{"id":226,"date":"2018-04-01T01:15:46","date_gmt":"2018-03-31T17:15:46","guid":{"rendered":"http:\/\/www.brofive.org\/?p=226"},"modified":"2018-05-05T21:25:08","modified_gmt":"2018-05-05T13:25:08","slug":"wordpress-%e7%94%a8%e6%88%b7%e5%af%86%e7%a0%81%e9%87%8d%e7%bd%ae","status":"publish","type":"post","link":"http:\/\/www.brofive.net\/?p=226","title":{"rendered":"wordpress \u7528\u6237\u5bc6\u7801\u91cd\u7f6e"},"content":{"rendered":"

\u7533\u8bf7\u4e86\u4e00\u4e2aWordPress\u7a7a\u95f4\uff0c\u6ca1\u6599\u5230\u628a\u7528\u6237\u5bc6\u7801\u5fd8\u8bb0\u4e86\uff0c\u4e0d\u77e5\u9053\u4ec0\u4e48\u539f\u56e0\uff0cWordPress\u7684\u3010\u5fd8\u8bb0\u5bc6\u7801\u3011\u529f\u80fd\u5931\u7075\u4e86\uff0c\u53ea\u597d\u7528\u7ba1\u7406\u5458\u767b\u5f55\u4e0a\u53bb\uff0c\u5c1d\u8bd5\u4ece\u6570\u636e\u5e93\u91cc\u9762\u91cd\u7f6e\u4e00\u4e0b\uff0c\u767b\u4e0a\u53bb\u4e00\u770b\uff0c\u5bc6\u7801\u662f\u52a0\u5bc6\u7684\uff0c\u8fd9\u662f\u96be\u4e0d\u4f4f\u6211\u4eec\u7684\uff0c\u5f53\u5e74\u641e\u5b9aJIRA\u7684\u5bc6\u7801\u4e5f\u5c31\u90a3\u4e48\u56de\u4e8b\u3002<\/p>\n

\"image\"<\/a><\/p>\n

\u4f30\u8ba1wordpress\u4e0d\u4f1a\u5f31\u5230\u4f7f\u7528MySQL\u7684\u52a0\u5bc6\u51fd\u6570\uff0c\u4e8e\u662f\u5148\u767e\u5ea6\u4e86\u4e00\u4e0b\uff0c\u627e\u5230\u4e00\u7bc7\u6587\u7ae0\u3010wordpress\u7528\u6237\u5bc6\u7801\u52a0\u5bc6\u539f\u7406\u53ca\u5176\u7b97\u6cd5\u5206\u6790\u3011\uff08https:\/\/blog.csdn.net\/HK_JH\/article\/details\/27368279<\/a>\uff09\uff0c\u4e0b\u8f7d\u4e86\u4f5c\u8005\u5199\u7684c\u8bed\u8a00\u7a0b\u5e8f\uff0c\u7528VS 15\u7f16\u8bd1\u4e86\u4e00\u4e0b\uff0c\u679c\u7136\u5c31\u53ef\u4ee5\u7b97\u51fa\u4e00\u4e2ahash\u4ee5\u540e\u7684\u5bc6\u7801\uff0cupdata\u4e00\u4e0b\uff0c\u7136\u540e\u53d1\u73b0\u4e0d\u5bf9\uff01\uff01\uff01<\/p>\n

\u4e0b\u8f7dhttps:\/\/wordpress.org\/download\/<\/a>\u7684\u6700\u65b0\u7248\u672c\uff08https:\/\/wordpress.org\/latest.tar.gz<\/a>\uff09\uff0c\u76ee\u524d\u662f4.9.4\uff0c\u627e\u5230\u7528\u6237\u5bc6\u7801\u4ee3\u7801class-phpass.php\u6587\u4ef6\uff0c\u6253\u5f00\u4e00\u770b\uff0c\u662f\u4e00\u4e2ahash\u7c7b\uff0c\u6839\u636e\u914d\u7f6e\u91c7\u7528\u4e0d\u540c\u7684hash\u7b97\u6cd5\u3002\u5199\u4e86\u4e00\u4e2a3\u884c\u7684\u5c0f\u7a0b\u5e8f\uff1a<\/p>\n\n\n\n
require_once ‘\/class-phpass.php’;
\n$hasher = new PasswordHash( 8, true );
\necho $hasher->HashPassword(“mypassword”);<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

