Fix AJAX cookie validation. see #5367
git-svn-id: http://svn.automattic.com/wordpress/trunk@6400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
9bca1574ca
commit
8a556e5e48
|
@ -433,10 +433,10 @@ if ( !function_exists('check_ajax_referer') ) :
|
||||||
function check_ajax_referer( $action = -1 ) {
|
function check_ajax_referer( $action = -1 ) {
|
||||||
$nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
|
$nonce = $_REQUEST['_ajax_nonce'] ? $_REQUEST['_ajax_nonce'] : $_REQUEST['_wpnonce'];
|
||||||
if ( !wp_verify_nonce( $nonce, $action ) ) {
|
if ( !wp_verify_nonce( $nonce, $action ) ) {
|
||||||
$current_name = '';
|
$current_id = '';
|
||||||
if ( ( $current = wp_get_current_user() ) && $current->ID )
|
if ( ( $current = wp_get_current_user() ) && $current->ID )
|
||||||
$current_name = $current->user_login;
|
$current_id = $current->ID;
|
||||||
if ( !$current_name )
|
if ( !$current_id )
|
||||||
die('-1');
|
die('-1');
|
||||||
|
|
||||||
$auth_cookie = '';
|
$auth_cookie = '';
|
||||||
|
@ -446,7 +446,13 @@ function check_ajax_referer( $action = -1 ) {
|
||||||
$auth_cookie = substr(strstr($tasty, '='), 1);
|
$auth_cookie = substr(strstr($tasty, '='), 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $current_name != $user || empty($auth_cookie) || !wp_validate_auth_cookie( $auth_cookie ) )
|
if ( empty($auth_cookie) )
|
||||||
|
die('-1');
|
||||||
|
|
||||||
|
if ( ! $user_id = wp_validate_auth_cookie( $auth_cookie ) )
|
||||||
|
die('-1');
|
||||||
|
|
||||||
|
if ( $current_id != $user_id )
|
||||||
die('-1');
|
die('-1');
|
||||||
}
|
}
|
||||||
do_action('check_ajax_referer');
|
do_action('check_ajax_referer');
|
||||||
|
|
Loading…
Reference in New Issue