From 3c3ec6dd8cb3d86927329bd88d4d2faab3559b99 Mon Sep 17 00:00:00 2001 From: Andrew Ozz Date: Fri, 23 Aug 2013 21:27:08 +0000 Subject: [PATCH] Logging in: when the Remember Me checkbox is checked, make sure the browser continues to send the expired cookies so the "login grace period" for POST and AJAX requests works. Fixes #24735. Built from https://develop.svn.wordpress.org/trunk@25107 git-svn-id: http://core.svn.wordpress.org/trunk@25089 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/pluggable.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/wp-includes/pluggable.php b/wp-includes/pluggable.php index d108e4a457..b097bca227 100644 --- a/wp-includes/pluggable.php +++ b/wp-includes/pluggable.php @@ -649,7 +649,10 @@ if ( !function_exists('wp_set_auth_cookie') ) : */ function wp_set_auth_cookie($user_id, $remember = false, $secure = '') { if ( $remember ) { - $expiration = $expire = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember); + $expiration = time() + apply_filters('auth_cookie_expiration', 14 * DAY_IN_SECONDS, $user_id, $remember); + // Ensure the browser will continue to send the cookie after the expiration time is reached. + // Needed for the login grace period in wp_validate_auth_cookie(). + $expire = $expiration + ( 12 * HOUR_IN_SECONDS ); } else { $expiration = time() + apply_filters('auth_cookie_expiration', 2 * DAY_IN_SECONDS, $user_id, $remember); $expire = 0;