dscqrkvr9562034621 2013-02-13 19:56
浏览 42
已采纳

如何安全地允许用户在Wordpress插件中输入外部应用程序API密钥?

I'm creating a Wordpress plugin that will allow a custom button to be displayed on the page.

I've got it working with a simple HTML dump through the Wordpress shortcode method. Here's the problem I'm facing: I want the user to be able to customize the button's name, amount, and other parameters. This could all be done through shortcode which will send paramaters to our site's external API and generate the button. However, I also need to let them hook up their button using their API key from our service. This can't be stored in plaintext somewhere because it could be used maliciously if compromised. Is there a good way to let the user enter sensitive info like this but not store it in plain text?

  • 写回答

1条回答 默认 最新

  • dovhpmnm31216 2013-02-13 20:15
    关注

    I would make use of wordpress' built in functions for handling passwords.

    http://codex.wordpress.org/Function_Reference/wp_hash_password

    If you already have a plugin page where the user can configure your plugin, that would be a good place to have an input for them to enter their api key. When they save the settings you can run the hashing function and then store the hash in the database.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 求解vmware的网络模式问题
  • ¥24 EFS加密后,在同一台电脑解密出错,证书界面找不到对应指纹的证书,未备份证书,求在原电脑解密的方法,可行即采纳
  • ¥15 springboot 3.0 实现Security 6.x版本集成
  • ¥15 PHP-8.1 镜像无法用dockerfile里的CMD命令启动 只能进入容器启动,如何解决?(操作系统-ubuntu)
  • ¥30 请帮我解决一下下面六个代码
  • ¥15 关于资源监视工具的e-care有知道的嘛
  • ¥35 MIMO天线稀疏阵列排布问题
  • ¥60 用visual studio编写程序,利用间接平差求解水准网
  • ¥15 Llama如何调用shell或者Python
  • ¥20 谁能帮我挨个解读这个php语言编的代码什么意思?