As @kero said, use a CF7 hook. I’d use the wpcf7_before_send_mail hook. Grab data from the CF7 form object’s fields, and use those values to store data. I wrote a post to myself on how to get data from the CF7 form object here: http://securitydawg.com/changing-contact-form-7-with-the-wpcf7_before_send_mail-hook/ . You could use that to get started, just insert … Read more
Your best bet would be a plugin called WP Mail SMTP, though it’s only marked as being compatible as of WP 3.2.1 (but it should reasonably work with WP 3.3.1). Just to define the process … Visitor enters site and fills out form on your page. User submits the form, which is transmitted to your … Read more
What my ultimate goal is, other plugins be it infected(backdoor etc) or not cannot access the username/password/mail of my email, that is the main part of the question. The only way to be sure of this is to not store them in a manner than can be automatically decrypted in the database/filesystem – which is … Read more
Based on your other question … it sounds like you’re trying to validate a given plaintext password against what’s stored in the database. Here’s the function WordPress uses to do just that: function wp_check_password($password, $hash, $user_id = ”) { global $wp_hasher; // If the hash is still md5… if ( strlen($hash) <= 32 ) { … Read more
Is wp_generate_password() as safe as the salts generated by the recommended https://api.wordpress.org/secret-key/1.1/salt/? Those details can’t be answered as for obvious reasons, the internals are unknown by the public. If we could answer that, then details would be known that allow for reverse engineering the process. This could lead to a decrease of security. Note, that … Read more
The password encryption library is in /wp-includes/class-phpass.php. It is the Portable PHP Password hashing framework.
While I agree with the previous answers, to answer the question you actually asked, what comes to mind is to use one of these constants for wp-config.php: define(‘AUTH_KEY’, ‘redacted’); define(‘SECURE_AUTH_KEY’, ‘redacted’); define(‘LOGGED_IN_KEY’, ‘redacted’); define(‘NONCE_KEY’, ‘redacted’); They are meant to be unique across wordpress installations – and are about the only options for pre-existing keys to … Read more
How can I encrypt and decrypt a string in C#?
You don’t decrypt authentication passwords! Hash them using something like the SHA256 provider and when you have to challenge, hash the input from the user and see if the two hashes match. Leaving passwords reversible is a really horrible model. Edit2: I thought we were just talking about front-line authentication. Sure there are cases where you want … Read more
I’m interested in building a small app for personal use that will encrypt and decrypt information on the client side using JavaScript. The encrypted information will be stored in a database on a server, but never the decrypted version. It doesn’t have to be super duper secure, but I would like to use a currently … Read more