if ( empty( $wp_hasher ) ) { require_once ABSPATH . WPINC . '/class-phpass.php'; $wp_hasher = new PasswordHash( 8, true ); } if ( ! $wp_hasher->CheckPassword( $key, $record['hashed_key'] ) ) { return new WP_Error( 'hash_mismatch', __( 'Invalid recovery key.' ) ); } if ( time() > $record['created_at'] + $ttl ) { return new WP_Error( 'key_expired', __( 'Recovery key expired.' ) ); } return true; } /** * Removes expired recovery mode keys. * * @since 5.2.0 * * @param int $ttl Time in seconds for the keys to be valid for. */ public function clean_expired_keys( $ttl ) { $records = $this->get_keys(); foreach ( $records as $key => $record ) { if ( ! isset( $record['created_at'] ) || time() > $record['created_at'] + $ttl ) { unset( $records[ $key ] ); } } $this->update_keys( $records ); } /** * Removes a used recovery key. * * @since 5.2.0 * * @param string $token The token used when generating a recovery mode key. */ private function remove_key( $token ) { $records = $this->get_keys(); if ( ! isset( $records[ $token ] ) ) { return; } unset( $records[ $token ] ); $this->update_keys( $records ); } /** * Gets the recovery key records. * * @since 5.2.0 * * @return array Associative array of $token => $data pairs, where $data has keys 'hashed_key' * and 'created_at'. */ private function get_keys() { return (array) get_option( $this->option_name, array() ); } /** * Updates the recovery key records. * * @since 5.2.0 * * @param array $keys Associative array of $token => $data pairs, where $data has keys 'hashed_key' * and 'created_at'. * @return bool True on success, false on failure. */ private function update_keys( array $keys ) { return update_option( $this->option_name, $keys, false ); } }
Save Changes
Rename File
Rename