\u7136\u540e\u5c31\u5f97\u5230\u4e86\u4e00\u4e2a\u53ef\u7528\u7684\u5bc6\u7801\uff0c\u641e\u5b9a\uff01<\/p>\n

\u4f30\u8ba1\u6b64\u524d\u7684\u4f5c\u8005\u662f\u4e2aC\u7231\u597d\u8005\uff0c\u4ece\u7f51\u4e0a\u5f04\u4e86\u4e00\u4e9b\u4ee3\u7801\uff0c\u90a3\u4e2aMD5\u660e\u663e\u662f\u5f00\u6e90\u4ee3\u7801\uff0c\u8fd8\u8bf4\u662f\u81ea\u5df1\u4ee5\u524d\u5199\u7684\uff0c \u770b\u6765\u6c34\u5e73\u4e0d\u548b\u5730\u3002<\/p>\n

 <\/p>\n

<?php
\n\/**
\n* Portable PHP password hashing framework.
\n* @package phpass
\n* @since 2.5.0
\n* @version 0.3 \/ WordPress
\n* @link http:\/\/www.openwall.com\/phpass\/<\/a>
\n*\/<\/p>\n

#
\n# Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
\n# the public domain.\u00a0 Revised in subsequent years, still public domain.
\n#
\n# There’s absolutely no warranty.
\n#
\n# Please be sure to update the Version line if you edit this file in any way.
\n# It is suggested that you leave the main version number intact, but indicate
\n# your project name (after the slash) and add your own revision information.
\n#
\n# Please do not change the “private” password hashing method implemented in
\n# here, thereby making your hashes incompatible.\u00a0 However, if you must, please
\n# change the hash type identifier (the “$P$”) to something different.
\n#
\n# Obviously, since this code is in the public domain, the above are not
\n# requirements (there can be none), but merely suggestions.
\n#<\/p>\n

\/**
\n* Portable PHP password hashing framework.
\n*
\n* @package phpass
\n* @version 0.3 \/ WordPress
\n* @link http:\/\/www.openwall.com\/phpass\/<\/a>
\n* @since 2.5.0
\n*\/
\nclass PasswordHash {
\nvar $itoa64;
\nvar $iteration_count_log2;
\nvar $portable_hashes;
\nvar $random_state;<\/p>\n

\/**
\n* PHP5 constructor.
\n*\/
\nfunction __construct( $iteration_count_log2, $portable_hashes )
\n{
\n$this->itoa64 = ‘.\/0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz’;<\/p>\n

if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
\n$iteration_count_log2 = 8;
\n$this->iteration_count_log2 = $iteration_count_log2;<\/p>\n

$this->portable_hashes = $portable_hashes;<\/p>\n

$this->random_state = microtime() . uniqid(rand(), TRUE); \/\/ removed getmypid() for compatibility reasons
\n}<\/p>\n

\/**
\n* PHP4 constructor.
\n*\/
\npublic function PasswordHash( $iteration_count_log2, $portable_hashes ) {
\nself::__construct( $iteration_count_log2, $portable_hashes );
\n}<\/p>\n

function get_random_bytes($count)
\n{
\n$output = ”;
\nif ( @is_readable(‘\/dev\/urandom’) &&
\n($fh = @fopen(‘\/dev\/urandom’, ‘rb’))) {
\n$output = fread($fh, $count);
\nfclose($fh);
\n}<\/p>\n

if (strlen($output) < $count) {
\n$output = ”;
\nfor ($i = 0; $i < $count; $i += 16) {
\n$this->random_state =
\nmd5(microtime() . $this->random_state);
\n$output .=
\npack(‘H*’, md5($this->random_state));
\n}
\n$output = substr($output, 0, $count);
\n}<\/p>\n

