WordPress.org

Make WordPress Core

Ticket #19120: 19120.patch

File 19120.patch, 6.4 KB (added by azaozz, 7 years ago)
  • wp-admin/admin-ajax.php

     
    936936        $message = sprintf( __('Draft saved at %s.'), date_i18n( $draft_saved_date_format ) );
    937937
    938938        $supplemental = array();
    939         if ( isset($login_grace_period) )
    940                 $alert .= sprintf( __('Your login has expired. Please open a new browser window and <a href="%s" target="_blank">log in again</a>. '), add_query_arg( 'interim-login', 1, wp_login_url() ) );
     939        if ( isset($login_expiration_warning) )
     940                $alert .= _wp_login_expiration_message(false);
    941941
    942942        $id = $revision_id = 0;
    943943
  • wp-admin/includes/misc.php

     
    593593}
    594594add_action('admin_head', '_ipad_meta');
    595595
     596
     597function wp_warn_login_expires($cookie_elements) {
     598        global $login_expiration_warning;
     599
     600        if ( strpos( $_SERVER['REQUEST_URI'], 'wp-login.php' ) !== false )
     601                return;
     602
     603        if ( $cookie_elements['expiration'] < time() + 7200 ) { // less than 2 hours untill expiration
     604                if ( empty($_POST) && !defined('DOING_AJAX') ) {
     605                        wp_redirect( add_query_arg( 'interim-login', 1, wp_login_url( $_SERVER['REQUEST_URI'], true ) ) );
     606                        die;
     607                }
     608
     609                $login_expiration_warning = true;
     610                add_action('all_admin_notices', '_wp_login_expiration_message');
     611        }
     612}
     613add_action('auth_cookie_valid', 'wp_warn_login_expires', 10, 1);
     614
     615function _wp_login_expiration_message($echo = true) {
     616        $return = sprintf( __('Your login session will expire shortly. Please <a href="%s" target="_blank">log in again</a>. '), add_query_arg( 'interim-login', 2, wp_login_url('', true) ) );
     617
     618        if ( !$echo )
     619                return $return;
     620
     621        echo $return;
     622}
     623
  • wp-includes/js/autosave.dev.js

     
    109109                        delayed_autosave();
    110110                });
    111111        }
     112
     113        // remove div#autosave-alert onclick
     114        $('#wpcontent').delegate('#autosave-alert a', 'click', function(e){ $(e.target).closest('#autosave-alert').remove(); });
    112115});
    113116
    114117function autosave_parse_response(response) {
  • wp-includes/pluggable.php

     
    542542                return false;
    543543        }
    544544
    545         if ( $expiration < time() ) // AJAX/POST grace period set above
    546                 $GLOBALS['login_grace_period'] = 1;
     545        if ( $expiration < (time() + 7200) ) // 2 hours before cookies expire
     546                $GLOBALS['login_expiration_warning'] = 1;
    547547
    548548        do_action('auth_cookie_valid', $cookie_elements, $user);
    549549
  • wp-login.php

     
    118118 * @param string $input_id Which input to auto-focus
    119119 */
    120120function login_footer($input_id = '') {
    121         ?>
    122         <p id="backtoblog"><a href="<?php bloginfo('url'); ?>/" title="<?php esc_attr_e('Are you lost?') ?>"><?php printf(__('&larr; Back to %s'), get_bloginfo('title', 'display' )); ?></a></p>
     121        global $interim_login;
     122
     123        if ( empty($interim_login) ) { ?>
     124                <p id="backtoblog"><a href="<?php bloginfo('url'); ?>/" title="<?php esc_attr_e('Are you lost?') ?>"><?php printf(__('&larr; Back to %s'), get_bloginfo('title', 'display' )); ?></a></p><?php
     125        } ?>
    123126        </div>
    124127
    125128<?php if ( !empty($input_id) ) : ?>
     
    534537case 'login' :
    535538default:
    536539        $secure_cookie = '';
    537         $interim_login = isset($_REQUEST['interim-login']);
     540        $interim_login = isset($_REQUEST['interim-login']) ? (int) $_REQUEST['interim-login'] : 0; // 1 = show login message, 2 = no redir after login
    538541
    539542        // If the user wants ssl but the session is not ssl, force a secure cookie.
    540543        if ( !empty($_POST['log']) && !force_ssl_admin() ) {
     
    568571
    569572        $redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);
    570573
     574        if ( !is_wp_error($user) && 2 == $interim_login ) {
     575                $message = '<p class="message">' . __('You have logged in successfully. Close this browser window or tab and return to writing.') . '</p>';
     576                login_header( '', $message );
     577                echo '</div></body></html>';
     578                exit;
     579        }
     580
    571581        if ( !is_wp_error($user) && !$reauth ) {
    572                 if ( $interim_login ) {
    573                         $message = '<p class="message">' . __('You have logged in successfully.') . '</p>';
    574                         login_header( '', $message ); ?>
    575                         <script type="text/javascript">setTimeout( function(){window.close()}, 8000);</script>
    576                         <p class="alignright">
    577                         <input type="button" class="button-primary" value="<?php esc_attr_e('Close'); ?>" onclick="window.close()" /></p>
    578                         </div></body></html>
    579 <?php           exit;
    580                 }
    581 
    582582                if ( ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) ) {
    583583                        // If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
    584584                        if ( is_multisite() && !get_active_blog_for_user($user->ID) && !is_super_admin( $user->ID ) )
     
    612612                $errors->add('newpass', __('Check your e-mail for your new password.'), 'message');
    613613        elseif  ( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] )
    614614                $errors->add('registered', __('Registration complete. Please check your e-mail.'), 'message');
    615         elseif  ( $interim_login )
    616                 $errors->add('expired', __('Your session has expired. Please log-in again.'), 'message');
    617615
    618616        // Clear any stale cookies.
    619         if ( $reauth )
     617        if ( $reauth ) {
    620618                wp_clear_auth_cookie();
    621619
     620                if ( $interim_login )
     621                        $errors->add('expired', __('Please log in again to extend your session.'), 'message');
     622        }
     623
    622624        login_header(__('Log In'), '', $errors);
    623625
    624626        if ( isset($_POST['log']) )
     
    640642        <p class="submit">
    641643                <input type="submit" name="wp-submit" id="wp-submit" class="button-primary" value="<?php esc_attr_e('Log In'); ?>" tabindex="100" />
    642644<?php   if ( $interim_login ) { ?>
    643                 <input type="hidden" name="interim-login" value="1" />
    644 <?php   } else { ?>
     645                <input type="hidden" name="interim-login" value="<?php echo (int) $interim_login; ?>" />
     646<?php   } ?>
    645647                <input type="hidden" name="redirect_to" value="<?php echo esc_attr($redirect_to); ?>" />
    646 <?php   } ?>
    647648                <input type="hidden" name="testcookie" value="1" />
    648649        </p>
    649650</form>