php - How to safely allow a user to enter an external application API key in a Wordpress plugin? -
i'm creating wordpress plugin allow custom button displayed on page.
i've got working simple html dump through wordpress shortcode method. here's problem i'm facing: want user able customize button's name, amount, , other parameters. done through shortcode send paramaters our site's external api , generate button. however, need allow them hook button using api key our service. can't stored in plaintext somewhere because used maliciously if compromised. there way allow user come in sensitive info not store in plain text?
i create utilize of wordpress' built in functions handling passwords.
http://codex.wordpress.org/function_reference/wp_hash_password
if have plugin page user can configure plugin, place have input them come in api key. when save settings can run hashing function , store hash in database.
php wordpress security
No comments:
Post a Comment