diff --git src/wp-includes/pluggable.php src/wp-includes/pluggable.php
index c51e5b6..5ab5873 100644
|
|
function wp_verify_nonce($nonce, $action = -1) { |
1681 | 1681 | $i = wp_nonce_tick(); |
1682 | 1682 | |
1683 | 1683 | // Nonce generated 0-12 hours ago |
1684 | | if ( substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10) === $nonce ) |
| 1684 | if ( substr(wp_hash($i . $action . $uid, 'nonce'), -12, 10) === $nonce ) { |
1685 | 1685 | return 1; |
1686 | 1686 | // Nonce generated 12-24 hours ago |
1687 | | if ( substr(wp_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) === $nonce ) |
| 1687 | } elseif ( substr(wp_hash(($i - 1) . $action . $uid, 'nonce'), -12, 10) === $nonce ) { |
1688 | 1688 | return 2; |
1689 | | // Invalid nonce |
1690 | | return false; |
| 1689 | } else { |
| 1690 | /** |
| 1691 | * Fires when nonce verification fails. |
| 1692 | * |
| 1693 | * @since 3.9.2 |
| 1694 | * |
| 1695 | * @param int $uid ID of the nonce-owning user. |
| 1696 | * @param string $action The nonce action. |
| 1697 | */ |
| 1698 | do_action( 'wp_verify_nonce_failed', $uid, $action ); |
| 1699 | // Invalid nonce |
| 1700 | return false; |
| 1701 | } |
1691 | 1702 | } |
1692 | 1703 | endif; |
1693 | 1704 | |