From 122c114cd69bfe3add1c58627815d0cc5e54e2b4 Mon Sep 17 00:00:00 2001 From: rboren Date: Thu, 20 Jan 2005 04:56:24 +0000 Subject: [PATCH] wp_setcookie() and wp_clearcookie(). Set cookies for both siteurl and home if they are not the same. Update cookies whenever home or siteurl change. git-svn-id: http://svn.automattic.com/wordpress/trunk@2107 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/options.php | 26 ++++++++++++++++++++------ wp-admin/profile.php | 4 ++-- wp-includes/functions.php | 33 +++++++++++++++++++++++++++++++++ wp-includes/vars.php | 1 + wp-login.php | 8 ++------ 5 files changed, 58 insertions(+), 14 deletions(-) diff --git a/wp-admin/options.php b/wp-admin/options.php index 0c9967a6f2..e35d287887 100644 --- a/wp-admin/options.php +++ b/wp-admin/options.php @@ -27,7 +27,7 @@ if ($user_level < 6) switch($action) { case 'update': - $any_changed = 0; + $any_changed = 0; if (!$_POST['page_options']) { foreach ($_POST as $key => $value) { @@ -40,6 +40,10 @@ case 'update': $options = $wpdb->get_results("SELECT $wpdb->options.option_id, option_name, option_type, option_value, option_admin_level FROM $wpdb->options WHERE option_name IN ($option_names)"); + // Save for later. + $old_siteurl = get_settings('siteurl'); + $old_home = get_settings('home'); + // HACK // Options that if not there have 0 value but need to be something like "closed" $nonbools = array('default_ping_status', 'default_comment_status'); @@ -56,8 +60,10 @@ case 'update': $new_val = 0; } if( in_array($option->option_name, $nonbools) && $new_val == '0' ) $new_val = 'closed'; - if ($new_val !== $old_val) + if ($new_val !== $old_val) { $result = $wpdb->query("UPDATE $wpdb->options SET option_value = '$new_val' WHERE option_name = '$option->option_name'"); + $any_changed++; + } } } unset($cache_settings); // so they will be re-read @@ -65,14 +71,22 @@ case 'update': } // end if options if ($any_changed) { - $message = sprintf(__('%d setting(s) saved... '), $any_changed); + // If siteurl or home changed, reset cookies. + if ( get_settings('siteurl') != $old_siteurl || get_settings('home') != $old_home ) { + // Get currently logged in user and password. + get_currentuserinfo(); + // Clear cookies for old paths. + wp_clearcookie(); + // Set cookies for new paths. + wp_setcookie($user_login, $user_pass_md5, true, get_settings('home'), get_settings('siteurl')); + } + + //$message = sprintf(__('%d setting(s) saved... '), $any_changed); } - //$referred = str_replace('?updated=true' , '', $_SERVER['HTTP_REFERER']); $referred = remove_query_arg('updated' , $_SERVER['HTTP_REFERER']); - //$goback = str_replace('?updated=true', '', $_SERVER['HTTP_REFERER']) . '?updated=true'; $goback = add_query_arg('updated', 'true', $_SERVER['HTTP_REFERER']); - $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback); + $goback = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $goback); header('Location: ' . $goback); break; diff --git a/wp-admin/profile.php b/wp-admin/profile.php index 36d9646f6c..034954bd02 100644 --- a/wp-admin/profile.php +++ b/wp-admin/profile.php @@ -62,8 +62,8 @@ case 'update': die (__("ERROR: you typed two different passwords. Go back to correct that.")); $newuser_pass = $_POST["pass1"]; $updatepassword = "user_pass=MD5('$newuser_pass'), "; - setcookie('wordpresspass_' . COOKIEHASH, " ", time() - 31536000, COOKIEPATH); - setcookie('wordpresspass_' . COOKIEHASH, md5(md5($newuser_pass)), time() + 31536000, COOKIEPATH); + wp_clearcookie(); + wp_setcookie($user_login, $newuser_pass); } $newuser_firstname = wp_specialchars($_POST['newuser_firstname']); diff --git a/wp-includes/functions.php b/wp-includes/functions.php index 493f313330..ef6d9cc79e 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -1628,4 +1628,37 @@ function add_magic_quotes($array) { return $array; } +function wp_setcookie($username, $password, $already_md5 = false, $home = '', $siteurl = '') { + if ( ! $already_md5) + $password = md5(md5($password)); // Double hash the password in the cookie. + + if (empty($home)) + $cookiepath = COOKIEPATH; + else + $cookiepath = preg_replace('|https?://[^/]+|i', '', $home . '/' ); + + if (empty($siteurl)) { + $sitecookiepath = SITECOOKIEPATH; + $cookiehash = COOKIEHASH; + } else { + $sitecookiepath = preg_replace('|https?://[^/]+|i', '', $siteurl . '/' ); + $cookiehash = md5($siteurl); + } + + setcookie('wordpressuser_'. $cookiehash, $username, time() + 31536000, $cookiepath); + setcookie('wordpresspass_'. $cookiehash, $password, time() + 31536000, $cookiepath); + + if ( $cookiepath != $sitecookiepath ) { + setcookie('wordpressuser_'. $cookiehash, $username, time() + 31536000, $sitecookiepath); + setcookie('wordpresspass_'. $cookiehash, $password, time() + 31536000, $sitecookiepath); + } +} + +function wp_clearcookie() { + setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH); + setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH); + setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH); + setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, SITECOOKIEPATH); +} + ?> diff --git a/wp-includes/vars.php b/wp-includes/vars.php index 0659b5a2a2..068dafcf88 100644 --- a/wp-includes/vars.php +++ b/wp-includes/vars.php @@ -113,6 +113,7 @@ foreach($wpsmiliestrans as $smiley => $img) { // Path for cookies define('COOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_settings('home') . '/' ) ); +define('SITECOOKIEPATH', preg_replace('|https?://[^/]+|i', '', get_settings('siteurl') . '/' ) ); // Some default filters add_filter('bloginfo','wp_specialchars'); diff --git a/wp-login.php b/wp-login.php index e512e75214..9d3fd56ad2 100644 --- a/wp-login.php +++ b/wp-login.php @@ -20,13 +20,11 @@ switch($action) { case 'logout': - setcookie('wordpressuser_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH); - setcookie('wordpresspass_' . COOKIEHASH, ' ', time() - 31536000, COOKIEPATH); + wp_clearcookie(); header('Expires: Mon, 11 Jan 1984 05:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate, max-age=0'); header('Pragma: no-cache'); - header('Location: wp-login.php'); exit(); @@ -134,9 +132,7 @@ default: if ( wp_login($user_login, $user_pass, $using_cookie) ) { if (! $using_cookie) { - $user_pass = md5(md5($user_pass)); // Double hash the password in the cookie. - setcookie('wordpressuser_'. COOKIEHASH, $user_login, time() + 31536000, COOKIEPATH); - setcookie('wordpresspass_'. COOKIEHASH, $user_pass, time() + 31536000, COOKIEPATH); + wp_setcookie($user_login, $user_pass); } header("Location: $redirect_to");