return $output;
\n}<\/p>\n

function encode64($input, $count)
\n{
\n$output = ”;
\n$i = 0;
\ndo {
\n$value = ord($input[$i++]);
\n$output .= $this->itoa64[$value & 0x3f];
\nif ($i < $count)
\n$value |= ord($input[$i]) << 8;
\n$output .= $this->itoa64[($value >> 6) & 0x3f];
\nif ($i++ >= $count)
\nbreak;
\nif ($i < $count)
\n$value |= ord($input[$i]) << 16;
\n$output .= $this->itoa64[($value >> 12) & 0x3f];
\nif ($i++ >= $count)
\nbreak;
\n$output .= $this->itoa64[($value >> 18) & 0x3f];
\n} while ($i < $count);<\/p>\n

return $output;
\n}<\/p>\n

function gensalt_private($input)
\n{
\n$output = ‘$P$’;
\n$output .= $this->itoa64[min($this->iteration_count_log2 +
\n((PHP_VERSION >= ‘5’) ? 5 : 3), 30)];
\n$output .= $this->encode64($input, 6);<\/p>\n

return $output;
\n}<\/p>\n

function crypt_private($password, $setting)
\n{
\n$output = ‘*0’;
\nif (substr($setting, 0, 2) == $output)
\n$output = ‘*1’;<\/p>\n

$id = substr($setting, 0, 3);
\n# We use “$P$”, phpBB3 uses “$H$” for the same thing
\nif ($id != ‘$P$’ && $id != ‘$H$’)
\nreturn $output;<\/p>\n

$count_log2 = strpos($this->itoa64, $setting[3]);
\nif ($count_log2 < 7 || $count_log2 > 30)
\nreturn $output;<\/p>\n

$count = 1 << $count_log2;<\/p>\n

$salt = substr($setting, 4, 8);
\nif (strlen($salt) != 8)
\nreturn $output;<\/p>\n

# We’re kind of forced to use MD5 here since it’s the only
\n# cryptographic primitive available in all versions of PHP
\n# currently in use.\u00a0 To implement our own low-level crypto
\n# in PHP would result in much worse performance and
\n# consequently in lower iteration counts and hashes that are
\n# quicker to crack (by non-PHP code).
\nif (PHP_VERSION >= ‘5’) {
\n$hash = md5($salt . $password, TRUE);
\ndo {
\n$hash = md5($hash . $password, TRUE);
\n} while (–$count);
\n} else {
\n$hash = pack(‘H*’, md5($salt . $password));
\ndo {
\n$hash = pack(‘H*’, md5($hash . $password));
\n} while (–$count);
\n}<\/p>\n

$output = substr($setting, 0, 12);
\n$output .= $this->encode64($hash, 16);<\/p>\n

return $output;
\n}<\/p>\n

function gensalt_extended($input)
\n{
\n$count_log2 = min($this->iteration_count_log2 + 8, 24);
\n# This should be odd to not reveal weak DES keys, and the
\n# maximum valid value is (2**24 – 1) which is odd anyway.
\n$count = (1 << $count_log2) – 1;<\/p>\n

$output = ‘_’;
\n$output .= $this->itoa64[$count & 0x3f];
\n$output .= $this->itoa64[($count >> 6) & 0x3f];
\n$output .= $this->itoa64[($count >> 12) & 0x3f];
\n$output .= $this->itoa64[($count >> 18) & 0x3f];<\/p>\n

$output .= $this->encode64($input, 3);<\/p>\n

return $output;
\n}<\/p>\n

function gensalt_blowfish($input)
\n{
\n# This one needs to use a different order of characters and a
\n# different encoding scheme from the one in encode64() above.
\n# We care because the last character in our encoded string will
\n# only represent 2 bits.\u00a0 While two known implementations of
\n# bcrypt will happily accept and correct a salt string which
\n# has the 4 unused bits set to non-zero, we do not want to take
\n# chances and we also do not want to waste an additional byte
\n# of entropy.
\n$itoa64 = ‘.\/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789’;<\/p>\n

