WordPress-C/WordPress
1
0
Fork 0
mirror of https://github.com/WordPress/WordPress.git synced 2025-02-19 21:15:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Don't ignore scheme when cookie value is empty. Props bendalton. fixes #7521

Browse Source 
git-svn-id: http://svn.automattic.com/wordpress/trunk@8731 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2008-08-25 21:09:26 +00:00
parent 8dfd6d050f
commit 37d88adaff
1 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
wp-includes/pluggable.php
View File

@ -484,7 +484,7 @@ if ( !function_exists('wp_validate_auth_cookie') ) :
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
* @return bool|int False if invalid cookie, User ID if valid. * @return bool|int False if invalid cookie, User ID if valid.
*/ */
function wp_validate_auth_cookie($cookie = '', $scheme = 'auth') { function wp_validate_auth_cookie($cookie = '', $scheme = '') {
if ( ! $cookie_elements = wp_parse_auth_cookie($cookie, $scheme) ) { if ( ! $cookie_elements = wp_parse_auth_cookie($cookie, $scheme) ) {
do_action('auth_cookie_malformed', $cookie, $scheme); do_action('auth_cookie_malformed', $cookie, $scheme);
return false; return false;
@ -559,8 +559,19 @@ if ( !function_exists('wp_parse_auth_cookie') ) :
* @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in * @param string $scheme Optional. The cookie scheme to use: auth, secure_auth, or logged_in
* @return array Authentication cookie components * @return array Authentication cookie components
*/ */
function wp_parse_auth_cookie($cookie = '', $scheme = 'auth') { function wp_parse_auth_cookie($cookie = '', $scheme = '') {
if ( empty($cookie) ) { if ( empty($cookie) ) {
switch ($scheme){
case 'auth':
$cookie_name = AUTH_COOKIE;
break;
case 'secure_auth':
$cookie_name = SECURE_AUTH_COOKIE;
break;
case "logged_in":
$cookie_name = LOGGED_IN_COOKIE;
break;
default:
if ( is_ssl() ) { if ( is_ssl() ) {
$cookie_name = SECURE_AUTH_COOKIE; $cookie_name = SECURE_AUTH_COOKIE;
$scheme = 'secure_auth'; $scheme = 'secure_auth';
@ -568,6 +579,7 @@ function wp_parse_auth_cookie($cookie = '', $scheme = 'auth') {
$cookie_name = AUTH_COOKIE; $cookie_name = AUTH_COOKIE;
$scheme = 'auth'; $scheme = 'auth';
} }
}
if ( empty($_COOKIE[$cookie_name]) ) if ( empty($_COOKIE[$cookie_name]) )
return false; return false;