唯一标识 WordPress 博客? [英] Uniquely identifying a WordPress blog?
问题描述
我正在实现一个 WordPress 插件,该插件具有一键式设置程序,该程序通过向服务器发送唯一密钥来调用我的服务器进行设置,然后从那时起使用该代码来配置系统未来.
I'm working on implementing a WordPress plugin which has a one-click setup procedure that calls my server to set things up by sending a unique key to the server, and then use that code from that time on to configure the system in the future.
有没有办法在 WordPress 中获得唯一的博客 ID?
Is there a way in WordPress to get a unique blog ID?
乍一看,我查看了 get_current_blog_id,但它是一个非常本地且非唯一的数字.
At first glance, I looked at get_current_blog_id, but it is a pretty local and non-unique number.
然后,我查看了可能采用 wp-config.php 中定义的 NONCE_KEY,并使用 SHA512 对其进行散列.但是,我担心这其中的安全风险(即使我知道 SHA512 很难暴力破解).
Then, I looked at maybe taking the NONCE_KEY defined in wp-config.php, and hashing that with SHA512. However, I am concerned about the security risk in this (even though I know that an SHA512 is hard to bruteforce).
我对安全性的这种担忧是否合理?有没有其他方法可以唯一地识别 WordPress 博客?
Is this concern that I have regarding security reasonable? Is there any other way I can identify a WordPress blog uniquely?
推荐答案
您可以创建一个函数来创建唯一的博客 ID,但基于什么?URL 可以更改,名称可以更改,主题,服务器 ip 等等.没有真正唯一的静态变量.
You could create a function to create an unique blog ID, but based on what? URL could change, name could change, theme, server ip and so on. There isn't really an unique and static variable.
创建您自己的!
为此我使用序列号和令牌.该博客提交了一个序列以从我的 api 接收令牌.您可以在第一个请求时创建序列号,因此博客所有者不必输入它.现在将序列号和生成的令牌发送回博客并将此数据存储在数据库中:update_option('name', 'token') 或只是 add_option('name', 'token').这是您的唯一 ID!
I use serials and tokens for this. The blog submits a serial to receive a token from my api. You could create the serial on the first request, so the blog owner doesn't have to enter it. Now send the serial and a generated token back to the blog and store this data in the database: update_option('name', 'token') or just add_option('name', 'token'). There is your unique id!
- 在每个新博客注册"(博客仍然没有序列号)上生成一个唯一序列号和令牌
- 将序列号和令牌存储在您的数据库中以再次验证博客
- 令牌应不时更改
- 您还可以检查旧令牌(比如最后 2 个令牌...)以更加灵活
这篇关于唯一标识 WordPress 博客?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