$output = ‘$2a$’;
\n$output .= chr(ord(‘0’) + $this->iteration_count_log2 \/ 10);
\n$output .= chr(ord(‘0’) + $this->iteration_count_log2 % 10);
\n$output .= ‘$’;<\/p>\n

$i = 0;
\ndo {
\n$c1 = ord($input[$i++]);
\n$output .= $itoa64[$c1 >> 2];
\n$c1 = ($c1 & 0x03) << 4;
\nif ($i >= 16) {
\n$output .= $itoa64[$c1];
\nbreak;
\n}<\/p>\n

$c2 = ord($input[$i++]);
\n$c1 |= $c2 >> 4;
\n$output .= $itoa64[$c1];
\n$c1 = ($c2 & 0x0f) << 2;<\/p>\n

$c2 = ord($input[$i++]);
\n$c1 |= $c2 >> 6;
\n$output .= $itoa64[$c1];
\n$output .= $itoa64[$c2 & 0x3f];
\n} while (1);<\/p>\n

return $output;
\n}<\/p>\n

function HashPassword($password)
\n{
\nif ( strlen( $password ) > 4096 ) {
\nreturn ‘*’;
\n}<\/p>\n

$random = ”;<\/p>\n

if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
\n$random = $this->get_random_bytes(16);
\n$hash =
\ncrypt($password, $this->gensalt_blowfish($random));
\nif (strlen($hash) == 60)
\nreturn $hash;
\n}<\/p>\n

if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) {
\nif (strlen($random) < 3)
\n$random = $this->get_random_bytes(3);
\n$hash =
\ncrypt($password, $this->gensalt_extended($random));
\nif (strlen($hash) == 20)
\nreturn $hash;
\n}<\/p>\n

if (strlen($random) < 6)
\n$random = $this->get_random_bytes(6);
\n$hash =
\n$this->crypt_private($password,
\n$this->gensalt_private($random));
\nif (strlen($hash) == 34)
\nreturn $hash;<\/p>\n

# Returning ‘*’ on error is safe here, but would _not_ be safe
\n# in a crypt(3)-like function used _both_ for generating new
\n# hashes and for validating passwords against existing hashes.
\nreturn ‘*’;
\n}<\/p>\n

function CheckPassword($password, $stored_hash)
\n{
\nif ( strlen( $password ) > 4096 ) {
\nreturn false;
\n}<\/p>\n

$hash = $this->crypt_private($password, $stored_hash);
\nif ($hash[0] == ‘*’)
\n$hash = crypt($password, $stored_hash);<\/p>\n

return $hash === $stored_hash;
\n}
\n}<\/p>\n","protected":false},"excerpt":{"rendered":"

\u7533\u8bf7\u4e86\u4e00\u4e2aWordPress\u7a7a\u95f4\uff0c\u6ca1\u6599\u5230\u628a\u7528\u6237\u5bc6\u7801\u5fd8\u8bb0\u4e86\uff0c\u4e0d\u77e5\u9053\u4ec0\u4e48\u539f\u56e0\uff0cWordPress\u7684\u3010\u5fd8\u8bb0\u5bc6\u7801\u3011\u529f\u80fd…<\/p>\n","protected":false},"author":1,"featured_media":494,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[279,20],"tags":[24],"views":4824,"_links":{"self":[{"href":"http:\/\/www.brofive.net\/index.php?rest_route=\/wp\/v2\/posts\/226"}],"collection":[{"href":"http:\/\/www.brofive.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.brofive.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.brofive.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.brofive.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=226"}],"version-history":[{"count":2,"href":"http:\/\/www.brofive.net\/index.php?rest_route=\/wp\/v2\/posts\/226\/revisions"}],"predecessor-version":[{"id":898,"href":"http:\/\/www.brofive.net\/index.php?rest_route=\/wp\/v2\/posts\/226\/revisions\/898"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.brofive.net\/index.php?rest_route=\/wp\/v2\/media\/494"}],"wp:attachment":[{"href":"http:\/\/www.brofive.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.brofive.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=226"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.brofive.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}