Ticket #9577: 9577.diff
| File 9577.diff, 2.1 KB (added by Denis-de-Bernardy, 4 years ago) |
|---|
-
wp-includes/registration.php
48 48 */ 49 49 function validate_username( $username ) { 50 50 $sanitized = sanitize_user( $username, true ); 51 $valid = ( $sanitized == $username );51 $valid = ( $sanitized == $username && !preg_match("/^\d+$/", $username) ); 52 52 return apply_filters( 'validate_username', $valid, $username ); 53 53 } 54 54 -
wp-includes/pluggable.php
523 523 return false; 524 524 } 525 525 526 $user = get_userdata bylogin($username);526 $user = get_userdata($user_id); 527 527 if ( ! $user ) { 528 do_action('auth_cookie_bad_ username', $cookie_elements);528 do_action('auth_cookie_bad_id', $cookie_elements); 529 529 return false; 530 530 } 531 531 532 532 $pass_frag = substr($user->user_pass, 8, 4); 533 533 534 $key = wp_hash($user name. $pass_frag . '|' . $expiration, $scheme);535 $hash = hash_hmac('md5', $user name. '|' . $expiration, $key);534 $key = wp_hash($user->user_login . $pass_frag . '|' . $expiration, $scheme); 535 $hash = hash_hmac('md5', $user->user_login . '|' . $expiration, $key); 536 536 537 537 if ( $hmac != $hash ) { 538 538 do_action('auth_cookie_bad_hash', $cookie_elements); … … 566 566 $key = wp_hash($user->user_login . $pass_frag . '|' . $expiration, $scheme); 567 567 $hash = hash_hmac('md5', $user->user_login . '|' . $expiration, $key); 568 568 569 $cookie = $user-> user_login. '|' . $expiration . '|' . $hash;569 $cookie = $user->ID . '|' . $expiration . '|' . $hash; 570 570 571 571 return apply_filters('auth_cookie', $cookie, $user_id, $expiration, $scheme); 572 572 } … … 613 613 if ( count($cookie_elements) != 3 ) 614 614 return false; 615 615 616 list($user name, $expiration, $hmac) = $cookie_elements;616 list($user_id, $expiration, $hmac) = $cookie_elements; 617 617 618 return compact('user name', 'expiration', 'hmac', 'scheme');618 return compact('user_id', 'expiration', 'hmac', 'scheme'); 619 619 } 620 620 endif; 621 621
