Commit Graph

6 Commits

Author SHA1 Message Date
Andrew Nacin 75ff6ae302 Add safeguards for when ext/hash is not compiled with PHP.
see #29518, for trunk.

Built from https://develop.svn.wordpress.org/trunk@29751


git-svn-id: http://core.svn.wordpress.org/trunk@29523 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-09-20 17:28:18 +00:00
Andrew Nacin 768136c6da Rename the public methods in the session tokens API.
Introduces a new get( $token ) method. get_token() would not have made sense and spurred the overall renaming. Public methods are now get, get_all, verify, create, update, destroy, destroy_others, and destroy_all.

The protected abstract methods designed for alternative implementations remain the same.

props mdawaffe.
see #20276.

Built from https://develop.svn.wordpress.org/trunk@29635


git-svn-id: http://core.svn.wordpress.org/trunk@29409 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-27 02:07:16 +00:00
Drew Jaynes 647b6d907b Clean up some missing `@access` tags and other tweaks for 4.0.0-functionality docs.
See #28885.

Built from https://develop.svn.wordpress.org/trunk@29455


git-svn-id: http://core.svn.wordpress.org/trunk@29233 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-08-09 19:32:16 +00:00
Andrew Nacin 84fb6743fe WP_Session_Tokens: Can't abstract a static method.
Implementations can choose to implement the drop_sessions() method on their own.

see #20276.

Built from https://develop.svn.wordpress.org/trunk@29224


git-svn-id: http://core.svn.wordpress.org/trunk@29008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 19:16:15 +00:00
Sergey Biryukov d2e690ac2d Fix parse error in PHP 5.2.
props georgestephanis.
see #20276.
Built from https://develop.svn.wordpress.org/trunk@29222


git-svn-id: http://core.svn.wordpress.org/trunk@29006 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 17:34:15 +00:00
Andrew Nacin 654e46f03d Tie cookies and nonces to user sessions so they may be invalidated upon logout.
Sessions are stored in usermeta via WP_User_Meta_Session_Tokens, which extends the abstract WP_Session_Tokens class. Extending WP_Session_Tokens can allow for alternative storage, such as a separate table or Redis.

Introduces some simple APIs for session listing and destruction, such as wp_get_active_sessions() and wp_destroy_all_sessions().

This invalidates all existing authentication cookies, as a new segment (the session token) has been added to them.

props duck_, nacin, mdawaffe.
see #20276.

Built from https://develop.svn.wordpress.org/trunk@29221


git-svn-id: http://core.svn.wordpress.org/trunk@29005 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2014-07-18 09:13:15 +00:00