Make WordPress Core

Ticket #21111: 21111-ip-useragent.diff

File 21111-ip-useragent.diff, 651 bytes (added by sc0ttkclark, 12 years ago)

Here's another potential fix, which doesn't use a filter, and instead works off of REMOTE_ADDR + HTTP_USER_AGENT

  • pluggable.php

     
    12561256function wp_verify_nonce($nonce, $action = -1) {
    12571257        $user = wp_get_current_user();
    12581258        $uid = (int) $user->ID;
     1259        if ( empty( $uid ) )
     1260                $uid = $_SERVER[ 'REMOTE_ADDR' ] . $_SERVER[ 'HTTP_USER_AGENT' ];
    12591261
    12601262        $i = wp_nonce_tick();
    12611263
     
    12821284function wp_create_nonce($action = -1) {
    12831285        $user = wp_get_current_user();
    12841286        $uid = (int) $user->ID;
     1287        if ( empty( $uid ) )
     1288                $uid = $_SERVER[ 'REMOTE_ADDR' ] . $_SERVER[ 'HTTP_USER_AGENT' ];
    12851289
    12861290        $i = wp_nonce_tick();
    12871291